Canonical USN OVAL Generator 1 5.11.1 2024-05-04T03:27:09 Copyright (C) 2024 Canonical LTD. All rights reserved. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License version 3 for more details. You should have received a copy of the GNU General Public License version 3 along with this program. If not, see http://www.gnu.org/licenses/. Ubuntu 20.04 LTS USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, and also introduces further hardening measures. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. (CVE-2019-11481) Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11482) Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11483) Sander Bos discovered Apport mishandled lock-file creation. This could be used by a local attacker to cause a denial of service against Apport. (CVE-2019-11485) Kevin Backhouse discovered Apport read various process-specific files with elevated privileges during crash dump generation. This could could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-15790) Update Instructions: Run `sudo pro fix USN-4171-6` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.12 apport-kde - 2.20.11-0ubuntu27.12 apport-retrace - 2.20.11-0ubuntu27.12 apport-valgrind - 2.20.11-0ubuntu27.12 python3-apport - 2.20.11-0ubuntu27.12 dh-apport - 2.20.11-0ubuntu27.12 apport-gtk - 2.20.11-0ubuntu27.12 apport - 2.20.11-0ubuntu27.12 apport-noui - 2.20.11-0ubuntu27.12 No subscription required None https://launchpad.net/bugs/1903332 Ubuntu 20.04 LTS USN-4330-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash. (CVE-2020-7064) It was discovered that PHP incorrectly handled certain UTF strings. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2020-7065) It was discovered that PHP incorrectly handled certain URLs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-7066) Update Instructions: Run `sudo pro fix USN-4330-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu1.1 php7.4 - 7.4.3-4ubuntu1.1 php7.4-dba - 7.4.3-4ubuntu1.1 php7.4-bcmath - 7.4.3-4ubuntu1.1 php7.4-xmlrpc - 7.4.3-4ubuntu1.1 php7.4-intl - 7.4.3-4ubuntu1.1 php7.4-phpdbg - 7.4.3-4ubuntu1.1 php7.4-sybase - 7.4.3-4ubuntu1.1 php7.4-ldap - 7.4.3-4ubuntu1.1 php7.4-readline - 7.4.3-4ubuntu1.1 php7.4-curl - 7.4.3-4ubuntu1.1 php7.4-xsl - 7.4.3-4ubuntu1.1 php7.4-pgsql - 7.4.3-4ubuntu1.1 php7.4-pspell - 7.4.3-4ubuntu1.1 php7.4-zip - 7.4.3-4ubuntu1.1 php7.4-enchant - 7.4.3-4ubuntu1.1 php7.4-odbc - 7.4.3-4ubuntu1.1 php7.4-json - 7.4.3-4ubuntu1.1 php7.4-mbstring - 7.4.3-4ubuntu1.1 php7.4-imap - 7.4.3-4ubuntu1.1 php7.4-bz2 - 7.4.3-4ubuntu1.1 php7.4-cgi - 7.4.3-4ubuntu1.1 php7.4-common - 7.4.3-4ubuntu1.1 php7.4-dev - 7.4.3-4ubuntu1.1 php7.4-interbase - 7.4.3-4ubuntu1.1 php7.4-tidy - 7.4.3-4ubuntu1.1 php7.4-gmp - 7.4.3-4ubuntu1.1 php7.4-sqlite3 - 7.4.3-4ubuntu1.1 php7.4-fpm - 7.4.3-4ubuntu1.1 php7.4-soap - 7.4.3-4ubuntu1.1 php7.4-cli - 7.4.3-4ubuntu1.1 libphp7.4-embed - 7.4.3-4ubuntu1.1 libapache2-mod-php7.4 - 7.4.3-4ubuntu1.1 php7.4-mysql - 7.4.3-4ubuntu1.1 php7.4-snmp - 7.4.3-4ubuntu1.1 php7.4-xml - 7.4.3-4ubuntu1.1 php7.4-opcache - 7.4.3-4ubuntu1.1 No subscription required Medium CVE-2020-7064 CVE-2020-7065 CVE-2020-7066 Ubuntu 20.04 LTS USN-4332-1 fixed vulnerabilities in File Roller. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4332-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: file-roller - 3.36.1-1ubuntu0.1 No subscription required Medium CVE-2020-11736 Ubuntu 20.04 LTS USN-4333-1 fixed vulnerabilities in Python. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. (CVE-2019-18348) It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-8492) Update Instructions: Run `sudo pro fix USN-4333-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.2-1ubuntu1.1 python3.8-examples - 3.8.2-1ubuntu1.1 python3.8-dev - 3.8.2-1ubuntu1.1 libpython3.8-minimal - 3.8.2-1ubuntu1.1 libpython3.8-dev - 3.8.2-1ubuntu1.1 python3.8-venv - 3.8.2-1ubuntu1.1 libpython3.8 - 3.8.2-1ubuntu1.1 idle-python3.8 - 3.8.2-1ubuntu1.1 libpython3.8-testsuite - 3.8.2-1ubuntu1.1 libpython3.8-stdlib - 3.8.2-1ubuntu1.1 python3.8 - 3.8.2-1ubuntu1.1 python3.8-doc - 3.8.2-1ubuntu1.1 No subscription required Medium CVE-2019-18348 CVE-2020-8492 Ubuntu 20.04 LTS USN-4338-1 fixed vulnerabilities in re2c. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: Agostino Sarubbo discovered that re2c incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4338-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: re2c - 1.3-1ubuntu0.1 No subscription required Medium CVE-2020-11958 Ubuntu 20.04 LTS Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS. (CVE-2017-9111, CVE-2017-9113, CVE-2017-9115) Tan Jie discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS. (CVE-2018-18444) Samuel Groß discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. (CVE-2020-11758, CVE-2020-11759, CVE-2020-11760, CVE-2020-11761, CVE-2020-11762, CVE-2020-11763, CVE-2020-11764) It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service. (CVE-2020-11765) Update Instructions: Run `sudo pro fix USN-4339-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenexr-dev - 2.3.0-6ubuntu0.1 openexr - 2.3.0-6ubuntu0.1 libopenexr24 - 2.3.0-6ubuntu0.1 openexr-doc - 2.3.0-6ubuntu0.1 No subscription required Medium CVE-2017-9111 CVE-2017-9113 CVE-2017-9115 CVE-2018-18444 CVE-2020-11758 CVE-2020-11759 CVE-2020-11760 CVE-2020-11761 CVE-2020-11762 CVE-2020-11763 CVE-2020-11764 CVE-2020-11765 Ubuntu 20.04 LTS It was discovered that CUPS incorrectly handled certain language values. A local attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. (CVE-2019-2228) Stephan Zeisberg discovered that CUPS incorrectly handled certain malformed ppd files. A local attacker could possibly use this issue to execute arbitrary code. (CVE-2020-3898) Update Instructions: Run `sudo pro fix USN-4340-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcups2-dev - 2.3.1-9ubuntu1.1 cups-bsd - 2.3.1-9ubuntu1.1 cups-common - 2.3.1-9ubuntu1.1 cups-core-drivers - 2.3.1-9ubuntu1.1 cups-server-common - 2.3.1-9ubuntu1.1 libcupsimage2 - 2.3.1-9ubuntu1.1 cups-client - 2.3.1-9ubuntu1.1 cups-ipp-utils - 2.3.1-9ubuntu1.1 libcups2 - 2.3.1-9ubuntu1.1 cups-ppdc - 2.3.1-9ubuntu1.1 cups - 2.3.1-9ubuntu1.1 libcupsimage2-dev - 2.3.1-9ubuntu1.1 cups-daemon - 2.3.1-9ubuntu1.1 No subscription required Medium CVE-2019-2228 CVE-2020-3898 Ubuntu 20.04 LTS Andrei Popa discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10700) It was discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could possibly use this issue to cause Samba to consume resources, resulting in a denial of service. (CVE-2020-10704) Update Instructions: Run `sudo pro fix USN-4341-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.11.6+dfsg-0ubuntu1.1 samba - 2:4.11.6+dfsg-0ubuntu1.1 libnss-winbind - 2:4.11.6+dfsg-0ubuntu1.1 libpam-winbind - 2:4.11.6+dfsg-0ubuntu1.1 libsmbclient - 2:4.11.6+dfsg-0ubuntu1.1 smbclient - 2:4.11.6+dfsg-0ubuntu1.1 winbind - 2:4.11.6+dfsg-0ubuntu1.1 samba-testsuite - 2:4.11.6+dfsg-0ubuntu1.1 python3-samba - 2:4.11.6+dfsg-0ubuntu1.1 samba-common-bin - 2:4.11.6+dfsg-0ubuntu1.1 libwbclient0 - 2:4.11.6+dfsg-0ubuntu1.1 samba-dsdb-modules - 2:4.11.6+dfsg-0ubuntu1.1 samba-dev - 2:4.11.6+dfsg-0ubuntu1.1 libsmbclient-dev - 2:4.11.6+dfsg-0ubuntu1.1 samba-vfs-modules - 2:4.11.6+dfsg-0ubuntu1.1 samba-common - 2:4.11.6+dfsg-0ubuntu1.1 registry-tools - 2:4.11.6+dfsg-0ubuntu1.1 samba-libs - 2:4.11.6+dfsg-0ubuntu1.1 ctdb - 2:4.11.6+dfsg-0ubuntu1.1 No subscription required Medium CVE-2020-10700 CVE-2020-10704 Ubuntu 20.04 LTS Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4343-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-28-generic-lpae - 5.4.0-28.32 linux-image-5.4.0-28-generic - 5.4.0-28.32 linux-image-5.4.0-28-lowlatency - 5.4.0-28.32 No subscription required linux-image-virtual-hwe-20.04 - 5.4.0.28.33 linux-image-generic-lpae-hwe-20.04 - 5.4.0.28.33 linux-image-lowlatency-hwe-18.04 - 5.4.0.28.33 linux-image-generic-lpae - 5.4.0.28.33 linux-image-virtual-hwe-18.04 - 5.4.0.28.33 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.28.33 linux-image-generic-lpae-hwe-18.04 - 5.4.0.28.33 linux-image-oem - 5.4.0.28.33 linux-image-generic-hwe-20.04 - 5.4.0.28.33 linux-image-lowlatency-hwe-20.04 - 5.4.0.28.33 linux-image-oem-osp1 - 5.4.0.28.33 linux-image-generic - 5.4.0.28.33 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.28.33 linux-image-generic-hwe-18.04-edge - 5.4.0.28.33 linux-image-lowlatency - 5.4.0.28.33 linux-image-generic-hwe-18.04 - 5.4.0.28.33 linux-image-virtual-hwe-18.04-edge - 5.4.0.28.33 linux-image-virtual - 5.4.0.28.33 No subscription required High CVE-2020-11884 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4347-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.28.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.28.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.28.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.28.2-0ubuntu0.20.04.1 webkit2gtk-driver - 2.28.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.28.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.28.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.28.2-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.28.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.28.2-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-3899 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.80 in Ubuntu 19.10 and Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.30. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-30.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-20.html https://www.oracle.com/security-alerts/cpuapr2020.html Update Instructions: Run `sudo pro fix USN-4350-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.20-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.20-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.20-0ubuntu0.20.04.1 mysql-router - 8.0.20-0ubuntu0.20.04.1 mysql-server - 8.0.20-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.20-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.20-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.20-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.20-0ubuntu0.20.04.1 mysql-testsuite - 8.0.20-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.20-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.20-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-2759 CVE-2020-2760 CVE-2020-2762 CVE-2020-2763 CVE-2020-2765 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2892 CVE-2020-2893 CVE-2020-2895 CVE-2020-2896 CVE-2020-2897 CVE-2020-2898 CVE-2020-2901 CVE-2020-2903 CVE-2020-2904 CVE-2020-2921 CVE-2020-2922 CVE-2020-2923 CVE-2020-2924 CVE-2020-2925 CVE-2020-2926 CVE-2020-2928 CVE-2020-2930 Ubuntu 20.04 LTS It was discovered that OpenLDAP incorrectly handled certain queries. A remote attacker could possibly use this issue to cause OpenLDAP to consume resources, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4352-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.2 libldap-common - 2.4.49+dfsg-2ubuntu1.2 slapd-contrib - 2.4.49+dfsg-2ubuntu1.2 slapi-dev - 2.4.49+dfsg-2ubuntu1.2 ldap-utils - 2.4.49+dfsg-2ubuntu1.2 libldap2-dev - 2.4.49+dfsg-2ubuntu1.2 slapd - 2.4.49+dfsg-2ubuntu1.2 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.2 No subscription required Medium CVE-2020-12243 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the URL bar, or execute arbitrary code. (CVE-2020-6831, CVE-2020-12387, CVE-2020-12390, CVE-2020-12391, CVE-2020-12394, CVE-2020-12395, CVE-2020-12396) It was discovered that the Devtools’ ‘Copy as cURL’ feature did not properly escape the HTTP POST data of a request. If a user were tricked in to using the ‘Copy as cURL’ feature to copy and paste a command with specially crafted data in to a terminal, an attacker could potentially exploit this to obtain sensitive information from local files. (CVE-2020-12392) Update Instructions: Run `sudo pro fix USN-4353-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 76.0+build2-0ubuntu0.20.04.1 firefox - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 76.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 76.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 76.0+build2-0ubuntu0.20.04.1 firefox-dev - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 76.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-12387 CVE-2020-12390 CVE-2020-12391 CVE-2020-12392 CVE-2020-12394 CVE-2020-12395 CVE-2020-12396 CVE-2020-6831 Ubuntu 20.04 LTS USN-4353-1 fixed vulnerabilities in Firefox. The update caused a regression that impaired the functionality of some addons. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the URL bar, or execute arbitrary code. (CVE-2020-6831, CVE-2020-12387, CVE-2020-12390, CVE-2020-12391, CVE-2020-12394, CVE-2020-12395, CVE-2020-12396) It was discovered that the Devtools’ ‘Copy as cURL’ feature did not properly HTTP POST data of a request. If a user were tricked in to using the ‘Copy as cURL’ feature to copy and paste a command with specially crafted data in to a terminal, an attacker could potentially exploit this to obtain sensitive information from local files. (CVE-2020-12392) Update Instructions: Run `sudo pro fix USN-4353-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 76.0.1+build1-0ubuntu0.20.04.1 firefox - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 76.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 76.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 76.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 76.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1878251 Ubuntu 20.04 LTS PulseAudio in Ubuntu contains additional functionality to mediate audio recording for snap packages and it was discovered that this functionality did not mediate PulseAudio module unloading. An attacker-controlled snap with only the audio-playback interface connected could exploit this to bypass access controls and record audio. Update Instructions: Run `sudo pro fix USN-4355-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpulse0 - 1:13.99.1-1ubuntu3.2 pulseaudio-module-zeroconf - 1:13.99.1-1ubuntu3.2 pulseaudio-module-gsettings - 1:13.99.1-1ubuntu3.2 pulseaudio-module-bluetooth - 1:13.99.1-1ubuntu3.2 libpulse-dev - 1:13.99.1-1ubuntu3.2 pulseaudio-utils - 1:13.99.1-1ubuntu3.2 pulseaudio-module-raop - 1:13.99.1-1ubuntu3.2 pulseaudio - 1:13.99.1-1ubuntu3.2 libpulsedsp - 1:13.99.1-1ubuntu3.2 pulseaudio-equalizer - 1:13.99.1-1ubuntu3.2 libpulse-mainloop-glib0 - 1:13.99.1-1ubuntu3.2 pulseaudio-module-lirc - 1:13.99.1-1ubuntu3.2 pulseaudio-module-jack - 1:13.99.1-1ubuntu3.2 No subscription required Medium CVE-2020-11931 https://launchpad.net/bugs/1877102 Ubuntu 20.04 LTS Jeriko One discovered that Squid incorrectly handled certain Edge Side Includes (ESI) responses. A malicious remote server could cause Squid to crash, possibly poison the cache, or possibly execute arbitrary code. (CVE-2019-12519, CVE-2019-12521) It was discovered that Squid incorrectly handled the hostname parameter to cachemgr.cgi when certain browsers are used. A remote attacker could possibly use this issue to inject HTML or invalid characters in the hostname parameter. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. (CVE-2019-18860) Clément Berthaux and Florian Guilbert discovered that Squid incorrectly handled Digest Authentication nonce values. A remote attacker could use this issue to replay nonce values, or possibly execute arbitrary code. (CVE-2020-11945) Update Instructions: Run `sudo pro fix USN-4356-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.1 squidclient - 4.10-1ubuntu1.1 squid-purge - 4.10-1ubuntu1.1 squid - 4.10-1ubuntu1.1 squid-cgi - 4.10-1ubuntu1.1 No subscription required Medium CVE-2019-12519 CVE-2019-12521 CVE-2019-18860 CVE-2020-11945 Ubuntu 20.04 LTS It was discovered that libexif incorrectly handled certain tags. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-20030) It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. (CVE-2020-12767) Update Instructions: Run `sudo pro fix USN-4358-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libexif-doc - 0.6.21-6ubuntu0.1 libexif-dev - 0.6.21-6ubuntu0.1 libexif12 - 0.6.21-6ubuntu0.1 No subscription required Medium CVE-2018-20030 CVE-2020-12767 Ubuntu 20.04 LTS It was discovered that APT incorrectly handled certain filenames during package installation. If an attacker could provide a specially crafted package to be installed by the system administrator, this could cause APT to crash. Update Instructions: Run `sudo pro fix USN-4359-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apt-doc - 2.0.2ubuntu0.1 libapt-pkg6.0 - 2.0.2ubuntu0.1 apt-transport-https - 2.0.2ubuntu0.1 libapt-pkg-doc - 2.0.2ubuntu0.1 apt - 2.0.2ubuntu0.1 apt-utils - 2.0.2ubuntu0.1 libapt-pkg-dev - 2.0.2ubuntu0.1 No subscription required Medium CVE-2020-3810 Ubuntu 20.04 LTS It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4360-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjson-c4-udeb - 0.13.1+dfsg-7ubuntu0.1 libjson-c-doc - 0.13.1+dfsg-7ubuntu0.1 libjson-c-dev - 0.13.1+dfsg-7ubuntu0.1 libjson-c4 - 0.13.1+dfsg-7ubuntu0.1 No subscription required Medium CVE-2020-12762 Ubuntu 20.04 LTS USN-4360-1 fixed a vulnerability in json-c. The security fix introduced a memory leak in some scenarios. This update reverts the security fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4360-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjson-c4-udeb - 0.13.1+dfsg-7ubuntu0.2 libjson-c-doc - 0.13.1+dfsg-7ubuntu0.2 libjson-c-dev - 0.13.1+dfsg-7ubuntu0.2 libjson-c4 - 0.13.1+dfsg-7ubuntu0.2 No subscription required None https://launchpad.net/bugs/1878723 Ubuntu 20.04 LTS USN-4360-1 fixed a vulnerability in json-c. The security fix introduced a memory leak that was reverted in USN-4360-2 and USN-4360-3. This update provides the correct fix update for CVE-2020-12762. Original advisory details: It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4360-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjson-c4-udeb - 0.13.1+dfsg-7ubuntu0.3 libjson-c-doc - 0.13.1+dfsg-7ubuntu0.3 libjson-c-dev - 0.13.1+dfsg-7ubuntu0.3 libjson-c4 - 0.13.1+dfsg-7ubuntu0.3 No subscription required Medium CVE-2020-12762 Ubuntu 20.04 LTS Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-10957, CVE-2020-10967) Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2020-10958) Update Instructions: Run `sudo pro fix USN-4361-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dovecot-auth-lua - 1:2.3.7.2-1ubuntu3.1 dovecot-pgsql - 1:2.3.7.2-1ubuntu3.1 dovecot-mysql - 1:2.3.7.2-1ubuntu3.1 dovecot-sieve - 1:2.3.7.2-1ubuntu3.1 dovecot-core - 1:2.3.7.2-1ubuntu3.1 dovecot-ldap - 1:2.3.7.2-1ubuntu3.1 dovecot-sqlite - 1:2.3.7.2-1ubuntu3.1 dovecot-dev - 1:2.3.7.2-1ubuntu3.1 dovecot-pop3d - 1:2.3.7.2-1ubuntu3.1 dovecot-imapd - 1:2.3.7.2-1ubuntu3.1 dovecot-managesieved - 1:2.3.7.2-1ubuntu3.1 dovecot-lucene - 1:2.3.7.2-1ubuntu3.1 mail-stack-delivery - 1:2.3.7.2-1ubuntu3.1 dovecot-gssapi - 1:2.3.7.2-1ubuntu3.1 dovecot-solr - 1:2.3.7.2-1ubuntu3.1 dovecot-submissiond - 1:2.3.7.2-1ubuntu3.1 dovecot-lmtpd - 1:2.3.7.2-1ubuntu3.1 No subscription required Medium CVE-2020-10957 CVE-2020-10958 CVE-2020-10967 Ubuntu 20.04 LTS It was discovered that DPDK incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2020-10722, CVE-2020-10723, CVE-2020-10724, CVE-2020-10725, CVE-2020-10726) Update Instructions: Run `sudo pro fix USN-4362-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librte-pmd-octeontx-crypto20.0 - 19.11.1-0ubuntu1.1 librte-pmd-memif20.0 - 19.11.1-0ubuntu1.1 dpdk-igb-uio-dkms - 19.11.1-0ubuntu1.1 librte-pmd-iavf20.0 - 19.11.1-0ubuntu1.1 librte-pmd-enic20.0 - 19.11.1-0ubuntu1.1 librte-pmd-af-packet20.0 - 19.11.1-0ubuntu1.1 librte-pmd-netvsc20.0 - 19.11.1-0ubuntu1.1 librte-pmd-octeontx2-event20.0 - 19.11.1-0ubuntu1.1 librte-bus-ifpga20.0 - 19.11.1-0ubuntu1.1 librte-mempool-dpaa2-20.0 - 19.11.1-0ubuntu1.1 librte-stack0.200 - 19.11.1-0ubuntu1.1 librte-pmd-e1000-20.0 - 19.11.1-0ubuntu1.1 librte-pmd-dpaa2-20.0 - 19.11.1-0ubuntu1.1 librte-pmd-bbdev-null20.0 - 19.11.1-0ubuntu1.1 librte-pipeline20.0 - 19.11.1-0ubuntu1.1 librte-sched20.0 - 19.11.1-0ubuntu1.1 librte-distributor20.0 - 19.11.1-0ubuntu1.1 librte-efd20.0 - 19.11.1-0ubuntu1.1 librte-pmd-ark20.0 - 19.11.1-0ubuntu1.1 librte-gro20.0 - 19.11.1-0ubuntu1.1 librte-pmd-dpaa20.0 - 19.11.1-0ubuntu1.1 librte-pmd-sfc20.0 - 19.11.1-0ubuntu1.1 librte-pmd-failsafe20.0 - 19.11.1-0ubuntu1.1 librte-pmd-pcap20.0 - 19.11.1-0ubuntu1.1 librte-rawdev20.0 - 19.11.1-0ubuntu1.1 librte-meter20.0 - 19.11.1-0ubuntu1.1 librte-hash20.0 - 19.11.1-0ubuntu1.1 librte-ring20.0 - 19.11.1-0ubuntu1.1 librte-mempool-octeontx20.0 - 19.11.1-0ubuntu1.1 librte-telemetry0.200 - 19.11.1-0ubuntu1.1 librte-rawdev-skeleton20.0 - 19.11.1-0ubuntu1.1 librte-pmd-bond20.0 - 19.11.1-0ubuntu1.1 librte-pmd-hinic20.0 - 19.11.1-0ubuntu1.1 librte-pmd-skeleton-event20.0 - 19.11.1-0ubuntu1.1 librte-pmd-mlx5-20.0 - 19.11.1-0ubuntu1.1 librte-pmd-octeontx20.0 - 19.11.1-0ubuntu1.1 librte-rawdev-dpaa2-cmdif20.0 - 19.11.1-0ubuntu1.1 librte-pmd-fm10k20.0 - 19.11.1-0ubuntu1.1 librte-cryptodev20.0 - 19.11.1-0ubuntu1.1 librte-pmd-i40e20.0 - 19.11.1-0ubuntu1.1 librte-cmdline20.0 - 19.11.1-0ubuntu1.1 librte-jobstats20.0 - 19.11.1-0ubuntu1.1 dpdk-dev - 19.11.1-0ubuntu1.1 librte-pmd-ccp20.0 - 19.11.1-0ubuntu1.1 librte-pmd-atlantic20.0 - 19.11.1-0ubuntu1.1 librte-pmd-sw-event20.0 - 19.11.1-0ubuntu1.1 librte-ip-frag20.0 - 19.11.1-0ubuntu1.1 librte-pmd-isal20.0 - 19.11.1-0ubuntu1.1 librte-pmd-dsw-event20.0 - 19.11.1-0ubuntu1.1 librte-pmd-nitrox20.0 - 19.11.1-0ubuntu1.1 librte-pmd-kni20.0 - 19.11.1-0ubuntu1.1 librte-mempool-bucket20.0 - 19.11.1-0ubuntu1.1 librte-pmd-dpaa2-event20.0 - 19.11.1-0ubuntu1.1 librte-gso20.0 - 19.11.1-0ubuntu1.1 librte-pmd-vdev-netvsc20.0 - 19.11.1-0ubuntu1.1 librte-pmd-openssl20.0 - 19.11.1-0ubuntu1.1 librte-pmd-bnx2x20.0 - 19.11.1-0ubuntu1.1 librte-pmd-octeontx-compress20.0 - 19.11.1-0ubuntu1.1 librte-rawdev-ioat20.0 - 19.11.1-0ubuntu1.1 librte-mempool-dpaa20.0 - 19.11.1-0ubuntu1.1 librte-latencystats20.0 - 19.11.1-0ubuntu1.1 librte-mempool-octeontx2-20.0 - 19.11.1-0ubuntu1.1 librte-kvargs20.0 - 19.11.1-0ubuntu1.1 librte-bus-fslmc20.0 - 19.11.1-0ubuntu1.1 librte-pmd-avp20.0 - 19.11.1-0ubuntu1.1 librte-pdump20.0 - 19.11.1-0ubuntu1.1 librte-metrics20.0 - 19.11.1-0ubuntu1.1 librte-bbdev0.200 - 19.11.1-0ubuntu1.1 librte-pmd-dpaa-sec20.0 - 19.11.1-0ubuntu1.1 librte-bus-vmbus20.0 - 19.11.1-0ubuntu1.1 librte-pmd-bnxt20.0 - 19.11.1-0ubuntu1.1 librte-timer20.0 - 19.11.1-0ubuntu1.1 librte-cfgfile20.0 - 19.11.1-0ubuntu1.1 librte-rcu0.200 - 19.11.1-0ubuntu1.1 librte-pmd-qat20.0 - 19.11.1-0ubuntu1.1 librte-mempool20.0 - 19.11.1-0ubuntu1.1 libdpdk-dev - 19.11.1-0ubuntu1.1 librte-pmd-null20.0 - 19.11.1-0ubuntu1.1 librte-pmd-virtio20.0 - 19.11.1-0ubuntu1.1 librte-pmd-axgbe20.0 - 19.11.1-0ubuntu1.1 librte-port20.0 - 19.11.1-0ubuntu1.1 librte-pmd-aesni-mb20.0 - 19.11.1-0ubuntu1.1 librte-rawdev-ntb20.0 - 19.11.1-0ubuntu1.1 librte-pmd-softnic20.0 - 19.11.1-0ubuntu1.1 dpdk-doc - 19.11.1-0ubuntu1.1 librte-pmd-mlx4-20.0 - 19.11.1-0ubuntu1.1 librte-net20.0 - 19.11.1-0ubuntu1.1 librte-pmd-bbdev-fpga-lte-fec20.0 - 19.11.1-0ubuntu1.1 librte-pmd-null-crypto20.0 - 19.11.1-0ubuntu1.1 librte-pmd-ena20.0 - 19.11.1-0ubuntu1.1 librte-pmd-ice20.0 - 19.11.1-0ubuntu1.1 librte-common-dpaax20.0 - 19.11.1-0ubuntu1.1 librte-member20.0 - 19.11.1-0ubuntu1.1 librte-bus-pci20.0 - 19.11.1-0ubuntu1.1 librte-kni20.0 - 19.11.1-0ubuntu1.1 librte-pmd-thunderx20.0 - 19.11.1-0ubuntu1.1 librte-common-octeontx20.0 - 19.11.1-0ubuntu1.1 dpdk - 19.11.1-0ubuntu1.1 librte-pmd-ifc20.0 - 19.11.1-0ubuntu1.1 librte-pmd-opdl-event20.0 - 19.11.1-0ubuntu1.1 librte-pci20.0 - 19.11.1-0ubuntu1.1 librte-eal20.0 - 19.11.1-0ubuntu1.1 librte-pmd-bbdev-turbo-sw20.0 - 19.11.1-0ubuntu1.1 librte-ethdev20.0 - 19.11.1-0ubuntu1.1 librte-table20.0 - 19.11.1-0ubuntu1.1 librte-pmd-hns3-20.0 - 19.11.1-0ubuntu1.1 librte-ipsec0.200 - 19.11.1-0ubuntu1.1 librte-pmd-zlib20.0 - 19.11.1-0ubuntu1.1 librte-bitratestats20.0 - 19.11.1-0ubuntu1.1 librte-pmd-dpaa2-sec20.0 - 19.11.1-0ubuntu1.1 librte-pmd-caam-jr20.0 - 19.11.1-0ubuntu1.1 librte-rawdev-octeontx2-dma20.0 - 19.11.1-0ubuntu1.1 librte-mbuf20.0 - 19.11.1-0ubuntu1.1 librte-pmd-octeontx-event20.0 - 19.11.1-0ubuntu1.1 librte-mempool-stack20.0 - 19.11.1-0ubuntu1.1 librte-power20.0 - 19.11.1-0ubuntu1.1 librte-pmd-liquidio20.0 - 19.11.1-0ubuntu1.1 librte-vhost20.0 - 19.11.1-0ubuntu1.1 librte-pmd-vhost20.0 - 19.11.1-0ubuntu1.1 librte-pmd-virtio-crypto20.0 - 19.11.1-0ubuntu1.1 librte-reorder20.0 - 19.11.1-0ubuntu1.1 librte-pmd-qede20.0 - 19.11.1-0ubuntu1.1 librte-pmd-pfe20.0 - 19.11.1-0ubuntu1.1 librte-flow-classify0.200 - 19.11.1-0ubuntu1.1 librte-rib0.200 - 19.11.1-0ubuntu1.1 librte-pmd-octeontx2-20.0 - 19.11.1-0ubuntu1.1 librte-pmd-cxgbe20.0 - 19.11.1-0ubuntu1.1 librte-mempool-ring20.0 - 19.11.1-0ubuntu1.1 librte-acl20.0 - 19.11.1-0ubuntu1.1 librte-common-cpt20.0 - 19.11.1-0ubuntu1.1 librte-pmd-aesni-gcm20.0 - 19.11.1-0ubuntu1.1 librte-rawdev-dpaa2-qdma20.0 - 19.11.1-0ubuntu1.1 librte-lpm20.0 - 19.11.1-0ubuntu1.1 librte-pmd-tap20.0 - 19.11.1-0ubuntu1.1 librte-eventdev20.0 - 19.11.1-0ubuntu1.1 librte-pmd-nfp20.0 - 19.11.1-0ubuntu1.1 librte-bus-dpaa20.0 - 19.11.1-0ubuntu1.1 librte-pmd-ring20.0 - 19.11.1-0ubuntu1.1 librte-bus-vdev20.0 - 19.11.1-0ubuntu1.1 librte-common-octeontx2-20.0 - 19.11.1-0ubuntu1.1 librte-pmd-ixgbe20.0 - 19.11.1-0ubuntu1.1 librte-pmd-vmxnet3-20.0 - 19.11.1-0ubuntu1.1 librte-pmd-crypto-scheduler20.0 - 19.11.1-0ubuntu1.1 librte-pmd-enetc20.0 - 19.11.1-0ubuntu1.1 librte-pmd-dpaa-event20.0 - 19.11.1-0ubuntu1.1 librte-pmd-octeontx2-crypto20.0 - 19.11.1-0ubuntu1.1 librte-security20.0 - 19.11.1-0ubuntu1.1 librte-compressdev0.200 - 19.11.1-0ubuntu1.1 librte-fib0.200 - 19.11.1-0ubuntu1.1 librte-bpf0.200 - 19.11.1-0ubuntu1.1 No subscription required Medium CVE-2020-10722 CVE-2020-10723 CVE-2020-10724 CVE-2020-10725 CVE-2020-10726 Ubuntu 20.04 LTS Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. (CVE-2020-8616) Tobias Klein discovered that Bind incorrectly handled checking TSIG validity. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly perform other attacks. (CVE-2020-8617) Update Instructions: Run `sudo pro fix USN-4365-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.1 bind9-libs - 1:9.16.1-0ubuntu2.1 bind9utils - 1:9.16.1-0ubuntu2.1 bind9-doc - 1:9.16.1-0ubuntu2.1 bind9-utils - 1:9.16.1-0ubuntu2.1 bind9 - 1:9.16.1-0ubuntu2.1 bind9-dnsutils - 1:9.16.1-0ubuntu2.1 bind9-host - 1:9.16.1-0ubuntu2.1 No subscription required Medium CVE-2020-8616 CVE-2020-8617 Ubuntu 20.04 LTS It was discovered that Exim incorrectly handled certain inputs. An remote attacker could possibly use this issue to access sensitive information or authentication bypass. Update Instructions: Run `sudo pro fix USN-4366-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4-dev - 4.93-13ubuntu1.1 eximon4 - 4.93-13ubuntu1.1 exim4 - 4.93-13ubuntu1.1 exim4-daemon-light - 4.93-13ubuntu1.1 exim4-config - 4.93-13ubuntu1.1 exim4-daemon-heavy - 4.93-13ubuntu1.1 exim4-base - 4.93-13ubuntu1.1 No subscription required Medium CVE-2020-12783 Ubuntu 20.04 LTS It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service (system crash). (CVE-2019-19377) It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565) It was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657) Update Instructions: Run `sudo pro fix USN-4367-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1011-aws - 5.4.0-1011.11 linux-image-5.4.0-1011-gcp - 5.4.0-1011.11 linux-image-5.4.0-1011-kvm - 5.4.0-1011.11 linux-image-5.4.0-1011-raspi - 5.4.0-1011.11 linux-image-5.4.0-1011-oracle - 5.4.0-1011.11 No subscription required linux-image-5.4.0-1012-azure - 5.4.0-1012.12 No subscription required linux-image-5.4.0-26-generic - 5.4.0-26.30 No subscription required linux-image-5.4.0-31-lowlatency - 5.4.0-31.35 linux-image-5.4.0-31-generic - 5.4.0-31.35 linux-image-5.4.0-31-generic-lpae - 5.4.0-31.35 No subscription required linux-image-raspi - 5.4.0.1011.11 linux-image-raspi2 - 5.4.0.1011.11 No subscription required linux-image-gke - 5.4.0.1011.12 linux-image-oracle - 5.4.0.1011.12 linux-image-kvm - 5.4.0.1011.12 linux-image-gcp - 5.4.0.1011.12 No subscription required linux-image-aws - 5.4.0.1011.14 No subscription required linux-image-azure - 5.4.0.1012.14 No subscription required linux-image-oem-osp1 - 5.4.0.31.36 linux-image-generic-hwe-20.04 - 5.4.0.31.36 linux-image-generic-hwe-18.04 - 5.4.0.31.36 linux-image-generic-lpae-hwe-20.04 - 5.4.0.31.36 linux-image-generic-lpae-hwe-18.04 - 5.4.0.31.36 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.31.36 linux-image-virtual - 5.4.0.31.36 linux-image-virtual-hwe-20.04 - 5.4.0.31.36 linux-image-lowlatency-hwe-18.04 - 5.4.0.31.36 linux-image-generic - 5.4.0.31.36 linux-image-virtual-hwe-18.04 - 5.4.0.31.36 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.31.36 linux-image-oem - 5.4.0.31.36 linux-image-generic-hwe-18.04-edge - 5.4.0.31.36 linux-image-generic-lpae - 5.4.0.31.36 linux-image-virtual-hwe-18.04-edge - 5.4.0.31.36 linux-image-lowlatency-hwe-20.04 - 5.4.0.31.36 linux-image-lowlatency - 5.4.0.31.36 No subscription required Medium CVE-2019-19377 CVE-2020-11565 CVE-2020-12657 CVE-2020-12826 Ubuntu 20.04 LTS USN-4367-1 fixed vulnerabilities in the 5.4 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service (system crash). (CVE-2019-19377) It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565) It was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657) Update Instructions: Run `sudo pro fix USN-4367-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-33-generic - 5.4.0-33.37 linux-image-5.4.0-33-lowlatency - 5.4.0-33.37 linux-image-5.4.0-33-generic-lpae - 5.4.0-33.37 No subscription required linux-image-virtual-hwe-20.04 - 5.4.0.33.38 linux-image-generic-lpae-hwe-20.04 - 5.4.0.33.38 linux-image-lowlatency-hwe-18.04 - 5.4.0.33.38 linux-image-generic-lpae - 5.4.0.33.38 linux-image-virtual-hwe-18.04 - 5.4.0.33.38 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.33.38 linux-image-generic-lpae-hwe-18.04 - 5.4.0.33.38 linux-image-oem - 5.4.0.33.38 linux-image-generic-hwe-20.04 - 5.4.0.33.38 linux-image-lowlatency-hwe-20.04 - 5.4.0.33.38 linux-image-oem-osp1 - 5.4.0.33.38 linux-image-generic - 5.4.0.33.38 linux-image-lowlatency - 5.4.0.33.38 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.33.38 linux-image-generic-hwe-18.04-edge - 5.4.0.33.38 linux-image-generic-hwe-18.04 - 5.4.0.33.38 linux-image-virtual-hwe-18.04-edge - 5.4.0.33.38 linux-image-virtual - 5.4.0.33.38 No subscription required None https://launchpad.net/bugs/1879690 Ubuntu 20.04 LTS It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2020-3327) It was discovered that ClamAV incorrectly handled parsing PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2020-3341) Update Instructions: Run `sudo pro fix USN-4370-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav-base - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.102.3+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.102.3+dfsg-0ubuntu0.20.04.1 clamdscan - 0.102.3+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-3327 CVE-2020-3341 Ubuntu 20.04 LTS It was discovered that QEMU incorrectly handled bochs-display devices. A local attacker in a guest could use this to cause a denial of service or possibly execute arbitrary code in the host. This issue only affected Ubuntu 19.10. (CVE-2019-15034) It was discovered that QEMU incorrectly handled memory during certain VNC operations. A remote attacker could possibly use this issue to cause QEMU to consume resources, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. (CVE-2019-20382) It was discovered that QEMU incorrectly generated QEMU Pointer Authentication signatures on ARM. A local attacker could possibly use this issue to bypass PAuth. This issue only affected Ubuntu 19.10. (CVE-2020-10702) Ziming Zhang discovered that QEMU incorrectly handled ATI VGA emulation. A local attacker in a guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-11869) Aviv Sasson discovered that QEMU incorrectly handled Slirp networking. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. (CVE-2020-1983) Update Instructions: Run `sudo pro fix USN-4372-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.1 qemu-system-common - 1:4.2-3ubuntu6.1 qemu-system-data - 1:4.2-3ubuntu6.1 qemu-system-s390x - 1:4.2-3ubuntu6.1 qemu-block-extra - 1:4.2-3ubuntu6.1 qemu-system-misc - 1:4.2-3ubuntu6.1 qemu-user - 1:4.2-3ubuntu6.1 qemu-system-sparc - 1:4.2-3ubuntu6.1 qemu-guest-agent - 1:4.2-3ubuntu6.1 qemu-system - 1:4.2-3ubuntu6.1 qemu-utils - 1:4.2-3ubuntu6.1 qemu-user-static - 1:4.2-3ubuntu6.1 qemu-kvm - 1:4.2-3ubuntu6.1 qemu-user-binfmt - 1:4.2-3ubuntu6.1 qemu-system-x86 - 1:4.2-3ubuntu6.1 qemu-system-arm - 1:4.2-3ubuntu6.1 qemu-system-gui - 1:4.2-3ubuntu6.1 qemu - 1:4.2-3ubuntu6.1 qemu-system-ppc - 1:4.2-3ubuntu6.1 qemu-system-mips - 1:4.2-3ubuntu6.1 qemu-system-x86-xen - 1:4.2-3ubuntu6.1 No subscription required Medium CVE-2019-15034 CVE-2019-20382 CVE-2020-10702 CVE-2020-11869 CVE-2020-1983 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. (CVE-2020-6831, CVE-2020-12387, CVE-2020-12395) It was discovered that the Devtools’ ‘Copy as cURL’ feature did not properly escape the HTTP POST data of a request. If a user were tricked in to using the ‘Copy as cURL’ feature to copy and paste a command with specially crafted data in to a terminal, an attacker could potentially exploit this to obtain sensitive information from local files. (CVE-2020-12392) It was discovered that Thunderbird did not correctly handle Unicode whitespace characters within the From email header. An attacker could potentially exploit this to spoof the sender email address that Thunderbird displays. (CVE-2020-12397) Update Instructions: Run `sudo pro fix USN-4373-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-br - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-bn - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-be - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-bg - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ja - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-sl - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-sk - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-si - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-gnome-support - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-sv - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-sr - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-sq - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-hsb - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-cy - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-cs - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-en - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ca - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-pt-br - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-pa - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ka - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ko - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-kk - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-kab - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-pl - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-zh-tw - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-pt - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-nn-no - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-nb-no - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-bn-bd - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-lt - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-en-gb - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-uz - 1:68.8.0+build2-0ubuntu0.20.04.2 xul-ext-calendar-timezones - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-de - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-da - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-uk - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-dev - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-el - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-en-us - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-rm - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ms - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ro - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-eu - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-et - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-zh-hant - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-zh-hans - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ru - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-es - 1:68.8.0+build2-0ubuntu0.20.04.2 xul-ext-gdata-provider - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-fr - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-es-es - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ta-lk - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-fy - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-fi - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ast - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-nl - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-nn - 1:68.8.0+build2-0ubuntu0.20.04.2 xul-ext-lightning - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ga-ie - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-fy-nl - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-nb - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-mozsymbols - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-zh-cn - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-gl - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ga - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-tr - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-gd - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ta - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-dsb - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-vi - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-hy - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-sv-se - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-hr - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-hu - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-pa-in - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-he - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ar - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-af - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-pt-pt - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-cak - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-is - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-it - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-mk - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-id - 1:68.8.0+build2-0ubuntu0.20.04.2 No subscription required Medium CVE-2020-6831 CVE-2020-12387 CVE-2020-12392 CVE-2020-12395 CVE-2020-12397 Ubuntu 20.04 LTS Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Unbound incorrectly handled certain queries. A remote attacker could use this issue to perform an amplification attack directed at a target. (CVE-2020-12662) It was discovered that Unbound incorrectly handled certain malformed answers. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service. (CVE-2020-12663) Update Instructions: Run `sudo pro fix USN-4374-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: unbound - 1.9.4-2ubuntu1.1 python3-unbound - 1.9.4-2ubuntu1.1 libunbound8 - 1.9.4-2ubuntu1.1 python-unbound - 1.9.4-2ubuntu1.1 unbound-anchor - 1.9.4-2ubuntu1.1 unbound-host - 1.9.4-2ubuntu1.1 libunbound-dev - 1.9.4-2ubuntu1.1 No subscription required Medium CVE-2020-12662 CVE-2020-12663 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-4375-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.2 php7.4 - 7.4.3-4ubuntu2.2 php7.4-dba - 7.4.3-4ubuntu2.2 php7.4-bcmath - 7.4.3-4ubuntu2.2 php7.4-xmlrpc - 7.4.3-4ubuntu2.2 php7.4-intl - 7.4.3-4ubuntu2.2 php7.4-phpdbg - 7.4.3-4ubuntu2.2 php7.4-sybase - 7.4.3-4ubuntu2.2 php7.4-ldap - 7.4.3-4ubuntu2.2 php7.4-readline - 7.4.3-4ubuntu2.2 php7.4-curl - 7.4.3-4ubuntu2.2 php7.4-xsl - 7.4.3-4ubuntu2.2 php7.4-pgsql - 7.4.3-4ubuntu2.2 php7.4-pspell - 7.4.3-4ubuntu2.2 php7.4-zip - 7.4.3-4ubuntu2.2 php7.4-enchant - 7.4.3-4ubuntu2.2 php7.4-odbc - 7.4.3-4ubuntu2.2 php7.4-json - 7.4.3-4ubuntu2.2 php7.4-mbstring - 7.4.3-4ubuntu2.2 php7.4-imap - 7.4.3-4ubuntu2.2 php7.4-bz2 - 7.4.3-4ubuntu2.2 php7.4-cgi - 7.4.3-4ubuntu2.2 php7.4-common - 7.4.3-4ubuntu2.2 php7.4-dev - 7.4.3-4ubuntu2.2 php7.4-interbase - 7.4.3-4ubuntu2.2 php7.4-tidy - 7.4.3-4ubuntu2.2 php7.4-gmp - 7.4.3-4ubuntu2.2 php7.4-sqlite3 - 7.4.3-4ubuntu2.2 php7.4-fpm - 7.4.3-4ubuntu2.2 php7.4-soap - 7.4.3-4ubuntu2.2 php7.4-cli - 7.4.3-4ubuntu2.2 libphp7.4-embed - 7.4.3-4ubuntu2.2 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.2 php7.4-mysql - 7.4.3-4ubuntu2.2 php7.4-snmp - 7.4.3-4ubuntu2.2 php7.4-xml - 7.4.3-4ubuntu2.2 php7.4-opcache - 7.4.3-4ubuntu2.2 No subscription required Medium CVE-2019-11048 Ubuntu 20.04 LTS The ca-certificates package contained an expired CA certificate that caused connectivity issues. This update removes the "AddTrust External Root" CA. In addition, on Ubuntu 16.04 LTS and Ubuntu 18.04 LTS, this update refreshes the included certificates to those contained in the 20190110 package. Update Instructions: Run `sudo pro fix USN-4377-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates-udeb - 20190110ubuntu1.1 ca-certificates - 20190110ubuntu1.1 No subscription required None https://launchpad.net/bugs/1881533 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly exeucte arbitrary code. Update Instructions: Run `sudo pro fix USN-4379-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 freerdp2-shadow-x11 - 2.1.1+dfsg1-0ubuntu0.20.04.1 libfreerdp2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 freerdp2-dev - 2.1.1+dfsg1-0ubuntu0.20.04.1 freerdp2-wayland - 2.1.1+dfsg1-0ubuntu0.20.04.1 libwinpr2-dev - 2.1.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-shadow2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 libuwac0-0 - 2.1.1+dfsg1-0ubuntu0.20.04.1 freerdp2-x11 - 2.1.1+dfsg1-0ubuntu0.20.04.1 libwinpr2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 libwinpr-tools2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 libuwac0-dev - 2.1.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-shadow-subsystem2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-client2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 winpr-utils - 2.1.1+dfsg1-0ubuntu0.20.04.1 No subscription required Medium CVE-2018-1000852 CVE-2019-17177 CVE-2020-11042 CVE-2020-11044 CVE-2020-11045 CVE-2020-11046 CVE-2020-11047 CVE-2020-11048 CVE-2020-11049 CVE-2020-11058 CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526 CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 Ubuntu 20.04 LTS Dan Palmer discovered that Django incorrectly validated memcached cache keys. A remote attacker could possibly use this issue to cause a denial of service and obtain sensitive information. (CVE-2020-13254) Jon Dufresne discovered that Django incorrectly encoded query parameters for the admin ForeignKeyRawIdWidget. A remote attacker could possibly use this issue to perform XSS attacks. (CVE-2020-13596) Update Instructions: Run `sudo pro fix USN-4381-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.1 python-django-doc - 2:2.2.12-1ubuntu0.1 No subscription required Medium CVE-2020-13254 CVE-2020-13596 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the addressbar, or execute arbitrary code. (CVE-2020-12405, CVE-2020-12406, CVE-2020-12407, CVE-2020-12408, CVE-2020-12409, CVE-2020-12410, CVE-2020-12411) It was discovered that NSS showed timing differences when performing DSA signatures. An attacker could potentially exploit this to obtain private keys using a timing attack. (CVE-2020-12399) Update Instructions: Run `sudo pro fix USN-4383-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 77.0.1+build1-0ubuntu0.20.04.1 firefox - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 77.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 77.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 77.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 77.0.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12407 CVE-2020-12408 CVE-2020-12409 CVE-2020-12410 CVE-2020-12411 Ubuntu 20.04 LTS It was discovered that GnuTLS incorrectly handled session ticket encryption keys. A remote attacker could possibly use this issue to bypass authentication or recover sensitive information. Update Instructions: Run `sudo pro fix USN-4384-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgnutls30 - 3.6.13-2ubuntu1.1 libgnutls28-dev - 3.6.13-2ubuntu1.1 libgnutlsxx28 - 3.6.13-2ubuntu1.1 gnutls-doc - 3.6.13-2ubuntu1.1 libgnutls-dane0 - 3.6.13-2ubuntu1.1 gnutls-bin - 3.6.13-2ubuntu1.1 guile-gnutls - 3.6.13-2ubuntu1.1 libgnutls-openssl27 - 3.6.13-2ubuntu1.1 No subscription required High CVE-2020-13777 Ubuntu 20.04 LTS It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. (CVE-2020-0543) It was discovered that on some Intel processors, partial data values previously read from a vector register on a physical core may be propagated into unused portions of the store buffer. A local attacker could possible use this to expose sensitive information. (CVE-2020-0548) It was discovered that on some Intel processors, data from the most recently evicted modified L1 data cache (L1D) line may be propagated into an unused (invalid) L1D fill buffer. A local attacker could possibly use this to expose sensitive information. (CVE-2020-0549) Update Instructions: Run `sudo pro fix USN-4385-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20200609.0ubuntu0.20.04.0 No subscription required Medium CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SRBDS Ubuntu 20.04 LTS USN-4385-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Skylake family (06_4EH) from booting successfully. Additonally, on Ubuntu 20.04 LTS, late loading of microcode was enabled, which could lead to system instability. This update reverts the microcode update for the Skylake processor family and disables the late loading option on Ubuntu 20.04 LTS. Please note that the 'dis_ucode_ldr' kernel command line option can be added in the boot menu to disable microcode loading for system recovery. We apologize for the inconvenience. Original advisory details: It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. (CVE-2020-0543) It was discovered that on some Intel processors, partial data values previously read from a vector register on a physical core may be propagated into unused portions of the store buffer. A local attacker could possible use this to expose sensitive information. (CVE-2020-0548) It was discovered that on some Intel processors, data from the most recently evicted modified L1 data cache (L1D) line may be propagated into an unused (invalid) L1D fill buffer. A local attacker could possibly use this to expose sensitive information. (CVE-2020-0549) Update Instructions: Run `sudo pro fix USN-4385-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20200609.0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/1882890 https://launchpad.net/bugs/1883002 Ubuntu 20.04 LTS It was discovered that libjpeg-turbo incorrectly handled certain PPM files. An attacker could possibly use this issue to access sensitive information. Update Instructions: Run `sudo pro fix USN-4386-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libturbojpeg0-dev - 2.0.3-0ubuntu1.20.04.1 libjpeg-turbo8-dev - 2.0.3-0ubuntu1.20.04.1 libjpeg-turbo-progs - 2.0.3-0ubuntu1.20.04.1 libturbojpeg - 2.0.3-0ubuntu1.20.04.1 libjpeg-turbo8 - 2.0.3-0ubuntu1.20.04.1 libjpeg-turbo-test - 2.0.3-0ubuntu1.20.04.1 No subscription required Medium CVE-2020-13790 Ubuntu 20.04 LTS It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-0067) It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. (CVE-2020-0543) Piotr Krysiuk discovered that race conditions existed in the file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12114) It was discovered that the USB susbsystem's scatter-gather implementation in the Linux kernel did not properly take data references in some situations, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12464) Bui Quang Minh discovered that the XDP socket implementation in the Linux kernel did not properly validate meta-data passed from user space, leading to an out-of-bounds write vulnerability. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12659) Dmitry Vyukov discovered that the SELinux netlink security hook in the Linux kernel did not validate messages in some situations. A privileged attacker could use this to bypass SELinux netlink restrictions. (CVE-2020-10751) Update Instructions: Run `sudo pro fix USN-4389-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1012-raspi - 5.4.0-1012.12 No subscription required linux-image-5.4.0-1015-kvm - 5.4.0-1015.15 linux-image-5.4.0-1015-gcp - 5.4.0-1015.15 linux-image-5.4.0-1015-aws - 5.4.0-1015.15 linux-image-5.4.0-1015-oracle - 5.4.0-1015.15 No subscription required linux-image-5.4.0-1016-azure - 5.4.0-1016.16 No subscription required linux-image-5.4.0-27-generic - 5.4.0-27.31 No subscription required linux-image-5.4.0-37-lowlatency - 5.4.0-37.41 linux-image-5.4.0-37-generic - 5.4.0-37.41 linux-image-5.4.0-37-generic-lpae - 5.4.0-37.41 No subscription required linux-image-raspi - 5.4.0.1012.12 linux-image-raspi2 - 5.4.0.1012.12 No subscription required linux-image-gke - 5.4.0.1015.14 linux-image-oracle - 5.4.0.1015.14 linux-image-kvm - 5.4.0.1015.14 linux-image-gcp - 5.4.0.1015.14 No subscription required linux-image-aws - 5.4.0.1015.16 No subscription required linux-image-azure - 5.4.0.1016.16 No subscription required linux-image-virtual - 5.4.0.27.34 linux-image-virtual-hwe-20.04 - 5.4.0.27.34 No subscription required linux-image-oem-osp1 - 5.4.0.37.40 linux-image-generic-hwe-20.04 - 5.4.0.37.40 linux-image-generic-hwe-18.04 - 5.4.0.37.40 linux-image-generic-lpae-hwe-20.04 - 5.4.0.37.40 linux-image-generic-lpae-hwe-18.04 - 5.4.0.37.40 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.37.40 linux-image-lowlatency-hwe-18.04 - 5.4.0.37.40 linux-image-generic - 5.4.0.37.40 linux-image-virtual-hwe-18.04 - 5.4.0.37.40 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.37.40 linux-image-oem - 5.4.0.37.40 linux-image-generic-hwe-18.04-edge - 5.4.0.37.40 linux-image-generic-lpae - 5.4.0.37.40 linux-image-lowlatency - 5.4.0.37.40 linux-image-lowlatency-hwe-20.04 - 5.4.0.37.40 linux-image-virtual-hwe-18.04-edge - 5.4.0.37.40 No subscription required Medium CVE-2020-0067 CVE-2020-0543 CVE-2020-10751 CVE-2020-12114 CVE-2020-12464 CVE-2020-12659 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SRBDS Ubuntu 20.04 LTS It was discovered that SQLite incorrectly handled certain corruped schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-8740) It was discovered that SQLite incorrectly handled certain SELECT statements. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 19.10. (CVE-2019-19603) It was discovered that SQLite incorrectly handled certain self-referential views. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 19.10. (CVE-2019-19645) Henry Liu discovered that SQLite incorrectly handled certain malformed window-function queries. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-11655) It was discovered that SQLite incorrectly handled certain string operations. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-13434) It was discovered that SQLite incorrectly handled certain expressions. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-13435) It was discovered that SQLite incorrectly handled certain fts3 queries. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-13630) It was discovered that SQLite incorrectly handled certain virtual table names. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-13631) It was discovered that SQLite incorrectly handled certain fts3 queries. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-13632) Update Instructions: Run `sudo pro fix USN-4394-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.31.1-4ubuntu0.1 sqlite3-doc - 3.31.1-4ubuntu0.1 libsqlite3-0 - 3.31.1-4ubuntu0.1 libsqlite3-tcl - 3.31.1-4ubuntu0.1 sqlite3 - 3.31.1-4ubuntu0.1 libsqlite3-dev - 3.31.1-4ubuntu0.1 No subscription required Medium CVE-2018-8740 CVE-2019-19603 CVE-2019-19645 CVE-2020-11655 CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632 Ubuntu 20.04 LTS Justin Steven discovered that fwupd incorrectly handled certain signature verification. An attacker could possibly use this issue to install an unsigned firmware. Update Instructions: Run `sudo pro fix USN-4395-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-fwupdplugin-1.0 - 1.3.9-4ubuntu0.1 fwupd-amd64-signed-template - 1.3.9-4ubuntu0.1 libfwupd-dev - 1.3.9-4ubuntu0.1 fwupd-armhf-signed-template - 1.3.9-4ubuntu0.1 gir1.2-fwupd-2.0 - 1.3.9-4ubuntu0.1 fwupd-tests - 1.3.9-4ubuntu0.1 fwupd-doc - 1.3.9-4ubuntu0.1 fwupd-arm64-signed-template - 1.3.9-4ubuntu0.1 libfwupdplugin-dev - 1.3.9-4ubuntu0.1 libfwupdplugin1 - 1.3.9-4ubuntu0.1 fwupd - 1.3.9-4ubuntu0.1 libfwupd2 - 1.3.9-4ubuntu0.1 No subscription required Medium CVE-2020-10759 Ubuntu 20.04 LTS It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-0093, CVE-2020-0182) It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a remote denial of service. (CVE-2020-0198) It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information or cause a crash. (CVE-2020-13112) It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. (CVE-2020-13113) It was discovered libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-13114) Update Instructions: Run `sudo pro fix USN-4396-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libexif-doc - 0.6.21-6ubuntu0.3 libexif-dev - 0.6.21-6ubuntu0.3 libexif12 - 0.6.21-6ubuntu0.3 No subscription required Medium CVE-2020-0093 CVE-2020-0182 CVE-2020-0198 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114 Ubuntu 20.04 LTS It was discovered that NSS incorrectly handled the TLS State Machine. A remote attacker could possibly use this issue to cause NSS to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2019-17023) Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover DSA keys. (CVE-2020-12399) Update Instructions: Run `sudo pro fix USN-4397-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.1 libnss3 - 2:3.49.1-1ubuntu1.1 libnss3-tools - 2:3.49.1-1ubuntu1.1 No subscription required Medium CVE-2019-17023 CVE-2020-12399 Ubuntu 20.04 LTS Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4398-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dbus-1-doc - 1.12.16-2ubuntu2.1 dbus - 1.12.16-2ubuntu2.1 libdbus-1-dev - 1.12.16-2ubuntu2.1 dbus-udeb - 1.12.16-2ubuntu2.1 dbus-user-session - 1.12.16-2ubuntu2.1 libdbus-1-3-udeb - 1.12.16-2ubuntu2.1 dbus-x11 - 1.12.16-2ubuntu2.1 dbus-tests - 1.12.16-2ubuntu2.1 libdbus-1-3 - 1.12.16-2ubuntu2.1 No subscription required Medium CVE-2020-12049 Ubuntu 20.04 LTS It was discovered that Bind incorrectly handled large responses during zone transfers. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2020-8618) It was discovered that Bind incorrectly handled certain asterisk characters in zone files. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2020-8619) Update Instructions: Run `sudo pro fix USN-4399-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.2 bind9-libs - 1:9.16.1-0ubuntu2.2 bind9utils - 1:9.16.1-0ubuntu2.2 bind9-doc - 1:9.16.1-0ubuntu2.2 bind9-utils - 1:9.16.1-0ubuntu2.2 bind9 - 1:9.16.1-0ubuntu2.2 bind9-dnsutils - 1:9.16.1-0ubuntu2.2 bind9-host - 1:9.16.1-0ubuntu2.2 No subscription required Medium CVE-2020-8618 CVE-2020-8619 Ubuntu 20.04 LTS It was discovered that the nfs-utils package set incorrect permissions on the /var/lib/nfs directory. An attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-4400-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nfs-kernel-server - 1:1.3.4-2.5ubuntu3.3 nfs-common - 1:1.3.4-2.5ubuntu3.3 No subscription required Low CVE-2019-3689 Ubuntu 20.04 LTS It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. (CVE-2020-14093) It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to proceeds with a connection even if the user rejects an expired intermediate certificate. (CVE-2020-14154) Update Instructions: Run `sudo pro fix USN-4401-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mutt - 1.13.2-1ubuntu0.1 No subscription required Medium CVE-2020-14093 CVE-2020-14154 Ubuntu 20.04 LTS Marek Szlagor, Gregory Jefferis and Jeroen Ooms discovered that curl incorrectly handled certain credentials. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-8169) It was discovered that curl incorrectly handled certain parameters. An attacker could possibly use this issue to overwrite a local file. (CVE-2020-8177) Update Instructions: Run `sudo pro fix USN-4402-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.1 libcurl4-openssl-dev - 7.68.0-1ubuntu2.1 libcurl3-gnutls - 7.68.0-1ubuntu2.1 libcurl4-doc - 7.68.0-1ubuntu2.1 libcurl3-nss - 7.68.0-1ubuntu2.1 libcurl4-nss-dev - 7.68.0-1ubuntu2.1 libcurl4 - 7.68.0-1ubuntu2.1 curl - 7.68.0-1ubuntu2.1 No subscription required Medium CVE-2020-8169 CVE-2020-8177 Ubuntu 20.04 LTS It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. (CVE-2020-14954) This update also address a regression caused in the last update USN-4401-1. It only affected Ubuntu 12.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. Update Instructions: Run `sudo pro fix USN-4403-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mutt - 1.13.2-1ubuntu0.2 No subscription required Medium CVE-2020-14954 https://launchpad.net/bugs/1884588 Ubuntu 20.04 LTS Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not properly perform access control when performing IPC. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-5963) It was discovered that the UVM driver in the NVIDIA graphics driver contained a race condition. A local attacker could use this to cause a denial of service. (CVE-2020-5967) It was discovered that the NVIDIA virtual GPU guest drivers contained an unspecified vulnerability that could potentially lead to privileged operation execution. An attacker could use this to cause a denial of service. (CVE-2020-5973) Update Instructions: Run `sudo pro fix USN-4404-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnvidia-common-390 - 390.138-0ubuntu0.20.04.1 nvidia-384 - 390.138-0ubuntu0.20.04.1 nvidia-compute-utils-390 - 390.138-0ubuntu0.20.04.1 libnvidia-gl-390 - 390.138-0ubuntu0.20.04.1 libnvidia-compute-390 - 390.138-0ubuntu0.20.04.1 nvidia-dkms-390 - 390.138-0ubuntu0.20.04.1 nvidia-driver-390 - 390.138-0ubuntu0.20.04.1 nvidia-opencl-icd-384 - 390.138-0ubuntu0.20.04.1 libnvidia-fbc1-390 - 390.138-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-390 - 390.138-0ubuntu0.20.04.1 libnvidia-encode-390 - 390.138-0ubuntu0.20.04.1 nvidia-libopencl1-384 - 390.138-0ubuntu0.20.04.1 nvidia-384-dev - 390.138-0ubuntu0.20.04.1 libnvidia-ifr1-390 - 390.138-0ubuntu0.20.04.1 nvidia-kernel-source-390 - 390.138-0ubuntu0.20.04.1 nvidia-headless-390 - 390.138-0ubuntu0.20.04.1 libnvidia-cfg1-390 - 390.138-0ubuntu0.20.04.1 nvidia-kernel-common-390 - 390.138-0ubuntu0.20.04.1 nvidia-headless-no-dkms-390 - 390.138-0ubuntu0.20.04.1 libnvidia-decode-390 - 390.138-0ubuntu0.20.04.1 libcuda1-384 - 390.138-0ubuntu0.20.04.1 nvidia-utils-390 - 390.138-0ubuntu0.20.04.1 No subscription required xserver-xorg-video-nvidia-440 - 440.100-0ubuntu0.20.04.1 nvidia-kernel-common-440 - 440.100-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440 - 440.100-0ubuntu0.20.04.1 libnvidia-decode-440 - 440.100-0ubuntu0.20.04.1 libnvidia-gl-430 - 440.100-0ubuntu0.20.04.1 libnvidia-common-440 - 440.100-0ubuntu0.20.04.1 nvidia-kernel-source-430 - 440.100-0ubuntu0.20.04.1 libnvidia-encode-440 - 440.100-0ubuntu0.20.04.1 nvidia-dkms-440 - 440.100-0ubuntu0.20.04.1 libnvidia-cfg1-430 - 440.100-0ubuntu0.20.04.1 nvidia-compute-utils-430 - 440.100-0ubuntu0.20.04.1 nvidia-utils-430 - 440.100-0ubuntu0.20.04.1 libnvidia-encode-430 - 440.100-0ubuntu0.20.04.1 nvidia-headless-440 - 440.100-0ubuntu0.20.04.1 libnvidia-extra-440 - 440.100-0ubuntu0.20.04.1 libnvidia-compute-440 - 440.100-0ubuntu0.20.04.1 nvidia-kernel-common-430 - 440.100-0ubuntu0.20.04.1 nvidia-utils-440 - 440.100-0ubuntu0.20.04.1 nvidia-driver-440 - 440.100-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-430 - 440.100-0ubuntu0.20.04.1 nvidia-driver-430 - 440.100-0ubuntu0.20.04.1 libnvidia-common-430 - 440.100-0ubuntu0.20.04.1 libnvidia-decode-430 - 440.100-0ubuntu0.20.04.1 libnvidia-ifr1-440 - 440.100-0ubuntu0.20.04.1 libnvidia-fbc1-430 - 440.100-0ubuntu0.20.04.1 libnvidia-cfg1-440 - 440.100-0ubuntu0.20.04.1 nvidia-headless-no-dkms-430 - 440.100-0ubuntu0.20.04.1 libnvidia-fbc1-440 - 440.100-0ubuntu0.20.04.1 libnvidia-compute-430 - 440.100-0ubuntu0.20.04.1 nvidia-dkms-430 - 440.100-0ubuntu0.20.04.1 nvidia-compute-utils-440 - 440.100-0ubuntu0.20.04.1 libnvidia-ifr1-430 - 440.100-0ubuntu0.20.04.1 nvidia-kernel-source-440 - 440.100-0ubuntu0.20.04.1 libnvidia-gl-440 - 440.100-0ubuntu0.20.04.1 nvidia-headless-430 - 440.100-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-5963 CVE-2020-5967 CVE-2020-5973 Ubuntu 20.04 LTS USN-4404-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not properly perform access control when performing IPC. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-5963) It was discovered that the UVM driver in the NVIDIA graphics driver contained a race condition. A local attacker could use this to cause a denial of service. (CVE-2020-5967) It was discovered that the NVIDIA virtual GPU guest drivers contained an unspecified vulnerability that could potentially lead to privileged operation execution. An attacker could use this to cause a denial of service. (CVE-2020-5973) Update Instructions: Run `sudo pro fix USN-4404-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1017-aws - 5.4.0-1017.17 No subscription required linux-image-5.4.0-1018-oracle - 5.4.0-1018.18 linux-image-5.4.0-1018-gcp - 5.4.0-1018.18 No subscription required linux-image-5.4.0-1019-azure - 5.4.0-1019.19 No subscription required linux-image-5.4.0-39-generic-lpae - 5.4.0-39.43 linux-image-5.4.0-39-lowlatency - 5.4.0-39.43 linux-image-5.4.0-39-generic - 5.4.0-39.43 No subscription required linux-image-aws - 5.4.0.1017.18 No subscription required linux-image-gke - 5.4.0.1018.16 linux-image-gcp - 5.4.0.1018.16 linux-image-oracle - 5.4.0.1018.16 No subscription required linux-image-azure - 5.4.0.1019.18 No subscription required linux-image-oem-osp1 - 5.4.0.39.42 linux-image-generic-hwe-20.04 - 5.4.0.39.42 linux-image-generic-hwe-18.04 - 5.4.0.39.42 linux-image-generic-lpae-hwe-20.04 - 5.4.0.39.42 linux-image-generic-lpae-hwe-18.04 - 5.4.0.39.42 linux-image-virtual - 5.4.0.39.42 linux-image-virtual-hwe-20.04 - 5.4.0.39.42 linux-image-lowlatency-hwe-18.04 - 5.4.0.39.42 linux-image-generic - 5.4.0.39.42 linux-image-virtual-hwe-18.04 - 5.4.0.39.42 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.39.42 linux-image-oem - 5.4.0.39.42 linux-image-generic-hwe-18.04-edge - 5.4.0.39.42 linux-image-generic-lpae - 5.4.0.39.42 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.39.42 linux-image-lowlatency - 5.4.0.39.42 linux-image-lowlatency-hwe-20.04 - 5.4.0.39.42 linux-image-virtual-hwe-18.04-edge - 5.4.0.39.42 No subscription required Medium CVE-2020-5963 CVE-2020-5967 CVE-2020-5973 Ubuntu 20.04 LTS It was discovered that glib-networking skipped hostname certificate verification if the application failed to specify the server identity. A remote attacker could use this to perform a person-in-the-middle attack and expose sensitive information. Update Instructions: Run `sudo pro fix USN-4405-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: glib-networking - 2.64.2-1ubuntu0.1 glib-networking-services - 2.64.2-1ubuntu0.1 glib-networking-tests - 2.64.2-1ubuntu0.1 glib-networking-common - 2.64.2-1ubuntu0.1 No subscription required Medium CVE-2020-13645 Ubuntu 20.04 LTS It was discovered that LibVNCServer incorrectly handled decompressing data. An attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. (CVE-2019-15680) It was discovered that an information disclosure vulnerability existed in LibVNCServer when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. (CVE-2019-15681) It was discovered that LibVNCServer incorrectly handled cursor shape updates. If a user were tricked in to connecting to a malicious server, an attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. (CVE-2019-15690, CVE-2019-20788) It was discovered that LibVNCServer incorrectly handled decoding WebSocket frames. An attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. (CVE-2017-18922) Update Instructions: Run `sudo pro fix USN-4407-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvncserver1 - 0.9.12+dfsg-9ubuntu0.1 libvncserver-dev - 0.9.12+dfsg-9ubuntu0.1 libvncclient1 - 0.9.12+dfsg-9ubuntu0.1 No subscription required Medium CVE-2017-18922 CVE-2019-15680 CVE-2019-15681 CVE-2019-15690 CVE-2019-20788 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass permission prompts, or execute arbitrary code. (CVE-2020-12415, CVE-2020-12416, CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12422, CVE-2020-12424, CVE-2020-12425, CVE-2020-12426) It was discovered that when performing add-on updates, certificate chains not terminating with built-in roots were silently rejected. This could result in add-ons becoming outdated. (CVE-2020-12421) Update Instructions: Run `sudo pro fix USN-4408-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 78.0.1+build1-0ubuntu0.20.04.1 firefox - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 78.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 78.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 78.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 78.0.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 Ubuntu 20.04 LTS Andrew Bartlett discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10730) Douglas Bagnall discovered that Samba incorrectly handled certain queries. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-10745) Andrei Popa discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10760) Update Instructions: Run `sudo pro fix USN-4409-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.11.6+dfsg-0ubuntu1.3 samba - 2:4.11.6+dfsg-0ubuntu1.3 libnss-winbind - 2:4.11.6+dfsg-0ubuntu1.3 libpam-winbind - 2:4.11.6+dfsg-0ubuntu1.3 libsmbclient - 2:4.11.6+dfsg-0ubuntu1.3 smbclient - 2:4.11.6+dfsg-0ubuntu1.3 winbind - 2:4.11.6+dfsg-0ubuntu1.3 samba-testsuite - 2:4.11.6+dfsg-0ubuntu1.3 python3-samba - 2:4.11.6+dfsg-0ubuntu1.3 samba-common-bin - 2:4.11.6+dfsg-0ubuntu1.3 libwbclient0 - 2:4.11.6+dfsg-0ubuntu1.3 samba-dsdb-modules - 2:4.11.6+dfsg-0ubuntu1.3 samba-dev - 2:4.11.6+dfsg-0ubuntu1.3 libsmbclient-dev - 2:4.11.6+dfsg-0ubuntu1.3 samba-vfs-modules - 2:4.11.6+dfsg-0ubuntu1.3 samba-common - 2:4.11.6+dfsg-0ubuntu1.3 registry-tools - 2:4.11.6+dfsg-0ubuntu1.3 samba-libs - 2:4.11.6+dfsg-0ubuntu1.3 ctdb - 2:4.11.6+dfsg-0ubuntu1.3 No subscription required Medium CVE-2020-10730 CVE-2020-10745 CVE-2020-10760 Ubuntu 20.04 LTS A double-free bug was discovered in snmpd server. An authenticated user could potentially cause a DoS by sending a crafted request to the server. (CVE-2019-20892) Update Instructions: Run `sudo pro fix USN-4410-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: snmptrapd - 5.8+dfsg-2ubuntu2.1 libsnmp-dev - 5.8+dfsg-2ubuntu2.1 libsnmp-base - 5.8+dfsg-2ubuntu2.1 snmp - 5.8+dfsg-2ubuntu2.1 libsnmp-perl - 5.8+dfsg-2ubuntu2.1 tkmib - 5.8+dfsg-2ubuntu2.1 snmpd - 5.8+dfsg-2ubuntu2.1 libsnmp35 - 5.8+dfsg-2ubuntu2.1 No subscription required Medium CVE-2019-20892 Ubuntu 20.04 LTS It was discovered that the elf handling code in the Linux kernel did not initialize memory before using it in certain situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2020-10732) Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service (system crash). (CVE-2020-10711) It was discovered that the SCSI generic (sg) driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2020-12770) It was discovered that the USB Gadget device driver in the Linux kernel did not validate arguments passed from configfs in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2020-13143) It was discovered that the KVM implementation in the Linux kernel did not properly deallocate memory on initialization for some processors. A local attacker could possibly use this to cause a denial of service. (CVE-2020-12768) Update Instructions: Run `sudo pro fix USN-4411-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1013-raspi - 5.4.0-1013.13 No subscription required linux-image-5.4.0-1018-aws - 5.4.0-1018.18 No subscription required linux-image-5.4.0-1019-gcp - 5.4.0-1019.19 linux-image-5.4.0-1019-oracle - 5.4.0-1019.19 No subscription required linux-image-5.4.0-1020-azure - 5.4.0-1020.20 No subscription required linux-image-5.4.0-28-generic - 5.4.0-28.32 No subscription required linux-image-5.4.0-40-generic - 5.4.0-40.44 linux-image-5.4.0-40-generic-lpae - 5.4.0-40.44 linux-image-5.4.0-40-lowlatency - 5.4.0-40.44 No subscription required linux-image-raspi - 5.4.0.1013.13 linux-image-raspi2 - 5.4.0.1013.13 No subscription required linux-image-kvm - 5.4.0.1018.17 No subscription required linux-image-aws - 5.4.0.1018.19 No subscription required linux-image-oracle - 5.4.0.1019.17 linux-image-gke - 5.4.0.1019.17 linux-image-gcp - 5.4.0.1019.17 No subscription required linux-image-azure - 5.4.0.1020.19 No subscription required linux-image-oem-osp1 - 5.4.0.40.43 linux-image-generic-hwe-20.04 - 5.4.0.40.43 linux-image-generic-hwe-18.04 - 5.4.0.40.43 linux-image-generic-lpae-hwe-20.04 - 5.4.0.40.43 linux-image-generic-lpae-hwe-18.04 - 5.4.0.40.43 linux-image-virtual - 5.4.0.40.43 linux-image-lowlatency-hwe-18.04 - 5.4.0.40.43 linux-image-generic - 5.4.0.40.43 linux-image-virtual-hwe-18.04 - 5.4.0.40.43 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.40.43 linux-image-oem - 5.4.0.40.43 linux-image-generic-hwe-18.04-edge - 5.4.0.40.43 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.40.43 linux-image-virtual-hwe-20.04 - 5.4.0.40.43 linux-image-lowlatency - 5.4.0.40.43 linux-image-lowlatency-hwe-20.04 - 5.4.0.40.43 linux-image-generic-lpae - 5.4.0.40.43 linux-image-virtual-hwe-18.04-edge - 5.4.0.40.43 No subscription required Low CVE-2020-10711 CVE-2020-10732 CVE-2020-12768 CVE-2020-12770 CVE-2020-13143 Ubuntu 20.04 LTS Felix Dörre discovered that coTURN response buffer is not initialized properly. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-4067) It was discovered that coTURN web server incorrectly handled HTTP POST requests. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information or other unspecified impact. (CVE-2020-6061, CVE-2020-6062) Update Instructions: Run `sudo pro fix USN-4415-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: coturn - 4.5.1.1-1.1ubuntu0.20.04.1 No subscription required Medium CVE-2020-4067 CVE-2020-6061 CVE-2020-6062 Ubuntu 20.04 LTS Cesar Pereida, Billy Bob Brumley, Yuval Yarom, and Nicola Tuveri discovered that NSS incorrectly handled RSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover RSA keys. Update Instructions: Run `sudo pro fix USN-4417-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.2 libnss3 - 2:3.49.1-1ubuntu1.2 libnss3-tools - 2:3.49.1-1ubuntu1.2 No subscription required Medium CVE-2020-12402 Ubuntu 20.04 LTS It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4418-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenexr-dev - 2.3.0-6ubuntu0.2 openexr - 2.3.0-6ubuntu0.2 libopenexr24 - 2.3.0-6ubuntu0.2 openexr-doc - 2.3.0-6ubuntu0.2 No subscription required Medium CVE-2020-15305 CVE-2020-15306 Ubuntu 20.04 LTS David Hill and Eric Harney discovered that Cinder and os-brick incorrectly handled ScaleIO backend credentials. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4420-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cinder-backup - 2:16.1.0-0ubuntu1 cinder-api - 2:16.1.0-0ubuntu1 cinder-volume - 2:16.1.0-0ubuntu1 cinder-common - 2:16.1.0-0ubuntu1 python3-cinder - 2:16.1.0-0ubuntu1 cinder-scheduler - 2:16.1.0-0ubuntu1 No subscription required os-brick-common - 3.0.1-0ubuntu1.2 python-os-brick-doc - 3.0.1-0ubuntu1.2 python3-os-brick - 3.0.1-0ubuntu1.2 No subscription required Low CVE-2020-10755 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbtirary code. (CVE-2020-12405, CVE-2020-12406, CVE-2020-12410, CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420) It was discovered that Thunderbird would continue an unencrypted connection when configured to use STARTTLS for IMAP if the server responded with PREAUTH. A remote attacker could potentially exploit this to perform a person-in-the-middle attack in order to obtain sensitive information. (CVE-2020-12398) It was discovered that NSS showed timing differences when performing DSA signatures. An attacker could potentially exploit this to obtain private keys using a timing attack. (CVE-2020-12399) It was discovered that when performing add-on updates, certificate chains not terminating with built-in roots were silently rejected. This could result in add-ons becoming outdated. (CVE-2020-12421) Update Instructions: Run `sudo pro fix USN-4421-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:68.10.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:68.10.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:68.10.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:68.10.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-12398 CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4422-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.28.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.28.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.28.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.28.3-0ubuntu0.20.04.1 webkit2gtk-driver - 2.28.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.28.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.28.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.28.3-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.28.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.28.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-13753 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 Ubuntu 20.04 LTS It was discovered that X-Frame-Options could be bypassed in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct clickjacking attacks. Update Instructions: Run `sudo pro fix USN-4423-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-nn - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ne - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-nb - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fa - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fi - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fr - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fy - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-or - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-kab - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-oc - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-cs - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ga - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gd - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gn - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gl - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gu - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-pa - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-pl - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-cy - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-pt - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hi - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-uk - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-he - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hy - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hr - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hu - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-as - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ar - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ia - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-az - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-id - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mai - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-af - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-is - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-it - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-an - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-bs - 78.0.2+build2-0ubuntu0.20.04.1 firefox - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ro - 78.0.2+build2-0ubuntu0.20.04.1 firefox-geckodriver - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ja - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ru - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-br - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-bn - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-be - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-bg - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sl - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sk - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-si - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sw - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sv - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sr - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sq - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ko - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-kn - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-km - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-kk - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ka - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-xh - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ca - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ku - 78.0.2+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-lv - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-lt - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-th - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 78.0.2+build2-0ubuntu0.20.04.1 firefox-dev - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-te - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-cak - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ta - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-lg - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-tr - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-nso - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-de - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-da - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ms - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mr - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-my - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-uz - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ml - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mn - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mk - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ur - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-vi - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-eu - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-et - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-es - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-csb - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-el - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-eo - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-en - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-zu - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ast - 78.0.2+build2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1887576 Ubuntu 20.04 LTS It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices ran on every boot without restrictions. A physical attacker could exploit this to craft cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. (CVE-2020-11933) It was discovered that snapctl user-open allowed altering the XDG_DATA_DIRS environment variable when calling the system xdg-open. A malicious snap could exploit this to bypass intended access restrictions to control how the host system xdg-open script opens the URL. This issue did not affect Ubuntu Core systems. (CVE-2020-11934) Update Instructions: Run `sudo pro fix USN-4424-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.45.1+20.04.2 ubuntu-core-launcher - 2.45.1+20.04.2 snap-confine - 2.45.1+20.04.2 ubuntu-snappy-cli - 2.45.1+20.04.2 golang-github-snapcore-snapd-dev - 2.45.1+20.04.2 snapd-xdg-open - 2.45.1+20.04.2 snapd - 2.45.1+20.04.2 golang-github-ubuntu-core-snappy-dev - 2.45.1+20.04.2 ubuntu-snappy - 2.45.1+20.04.2 No subscription required Medium CVE-2020-11933 CVE-2020-11934 Ubuntu 20.04 LTS It was discovered that the network block device (nbd) implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16089) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly check return values in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-19462) Mauricio Faria de Oliveira discovered that the aufs implementation in the Linux kernel improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service. (CVE-2020-11935) Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading ACPI tables via configfs. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. (CVE-2020-15780) Update Instructions: Run `sudo pro fix USN-4425-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1015-raspi - 5.4.0-1015.15 No subscription required linux-image-5.4.0-1020-aws - 5.4.0-1020.20 No subscription required linux-image-5.4.0-1021-oracle - 5.4.0-1021.21 linux-image-5.4.0-1021-gcp - 5.4.0-1021.21 No subscription required linux-image-5.4.0-1022-azure - 5.4.0-1022.22 No subscription required linux-image-5.4.0-30-generic - 5.4.0-30.34 No subscription required linux-image-5.4.0-42-generic-lpae - 5.4.0-42.46 linux-image-5.4.0-42-generic - 5.4.0-42.46 linux-image-5.4.0-42-lowlatency - 5.4.0-42.46 No subscription required linux-image-raspi - 5.4.0.1015.50 linux-image-raspi2 - 5.4.0.1015.50 linux-image-raspi-hwe-18.04-edge - 5.4.0.1015.50 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1015.50 linux-image-raspi-hwe-18.04 - 5.4.0.1015.50 linux-image-raspi2-hwe-18.04 - 5.4.0.1015.50 No subscription required linux-image-kvm - 5.4.0.1020.19 No subscription required linux-image-aws - 5.4.0.1020.21 No subscription required linux-image-gke - 5.4.0.1021.19 linux-image-oracle - 5.4.0.1021.19 linux-image-gcp - 5.4.0.1021.19 No subscription required linux-image-azure - 5.4.0.1022.21 No subscription required linux-image-oem-osp1 - 5.4.0.42.45 linux-image-generic-hwe-20.04 - 5.4.0.42.45 linux-image-generic-hwe-18.04 - 5.4.0.42.45 linux-image-generic-lpae-hwe-20.04 - 5.4.0.42.45 linux-image-generic-lpae-hwe-18.04 - 5.4.0.42.45 linux-image-virtual - 5.4.0.42.45 linux-image-lowlatency - 5.4.0.42.45 linux-image-virtual-hwe-20.04 - 5.4.0.42.45 linux-image-lowlatency-hwe-18.04 - 5.4.0.42.45 linux-image-generic - 5.4.0.42.45 linux-image-virtual-hwe-18.04 - 5.4.0.42.45 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.42.45 linux-image-oem - 5.4.0.42.45 linux-image-generic-hwe-18.04-edge - 5.4.0.42.45 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.42.45 linux-image-generic-lpae - 5.4.0.42.45 linux-image-virtual-hwe-18.04-edge - 5.4.0.42.45 linux-image-lowlatency-hwe-20.04 - 5.4.0.42.45 No subscription required Medium CVE-2019-16089 CVE-2019-19462 CVE-2020-11935 CVE-2020-15780 Ubuntu 20.04 LTS It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-17514) It was discovered that Python incorrectly handled certain TAR archives. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-20907) It was discovered that incorrectly handled certain ZIP files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9674) It was discovered that Python incorrectly handled certain IP values. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14422) Update Instructions: Run `sudo pro fix USN-4428-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.2-1ubuntu1.2 python3.8-examples - 3.8.2-1ubuntu1.2 python3.8-dev - 3.8.2-1ubuntu1.2 libpython3.8-minimal - 3.8.2-1ubuntu1.2 libpython3.8-dev - 3.8.2-1ubuntu1.2 python3.8-venv - 3.8.2-1ubuntu1.2 libpython3.8 - 3.8.2-1ubuntu1.2 idle-python3.8 - 3.8.2-1ubuntu1.2 libpython3.8-testsuite - 3.8.2-1ubuntu1.2 libpython3.8-stdlib - 3.8.2-1ubuntu1.2 python3.8 - 3.8.2-1ubuntu1.2 python3.8-doc - 3.8.2-1ubuntu1.2 No subscription required Medium CVE-2019-17514 CVE-2019-20907 CVE-2019-9674 CVE-2020-14422 Ubuntu 20.04 LTS It was discovered that Evolution Data Server incorrectly handled STARTTLS when using SMTP and POP3. A remote attacker could possibly use this issue to perform a response injection attack. Update Instructions: Run `sudo pro fix USN-4429-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libedataserver-1.2-24 - 3.36.3-0ubuntu1.1 libedata-cal2.0-dev - 3.36.3-0ubuntu1.1 libebackend-1.2-10 - 3.36.3-0ubuntu1.1 libebook1.2-dev - 3.36.3-0ubuntu1.1 evolution-data-server-tests - 3.36.3-0ubuntu1.1 gir1.2-camel-1.2 - 3.36.3-0ubuntu1.1 libedata-cal-2.0-1 - 3.36.3-0ubuntu1.1 gir1.2-ecal-2.0 - 3.36.3-0ubuntu1.1 libebook-contacts-1.2-3 - 3.36.3-0ubuntu1.1 libedata-book1.2-dev - 3.36.3-0ubuntu1.1 libebackend1.2-dev - 3.36.3-0ubuntu1.1 libebook-1.2-20 - 3.36.3-0ubuntu1.1 libcamel1.2-dev - 3.36.3-0ubuntu1.1 gir1.2-ebackend-1.2 - 3.36.3-0ubuntu1.1 gir1.2-edatacal-2.0 - 3.36.3-0ubuntu1.1 gir1.2-edatabook-1.2 - 3.36.3-0ubuntu1.1 gir1.2-edataserver-1.2 - 3.36.3-0ubuntu1.1 libecal2.0-dev - 3.36.3-0ubuntu1.1 libedataserver1.2-dev - 3.36.3-0ubuntu1.1 libebook-contacts1.2-dev - 3.36.3-0ubuntu1.1 gir1.2-ebookcontacts-1.2 - 3.36.3-0ubuntu1.1 libedata-book-1.2-26 - 3.36.3-0ubuntu1.1 libedataserverui-1.2-2 - 3.36.3-0ubuntu1.1 libcamel-1.2-62 - 3.36.3-0ubuntu1.1 evolution-data-server - 3.36.3-0ubuntu1.1 evolution-data-server-common - 3.36.3-0ubuntu1.1 gir1.2-edataserverui-1.2 - 3.36.3-0ubuntu1.1 libedataserverui1.2-dev - 3.36.3-0ubuntu1.1 libecal-2.0-1 - 3.36.3-0ubuntu1.1 evolution-data-server-doc - 3.36.3-0ubuntu1.1 evolution-data-server-dev - 3.36.3-0ubuntu1.1 gir1.2-ebook-1.2 - 3.36.3-0ubuntu1.1 No subscription required Medium CVE-2020-14928 Ubuntu 20.04 LTS USN-4430-1 fixed vulnerabilities in Pillow. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted image file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4430-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.1 python-pil-doc - 7.0.0-4ubuntu0.1 python3-pil - 7.0.0-4ubuntu0.1 No subscription required Medium CVE-2020-10177 CVE-2020-10378 CVE-2020-10379 CVE-2020-10994 CVE-2020-11538 Ubuntu 20.04 LTS It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to cause a denial of service via a crafted file. This issue only affected Ubuntu 16.04 LTS, as it was already fixed in Ubuntu 18.04 LTS. For more information see: https://usn.ubuntu.com/usn/usn-3967-1 (CVE-2018-15822, CVE-2019-11338) It was discovered that FFmpeg incorrectly handled sscanf failures. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-12730) It was discovered that FFmpeg incorrectly handled certain WEBM files. An attacker could possibly use this issue to obtain sensitive data or other unspecified impact. This issue only affected Ubuntu 20.04 LTS. (CVE-2019-13312) It was discovered that FFmpeg incorrectly handled certain AVI files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-13390) It was discovered that FFmpeg incorrectly handled certain input. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-17539) It was discovered that FFmpeg incorrectly handled certain input during decoding of VQA files. An attacker could possibly use this issue to obtain sensitive information or other unspecified impact. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-17542) It was discovered that FFmpeg incorrectly handled certain JPEG files. An attacker could possibly use this issue to obtain sensitive information or other unspecified impact. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-12284) It was discovered that FFmpeg incorrectly handled certain M3U8 files. An attacker could possibly use this issue to obtain sensitive information or other unspecified impact. (CVE-2020-13904) Update Instructions: Run `sudo pro fix USN-4431-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavresample-dev - 7:4.2.4-1ubuntu0.1 libavcodec-extra - 7:4.2.4-1ubuntu0.1 libavfilter-extra7 - 7:4.2.4-1ubuntu0.1 libswscale5 - 7:4.2.4-1ubuntu0.1 libavresample4 - 7:4.2.4-1ubuntu0.1 libavcodec-dev - 7:4.2.4-1ubuntu0.1 libavutil-dev - 7:4.2.4-1ubuntu0.1 libavfilter-extra - 7:4.2.4-1ubuntu0.1 libswscale-dev - 7:4.2.4-1ubuntu0.1 libswresample-dev - 7:4.2.4-1ubuntu0.1 libswresample3 - 7:4.2.4-1ubuntu0.1 libavdevice-dev - 7:4.2.4-1ubuntu0.1 libavformat58 - 7:4.2.4-1ubuntu0.1 libavdevice58 - 7:4.2.4-1ubuntu0.1 libavfilter-dev - 7:4.2.4-1ubuntu0.1 libpostproc55 - 7:4.2.4-1ubuntu0.1 libpostproc-dev - 7:4.2.4-1ubuntu0.1 libavcodec-extra58 - 7:4.2.4-1ubuntu0.1 libavformat-dev - 7:4.2.4-1ubuntu0.1 libavutil56 - 7:4.2.4-1ubuntu0.1 libavfilter7 - 7:4.2.4-1ubuntu0.1 ffmpeg - 7:4.2.4-1ubuntu0.1 ffmpeg-doc - 7:4.2.4-1ubuntu0.1 libavcodec58 - 7:4.2.4-1ubuntu0.1 No subscription required Medium CVE-2018-15822 CVE-2019-11338 CVE-2019-12730 CVE-2019-13312 CVE-2019-13390 CVE-2019-17539 CVE-2019-17542 CVE-2020-12284 CVE-2020-13904 Ubuntu 20.04 LTS Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were discovered, resulting in heap-based buffer overflows. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-10713) Chris Coulson discovered that the GRUB2 function handling code did not properly handle a function being redefined, leading to a use-after-free vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15706) Chris Coulson discovered that multiple integer overflows existed in GRUB2 when handling certain filesystems or font files, leading to heap-based buffer overflows. A local attacker could use these to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14309, CVE-2020-14310, CVE-2020-14311) It was discovered that the memory allocator for GRUB2 did not validate allocation size, resulting in multiple integer overflows and heap-based buffer overflows when handling certain filesystems, PNG images or disk metadata. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14308) Mathieu Trudel-Lapierre discovered that in certain situations, GRUB2 failed to validate kernel signatures. A local attacker could use this to bypass Secure Boot restrictions. (CVE-2020-15705) Colin Watson and Chris Coulson discovered that an integer overflow existed in GRUB2 when handling the initrd command, leading to a heap-based buffer overflow. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15707) Update Instructions: Run `sudo pro fix USN-4432-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: grub-efi-amd64-signed - 1.142.3+2.04-1ubuntu26.1 grub-efi-arm64-signed - 1.142.3+2.04-1ubuntu26.1 No subscription required grub-firmware-qemu - 2.04-1ubuntu26.1 grub-ieee1275 - 2.04-1ubuntu26.1 grub-efi-amd64 - 2.04-1ubuntu26.1 grub2-common - 2.04-1ubuntu26.1 grub-uboot-bin - 2.04-1ubuntu26.1 grub-common - 2.04-1ubuntu26.1 grub-efi-amd64-bin - 2.04-1ubuntu26.1 grub-pc-bin - 2.04-1ubuntu26.1 grub-theme-starfield - 2.04-1ubuntu26.1 grub-efi-arm - 2.04-1ubuntu26.1 grub2 - 2.04-1ubuntu26.1 grub-xen-host - 2.04-1ubuntu26.1 grub-efi-arm64-bin - 2.04-1ubuntu26.1 grub-pc - 2.04-1ubuntu26.1 grub-emu - 2.04-1ubuntu26.1 grub-efi-arm-bin - 2.04-1ubuntu26.1 grub-linuxbios - 2.04-1ubuntu26.1 grub-xen - 2.04-1ubuntu26.1 grub-uboot - 2.04-1ubuntu26.1 grub-efi-ia32 - 2.04-1ubuntu26.1 grub-coreboot - 2.04-1ubuntu26.1 grub-efi-ia32-bin - 2.04-1ubuntu26.1 grub-ieee1275-bin - 2.04-1ubuntu26.1 grub-xen-bin - 2.04-1ubuntu26.1 grub-efi-amd64-signed-template - 2.04-1ubuntu26.1 grub-rescue-pc - 2.04-1ubuntu26.1 grub-mount-udeb - 2.04-1ubuntu26.1 grub-coreboot-bin - 2.04-1ubuntu26.1 grub-efi-arm64-signed-template - 2.04-1ubuntu26.1 grub-efi-arm64 - 2.04-1ubuntu26.1 grub-efi - 2.04-1ubuntu26.1 No subscription required High CVE-2020-10713 CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-15705 CVE-2020-15706 CVE-2020-15707 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass Ubuntu 20.04 LTS USN-4432-1 fixed vulnerabilities in GRUB2 affecting Secure Boot environments. Unfortunately, the update introduced regressions for some BIOS systems (either pre-UEFI or UEFI configured in Legacy mode), preventing them from successfully booting. This update addresses the issue. Users with BIOS systems that installed GRUB2 versions from USN-4432-1 should verify that their GRUB2 installation has a correct understanding of their boot device location and installed the boot loader correctly. We apologize for the inconvenience. Original advisory details: Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were discovered, resulting in heap-based buffer overflows. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-10713) Chris Coulson discovered that the GRUB2 function handling code did not properly handle a function being redefined, leading to a use-after-free vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15706) Chris Coulson discovered that multiple integer overflows existed in GRUB2 when handling certain filesystems or font files, leading to heap-based buffer overflows. A local attacker could use these to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14309, CVE-2020-14310, CVE-2020-14311) It was discovered that the memory allocator for GRUB2 did not validate allocation size, resulting in multiple integer overflows and heap-based buffer overflows when handling certain filesystems, PNG images or disk metadata. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14308) Mathieu Trudel-Lapierre discovered that in certain situations, GRUB2 failed to validate kernel signatures. A local attacker could use this to bypass Secure Boot restrictions. (CVE-2020-15705) Colin Watson and Chris Coulson discovered that an integer overflow existed in GRUB2 when handling the initrd command, leading to a heap-based buffer overflow. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15707) Update Instructions: Run `sudo pro fix USN-4432-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: grub-efi-amd64-signed - 1.142.4+2.04-1ubuntu26.2 grub-efi-arm64-signed - 1.142.4+2.04-1ubuntu26.2 No subscription required grub-firmware-qemu - 2.04-1ubuntu26.2 grub-ieee1275 - 2.04-1ubuntu26.2 grub-efi-amd64 - 2.04-1ubuntu26.2 grub2-common - 2.04-1ubuntu26.2 grub-uboot-bin - 2.04-1ubuntu26.2 grub-common - 2.04-1ubuntu26.2 grub-efi-amd64-bin - 2.04-1ubuntu26.2 grub-pc-bin - 2.04-1ubuntu26.2 grub-theme-starfield - 2.04-1ubuntu26.2 grub-efi-arm - 2.04-1ubuntu26.2 grub2 - 2.04-1ubuntu26.2 grub-xen-host - 2.04-1ubuntu26.2 grub-efi-arm64-bin - 2.04-1ubuntu26.2 grub-pc - 2.04-1ubuntu26.2 grub-emu - 2.04-1ubuntu26.2 grub-efi-arm-bin - 2.04-1ubuntu26.2 grub-linuxbios - 2.04-1ubuntu26.2 grub-xen - 2.04-1ubuntu26.2 grub-uboot - 2.04-1ubuntu26.2 grub-efi-ia32 - 2.04-1ubuntu26.2 grub-coreboot - 2.04-1ubuntu26.2 grub-efi-ia32-bin - 2.04-1ubuntu26.2 grub-ieee1275-bin - 2.04-1ubuntu26.2 grub-xen-bin - 2.04-1ubuntu26.2 grub-efi-amd64-signed-template - 2.04-1ubuntu26.2 grub-rescue-pc - 2.04-1ubuntu26.2 grub-mount-udeb - 2.04-1ubuntu26.2 grub-coreboot-bin - 2.04-1ubuntu26.2 grub-efi-arm64-signed-template - 2.04-1ubuntu26.2 grub-efi-arm64 - 2.04-1ubuntu26.2 grub-efi - 2.04-1ubuntu26.2 No subscription required None https://launchpad.net/bugs/1889556 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass Ubuntu 20.04 LTS Johannes Kuhn discovered that OpenJDK incorrectly handled access control contexts. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-14556) It was discovered that OpenJDK incorrectly handled memory allocation when reading TIFF image files. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-14562) It was discovered that OpenJDK incorrectly handled input data. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2020-14573) Philippe Arteau discovered that OpenJDK incorrectly verified names in TLS server's X.509 certificates. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-14577) It was discovered that OpenJDK incorrectly handled image files. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-14581) Markus Loewe discovered that OpenJDK incorrectly handled concurrent access in java.nio.Buffer class. An attacker could use this issue to bypass the sandbox restrictions and cause unspecified impact. (CVE-2020-14583) It was discovered that OpenJDK incorrectly handled transformation of images. An attacker could possibly use this issue to bypass sandbox restrictions and insert, edit or obtain sensitive information. (CVE-2020-14593) Roman Shemyakin discovered that OpenJDK incorrectly handled XML files. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2020-14621) Update Instructions: Run `sudo pro fix USN-4433-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.8+10-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.8+10-0ubuntu1~20.04 openjdk-11-doc - 11.0.8+10-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.8+10-0ubuntu1~20.04 openjdk-11-jdk - 11.0.8+10-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.8+10-0ubuntu1~20.04 openjdk-11-jre - 11.0.8+10-0ubuntu1~20.04 openjdk-11-demo - 11.0.8+10-0ubuntu1~20.04 No subscription required Medium CVE-2020-14556 CVE-2020-14562 CVE-2020-14573 CVE-2020-14577 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 Ubuntu 20.04 LTS Ramin Farajpour Cami discovered that LibVNCServer incorrectly handled certain malformed unix socket names. A remote attacker could exploit this with a crafted socket name, leading to a denial of service, or possibly execute arbitrary code. (CVE-2019-20839) It was discovered that LibVNCServer did not properly access byte-aligned data. A remote attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2019-20840) Christian Beier discovered that LibVNCServer incorrectly handled anonymous TLS connections. A remote attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-14396) It was discovered that LibVNCServer incorrectly handled region clipping. A remote attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. (CVE-2020-14397) It was discovered that LibVNCServer did not properly reset incorrectly terminated TCP connections. A remote attacker could possibly use this issue to cause an infinite loop, resulting in a denial of service. (CVE-2020-14398) It was discovered that LibVNCServer did not properly access byte-aligned data. A remote attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. (CVE-2020-14399, CVE-2020-14400) It was discovered that LibVNCServer incorrectly handled screen scaling on the server side. A remote attacker could use this issue to cause LibVNCServer to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-14401) It was discovered that LibVNCServer incorrectly handled encodings. A remote attacker could use this issue to cause LibVNCServer to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-14402, CVE-2020-14403, CVE-2020-14404) It was discovered that LibVNCServer incorrectly handled TextChat messages. A remote attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. (CVE-2020-14405) Update Instructions: Run `sudo pro fix USN-4434-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvncserver1 - 0.9.12+dfsg-9ubuntu0.2 libvncserver-dev - 0.9.12+dfsg-9ubuntu0.2 libvncclient1 - 0.9.12+dfsg-9ubuntu0.2 No subscription required Medium CVE-2019-20839 CVE-2019-20840 CVE-2020-14396 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-14405 Ubuntu 20.04 LTS It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2020-3327) It was discovered that ClamAV incorrectly handled scanning malicious files. A local attacker could possibly use this issue to delete arbitrary files. (CVE-2020-3350) It was discovered that ClamAV incorrectly handled parsing EGG archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2020-3481) Update Instructions: Run `sudo pro fix USN-4435-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav-base - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.102.4+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.102.4+dfsg-0ubuntu0.20.04.1 clamdscan - 0.102.4+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-3327 CVE-2020-3350 CVE-2020-3481 Ubuntu 20.04 LTS Ziming Zhang and VictorV discovered that libslirp incorrectly handled replying to certain ICMP echo requests. A remote attacker could possibly use this issue to cause libslirp to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4437-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libslirp0 - 4.1.0-2ubuntu2.1 libslirp-dev - 4.1.0-2ubuntu2.1 No subscription required Medium CVE-2020-10756 Ubuntu 20.04 LTS It was discovered that SQLite incorrectly handled query-flattener optimization. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4438-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.31.1-4ubuntu0.2 sqlite3-doc - 3.31.1-4ubuntu0.2 libsqlite3-0 - 3.31.1-4ubuntu0.2 libsqlite3-tcl - 3.31.1-4ubuntu0.2 sqlite3 - 3.31.1-4ubuntu0.2 libsqlite3-dev - 3.31.1-4ubuntu0.2 No subscription required Medium CVE-2020-15358 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.21 in Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.31. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-31.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-21.html https://www.oracle.com/security-alerts/cpujul2020.html Update Instructions: Run `sudo pro fix USN-4441-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.21-0ubuntu0.20.04.3 libmysqlclient-dev - 8.0.21-0ubuntu0.20.04.3 mysql-testsuite-8.0 - 8.0.21-0ubuntu0.20.04.3 mysql-router - 8.0.21-0ubuntu0.20.04.3 mysql-server - 8.0.21-0ubuntu0.20.04.3 libmysqlclient21 - 8.0.21-0ubuntu0.20.04.3 mysql-client-core-8.0 - 8.0.21-0ubuntu0.20.04.3 mysql-server-core-8.0 - 8.0.21-0ubuntu0.20.04.3 mysql-server-8.0 - 8.0.21-0ubuntu0.20.04.3 mysql-testsuite - 8.0.21-0ubuntu0.20.04.3 mysql-client-8.0 - 8.0.21-0ubuntu0.20.04.3 mysql-source-8.0 - 8.0.21-0ubuntu0.20.04.3 No subscription required Medium CVE-2020-14539 CVE-2020-14540 CVE-2020-14547 CVE-2020-14550 CVE-2020-14553 CVE-2020-14559 CVE-2020-14568 CVE-2020-14575 CVE-2020-14576 CVE-2020-14586 CVE-2020-14591 CVE-2020-14597 CVE-2020-14619 CVE-2020-14620 CVE-2020-14623 CVE-2020-14624 CVE-2020-14631 CVE-2020-14632 CVE-2020-14633 CVE-2020-14634 CVE-2020-14641 CVE-2020-14643 CVE-2020-14651 CVE-2020-14654 CVE-2020-14656 CVE-2020-14663 CVE-2020-14678 CVE-2020-14680 CVE-2020-14697 CVE-2020-14702 Ubuntu 20.04 LTS USN-4441-1 fixed vulnerabilities in MySQL. The new upstream version changed compiler options and caused a regression in certain scenarios. This update fixes the problem. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.21 in Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.31. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-31.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-21.html https://www.oracle.com/security-alerts/cpujul2020.html Update Instructions: Run `sudo pro fix USN-4441-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.21-0ubuntu0.20.04.4 libmysqlclient-dev - 8.0.21-0ubuntu0.20.04.4 mysql-testsuite-8.0 - 8.0.21-0ubuntu0.20.04.4 mysql-router - 8.0.21-0ubuntu0.20.04.4 mysql-server - 8.0.21-0ubuntu0.20.04.4 libmysqlclient21 - 8.0.21-0ubuntu0.20.04.4 mysql-client-core-8.0 - 8.0.21-0ubuntu0.20.04.4 mysql-server-core-8.0 - 8.0.21-0ubuntu0.20.04.4 mysql-server-8.0 - 8.0.21-0ubuntu0.20.04.4 mysql-testsuite - 8.0.21-0ubuntu0.20.04.4 mysql-client-8.0 - 8.0.21-0ubuntu0.20.04.4 mysql-source-8.0 - 8.0.21-0ubuntu0.20.04.4 No subscription required None https://launchpad.net/bugs/1889851 Ubuntu 20.04 LTS USN-4442-1 fixed vulnerabilities in Sympa. This update provides the corresponding updates for Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. Original advisory details: Nicolas Chatelain discovered that Sympa incorrectly handled environment variables. An attacker could possibly use this issue with a setuid binary and gain root privileges. (CVE-2020-10936) Michael Kaczmarczik discovered that Sympa incorrectly handled HTTP GET/POST requests. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-1000550) It was discovered that Sympa incorrectly handled URL parameters. An attacker could possibly use this issue to perform XSS attacks. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-1000671) Update Instructions: Run `sudo pro fix USN-4442-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sympa - 6.2.40~dfsg-4ubuntu0.20.04.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2018-1000550 CVE-2018-1000671 CVE-2020-10936 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass iframe sandbox restrictions, confuse the user, or execute arbitrary code. (CVE-2020-6463, CVE-2020-6514, CVE-2020-15652, CVE-2020-15653, CVE-2020-15654, CVE-2020-15656, CVE-2020-15658, CVE-2020-15659) It was discovered that redirected HTTP requests which are observed or modified through a web extension could bypass existing CORS checks. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit this to obtain sensitive information across origins. (CVE-2020-15655) Update Instructions: Run `sudo pro fix USN-4443-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 79.0+build1-0ubuntu0.20.04.1 firefox - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 79.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 79.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 79.0+build1-0ubuntu0.20.04.1 firefox-dev - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 79.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15658 CVE-2020-15659 CVE-2020-6463 CVE-2020-6514 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4444-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.28.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.28.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.28.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.28.4-0ubuntu0.20.04.1 webkit2gtk-driver - 2.28.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.28.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.28.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.28.4-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.28.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.28.4-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, Update Instructions: Run `sudo pro fix USN-4445-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.1 ghostscript-x - 9.50~dfsg-5ubuntu4.1 libgs-dev - 9.50~dfsg-5ubuntu4.1 ghostscript-doc - 9.50~dfsg-5ubuntu4.1 libgs9 - 9.50~dfsg-5ubuntu4.1 libgs9-common - 9.50~dfsg-5ubuntu4.1 No subscription required Medium CVE-2020-15900 Ubuntu 20.04 LTS It was discovered that libssh incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-4447-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh-gcrypt-dev - 0.9.3-2ubuntu2.1 libssh-doc - 0.9.3-2ubuntu2.1 libssh-gcrypt-4 - 0.9.3-2ubuntu2.1 libssh-4 - 0.9.3-2ubuntu2.1 libssh-dev - 0.9.3-2ubuntu2.1 No subscription required Medium CVE-2020-16135 Ubuntu 20.04 LTS Ryota Shiga working with Trend Micro´s Zero Day Initiative, discovered that Apport incorrectly dropped privileges when making certain D-Bus calls. A local attacker could use this issue to read arbitrary files. (CVE-2020-11936) Seong-Joong Kim discovered that Apport incorrectly parsed configuration files. A local attacker could use this issue to cause Apport to crash, resulting in a denial of service. (CVE-2020-15701) Ryota Shiga working with Trend Micro´s Zero Day Initiative, discovered that Apport incorrectly implemented certain checks. A local attacker could use this issue to escalate privileges and run arbitrary code. (CVE-2020-15702) Update Instructions: Run `sudo pro fix USN-4449-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.6 apport-kde - 2.20.11-0ubuntu27.6 apport-retrace - 2.20.11-0ubuntu27.6 apport-valgrind - 2.20.11-0ubuntu27.6 python3-apport - 2.20.11-0ubuntu27.6 dh-apport - 2.20.11-0ubuntu27.6 apport-gtk - 2.20.11-0ubuntu27.6 apport - 2.20.11-0ubuntu27.6 apport-noui - 2.20.11-0ubuntu27.6 No subscription required Medium CVE-2020-11936 CVE-2020-15701 CVE-2020-15702 Ubuntu 20.04 LTS Seong-Joong Kim discovered that Whoopsie incorrectly handled memory. A local attacker could use this issue to cause Whoopsie to consume memory, resulting in a denial of service. (CVE-2020-11937) Seong-Joong Kim discovered that Whoopsie incorrectly handled parsing files. A local attacker could use this issue to cause Whoopsie to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12135) Seong-Joong Kim discovered that Whoopsie incorrectly handled memory. A local attacker could use this issue to cause Whoopsie to consume memory, resulting in a denial of service. (CVE-2020-15570) Update Instructions: Run `sudo pro fix USN-4450-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: whoopsie - 0.2.69ubuntu0.1 libwhoopsie0 - 0.2.69ubuntu0.1 libwhoopsie-dev - 0.2.69ubuntu0.1 No subscription required Medium CVE-2020-11937 CVE-2020-12135 CVE-2020-15570 Ubuntu 20.04 LTS Thomas Chauchefoin working with Trend Micro´s Zero Day Initiative, discovered that ppp incorrectly handled module loading. A local attacker could use this issue to load arbitrary kernel modules and possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4451-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ppp-udeb - 2.4.7-2+4.1ubuntu5.1 ppp - 2.4.7-2+4.1ubuntu5.1 ppp-dev - 2.4.7-2+4.1ubuntu5.1 No subscription required Medium CVE-2020-15704 Ubuntu 20.04 LTS Trent Shea working with Trend Micro´s Zero Day Initiative, discovered that the libvirt package set incorrect permissions on the UNIX domain socket. A local attacker could use this issue to access libvirt and escalate privileges. Update Instructions: Run `sudo pro fix USN-4452-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvirt0 - 6.0.0-0ubuntu8.3 libvirt-dev - 6.0.0-0ubuntu8.3 libnss-libvirt - 6.0.0-0ubuntu8.3 libvirt-sanlock - 6.0.0-0ubuntu8.3 libvirt-daemon-system-systemd - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-xen - 6.0.0-0ubuntu8.3 libvirt-daemon - 6.0.0-0ubuntu8.3 libvirt-wireshark - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-storage-rbd - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-qemu - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-storage-gluster - 6.0.0-0ubuntu8.3 libvirt-doc - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-vbox - 6.0.0-0ubuntu8.3 libvirt-daemon-system-sysv - 6.0.0-0ubuntu8.3 libvirt-daemon-system - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-lxc - 6.0.0-0ubuntu8.3 libvirt-clients - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-storage-zfs - 6.0.0-0ubuntu8.3 No subscription required Medium CVE-2020-15708 Ubuntu 20.04 LTS Johannes Kuhn discovered that OpenJDK 8 incorrectly handled access control contexts. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-14556) Philippe Arteau discovered that OpenJDK 8 incorrectly verified names in TLS server's X.509 certificates. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-14577) It was discovered that OpenJDK 8 incorrectly handled exceptions in DerInputStream class and in the DerValue.equals() method. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-14578, CVE-2020-14579) It was discovered that OpenJDK 8 incorrectly handled image files. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-14581) Markus Loewe discovered that OpenJDK 8 incorrectly handled concurrent access in java.nio.Buffer class. An attacker could use this issue to bypass sandbox restrictions. (CVE-2020-14583) It was discovered that OpenJDK 8 incorrectly handled transformation of images. An attacker could possibly use this issue to bypass sandbox restrictions and insert, edit or obtain sensitive information. (CVE-2020-14593) Roman Shemyakin discovered that OpenJDK 8 incorrectly handled XML files. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2020-14621) Update Instructions: Run `sudo pro fix USN-4453-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-doc - 8u265-b01-0ubuntu2~20.04 openjdk-8-jdk - 8u265-b01-0ubuntu2~20.04 openjdk-8-jre-headless - 8u265-b01-0ubuntu2~20.04 openjdk-8-jre - 8u265-b01-0ubuntu2~20.04 openjdk-8-jdk-headless - 8u265-b01-0ubuntu2~20.04 openjdk-8-source - 8u265-b01-0ubuntu2~20.04 openjdk-8-jre-zero - 8u265-b01-0ubuntu2~20.04 openjdk-8-demo - 8u265-b01-0ubuntu2~20.04 No subscription required Medium CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 Ubuntu 20.04 LTS Martin von Wittich and Wilko Meyer discovered that Samba incorrectly handled certain empty UDP packets when being used as a AD DC NBT server. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4454-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.11.6+dfsg-0ubuntu1.4 samba - 2:4.11.6+dfsg-0ubuntu1.4 libnss-winbind - 2:4.11.6+dfsg-0ubuntu1.4 libpam-winbind - 2:4.11.6+dfsg-0ubuntu1.4 libsmbclient - 2:4.11.6+dfsg-0ubuntu1.4 smbclient - 2:4.11.6+dfsg-0ubuntu1.4 winbind - 2:4.11.6+dfsg-0ubuntu1.4 samba-testsuite - 2:4.11.6+dfsg-0ubuntu1.4 python3-samba - 2:4.11.6+dfsg-0ubuntu1.4 samba-common-bin - 2:4.11.6+dfsg-0ubuntu1.4 libwbclient0 - 2:4.11.6+dfsg-0ubuntu1.4 samba-dsdb-modules - 2:4.11.6+dfsg-0ubuntu1.4 samba-dev - 2:4.11.6+dfsg-0ubuntu1.4 libsmbclient-dev - 2:4.11.6+dfsg-0ubuntu1.4 samba-vfs-modules - 2:4.11.6+dfsg-0ubuntu1.4 samba-common - 2:4.11.6+dfsg-0ubuntu1.4 registry-tools - 2:4.11.6+dfsg-0ubuntu1.4 samba-libs - 2:4.11.6+dfsg-0ubuntu1.4 ctdb - 2:4.11.6+dfsg-0ubuntu1.4 No subscription required Medium CVE-2020-14303 Ubuntu 20.04 LTS It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-12400, CVE-2020-12401, CVE-2020-6829) Update Instructions: Run `sudo pro fix USN-4455-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.4 libnss3 - 2:3.49.1-1ubuntu1.4 libnss3-tools - 2:3.49.1-1ubuntu1.4 No subscription required Medium CVE-2020-12400 CVE-2020-12401 CVE-2020-6829 Ubuntu 20.04 LTS It was discovered that Dovecot incorrectly handled deeply nested MIME parts. A remote attacker could possibly use this issue to cause Dovecot to consume resources, resulting in a denial of service. (CVE-2020-12100) It was discovered that Dovecot incorrectly handled memory when using NTLM. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. (CVE-2020-12673) It was discovered that the Dovecot RPA mechanism incorrectly handled zero-length messages. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. (CVE-2020-12674) Update Instructions: Run `sudo pro fix USN-4456-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dovecot-auth-lua - 1:2.3.7.2-1ubuntu3.2 dovecot-pgsql - 1:2.3.7.2-1ubuntu3.2 dovecot-mysql - 1:2.3.7.2-1ubuntu3.2 dovecot-sieve - 1:2.3.7.2-1ubuntu3.2 dovecot-core - 1:2.3.7.2-1ubuntu3.2 dovecot-ldap - 1:2.3.7.2-1ubuntu3.2 dovecot-sqlite - 1:2.3.7.2-1ubuntu3.2 dovecot-dev - 1:2.3.7.2-1ubuntu3.2 dovecot-pop3d - 1:2.3.7.2-1ubuntu3.2 dovecot-imapd - 1:2.3.7.2-1ubuntu3.2 dovecot-managesieved - 1:2.3.7.2-1ubuntu3.2 dovecot-lucene - 1:2.3.7.2-1ubuntu3.2 mail-stack-delivery - 1:2.3.7.2-1ubuntu3.2 dovecot-gssapi - 1:2.3.7.2-1ubuntu3.2 dovecot-solr - 1:2.3.7.2-1ubuntu3.2 dovecot-submissiond - 1:2.3.7.2-1ubuntu3.2 dovecot-lmtpd - 1:2.3.7.2-1ubuntu3.2 No subscription required Medium CVE-2020-12100 CVE-2020-12673 CVE-2020-12674 Ubuntu 20.04 LTS Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacker could possibly manipulate the screen. Update Instructions: Run `sudo pro fix USN-4457-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: software-properties-common - 0.98.9.2 software-properties-gtk - 0.98.9.2 python3-software-properties - 0.98.9.2 software-properties-qt - 0.98.9.2 No subscription required Medium CVE-2020-15709 Ubuntu 20.04 LTS Fabrice Perez discovered that the Apache mod_rewrite module incorrectly handled certain redirects. A remote attacker could possibly use this issue to perform redirects to an unexpected URL. (CVE-2020-1927) Chamal De Silva discovered that the Apache mod_proxy_ftp module incorrectly handled memory when proxying to a malicious FTP server. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2020-1934) Felix Wilhelm discovered that the HTTP/2 implementation in Apache did not properly handle certain Cache-Digest headers. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-9490) Felix Wilhelm discovered that the Apache mod_proxy_uwsgi module incorrectly handled large headers. A remote attacker could use this issue to obtain sensitive information or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-11984) Felix Wilhelm discovered that the HTTP/2 implementation in Apache did not properly handle certain logging statements. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-11993) Update Instructions: Run `sudo pro fix USN-4458-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.1 libapache2-mod-md - 2.4.41-4ubuntu3.1 apache2-utils - 2.4.41-4ubuntu3.1 apache2-dev - 2.4.41-4ubuntu3.1 apache2-suexec-pristine - 2.4.41-4ubuntu3.1 apache2-suexec-custom - 2.4.41-4ubuntu3.1 apache2 - 2.4.41-4ubuntu3.1 apache2-doc - 2.4.41-4ubuntu3.1 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.1 apache2-ssl-dev - 2.4.41-4ubuntu3.1 apache2-bin - 2.4.41-4ubuntu3.1 No subscription required Medium CVE-2020-11984 CVE-2020-11993 CVE-2020-1927 CVE-2020-1934 CVE-2020-9490 Ubuntu 20.04 LTS Dominik Penner discovered that Ark did not properly sanitize zip archive files before performing extraction. An attacker could use this to construct a malicious zip archive that, when opened, would create files outside the extraction directory. Update Instructions: Run `sudo pro fix USN-4461-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ark - 4:19.12.3-0ubuntu1.1 No subscription required Medium CVE-2020-16116 Ubuntu 20.04 LTS It was discovered that GNOME Shell incorrectly handled the login screen password dialog. Sensitive information could possibly be exposed during user logout. Update Instructions: Run `sudo pro fix USN-4464-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnome-shell - 3.36.4-1ubuntu1~20.04.2 gnome-shell-common - 3.36.4-1ubuntu1~20.04.2 gnome-shell-extension-prefs - 3.36.4-1ubuntu1~20.04.2 No subscription required Medium CVE-2020-17489 Ubuntu 20.04 LTS Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information. Update Instructions: Run `sudo pro fix USN-4466-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.2 libcurl4-openssl-dev - 7.68.0-1ubuntu2.2 libcurl3-gnutls - 7.68.0-1ubuntu2.2 libcurl4-doc - 7.68.0-1ubuntu2.2 libcurl3-nss - 7.68.0-1ubuntu2.2 libcurl4-nss-dev - 7.68.0-1ubuntu2.2 libcurl4 - 7.68.0-1ubuntu2.2 curl - 7.68.0-1ubuntu2.2 No subscription required Low CVE-2020-8231 Ubuntu 20.04 LTS Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-10756) Eric Blake and Xueqiang Wei discovered that the QEMU NDB implementation incorrectly handled certain requests. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-10761) Ziming Zhang discovered that the QEMU SM501 graphics driver incorrectly handled certain operations. An attacker inside a guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12829) It was discovered that the QEMU SD memory card implementation incorrectly handled certain memory operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13253) Ren Ding and Hanqing Zhao discovered that the QEMU ES1370 audio driver incorrectly handled certain invalid frame counts. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13361) Ren Ding and Hanqing Zhao discovered that the QEMU MegaRAID SAS SCSI driver incorrectly handled certain memory operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13362) Alexander Bulekov discovered that QEMU MegaRAID SAS SCSI driver incorrectly handled certain memory space operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13659) Ren Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko discovered that the QEMU incorrectly handled certain msi-x mmio operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13754) It was discovered that QEMU incorrectly handled certain memory copy operations when loading ROM contents. If a user were tricked into running an untrusted kernel image, a remote attacker could possibly use this issue to run arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-13765) Ren Ding, Hanqing Zhao, and Yi Ren discovered that the QEMU ATI video driver incorrectly handled certain index values. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-13800) Ziming Zhang discovered that the QEMU OSS audio driver incorrectly handled certain operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-14415) Ziming Zhang discovered that the QEMU XGMAC Ethernet controller incorrectly handled packet transmission. An attacker inside a guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-15863) Ziming Zhang discovered that the QEMU e1000e Ethernet controller incorrectly handled packet processing. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-16092) Update Instructions: Run `sudo pro fix USN-4467-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.4 qemu-system-common - 1:4.2-3ubuntu6.4 qemu-system-data - 1:4.2-3ubuntu6.4 qemu-system-s390x - 1:4.2-3ubuntu6.4 qemu-block-extra - 1:4.2-3ubuntu6.4 qemu-system-misc - 1:4.2-3ubuntu6.4 qemu-user - 1:4.2-3ubuntu6.4 qemu-system-sparc - 1:4.2-3ubuntu6.4 qemu-guest-agent - 1:4.2-3ubuntu6.4 qemu-system - 1:4.2-3ubuntu6.4 qemu-utils - 1:4.2-3ubuntu6.4 qemu-user-static - 1:4.2-3ubuntu6.4 qemu-kvm - 1:4.2-3ubuntu6.4 qemu-user-binfmt - 1:4.2-3ubuntu6.4 qemu-system-x86 - 1:4.2-3ubuntu6.4 qemu-system-arm - 1:4.2-3ubuntu6.4 qemu-system-gui - 1:4.2-3ubuntu6.4 qemu - 1:4.2-3ubuntu6.4 qemu-system-ppc - 1:4.2-3ubuntu6.4 qemu-system-mips - 1:4.2-3ubuntu6.4 qemu-system-x86-xen - 1:4.2-3ubuntu6.4 No subscription required Medium CVE-2020-10756 CVE-2020-10761 CVE-2020-12829 CVE-2020-13253 CVE-2020-13361 CVE-2020-13362 CVE-2020-13659 CVE-2020-13754 CVE-2020-13765 CVE-2020-13800 CVE-2020-14415 CVE-2020-15863 CVE-2020-16092 Ubuntu 20.04 LTS USN-4467-1 fixed vulnerabilities in QEMU. The fix for CVE-2020-13754 introduced a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Ren Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko discovered that the QEMU incorrectly handled certain msi-x mmio operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13754) Update Instructions: Run `sudo pro fix USN-4467-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-common - 1:4.2-3ubuntu6.14 qemu-system-data - 1:4.2-3ubuntu6.14 qemu-system-misc - 1:4.2-3ubuntu6.14 qemu-block-extra - 1:4.2-3ubuntu6.14 qemu-system-s390x - 1:4.2-3ubuntu6.14 qemu-user - 1:4.2-3ubuntu6.14 qemu-system-gui - 1:4.2-3ubuntu6.14 qemu-guest-agent - 1:4.2-3ubuntu6.14 qemu - 1:4.2-3ubuntu6.14 qemu-system - 1:4.2-3ubuntu6.14 qemu-utils - 1:4.2-3ubuntu6.14 qemu-user-static - 1:4.2-3ubuntu6.14 qemu-kvm - 1:4.2-3ubuntu6.14 qemu-user-binfmt - 1:4.2-3ubuntu6.14 qemu-system-x86 - 1:4.2-3ubuntu6.14 qemu-system-arm - 1:4.2-3ubuntu6.14 qemu-system-sparc - 1:4.2-3ubuntu6.14 qemu-system-x86-microvm - 1:4.2-3ubuntu6.14 qemu-system-ppc - 1:4.2-3ubuntu6.14 qemu-system-mips - 1:4.2-3ubuntu6.14 qemu-system-x86-xen - 1:4.2-3ubuntu6.14 No subscription required None https://launchpad.net/bugs/1914883 Ubuntu 20.04 LTS Emanuel Almeida discovered that Bind incorrectly handled certain TCP payloads. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-8620) Joseph Gullo discovered that Bind incorrectly handled QNAME minimization when used in certain configurations. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-8621) Dave Feldman, Jeff Warren, and Joel Cunningham discovered that Bind incorrectly handled certain truncated responses to a TSIG-signed request. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2020-8622) Lyu Chiy discovered that Bind incorrectly handled certain queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2020-8623) Joop Boonen discovered that Bind incorrectly handled certain subdomain update-policy rules. A remote attacker granted privileges to change certain parts of a zone could use this issue to change other contents of the zone, contrary to expectations. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-8624) Update Instructions: Run `sudo pro fix USN-4468-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.3 bind9-libs - 1:9.16.1-0ubuntu2.3 bind9utils - 1:9.16.1-0ubuntu2.3 bind9-doc - 1:9.16.1-0ubuntu2.3 bind9-utils - 1:9.16.1-0ubuntu2.3 bind9 - 1:9.16.1-0ubuntu2.3 bind9-dnsutils - 1:9.16.1-0ubuntu2.3 bind9-host - 1:9.16.1-0ubuntu2.3 No subscription required Medium CVE-2020-8620 CVE-2020-8621 CVE-2020-8622 CVE-2020-8623 CVE-2020-8624 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled certain document files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4469-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.2 ghostscript-x - 9.50~dfsg-5ubuntu4.2 libgs-dev - 9.50~dfsg-5ubuntu4.2 ghostscript-doc - 9.50~dfsg-5ubuntu4.2 libgs9 - 9.50~dfsg-5ubuntu4.2 libgs9-common - 9.50~dfsg-5ubuntu4.2 No subscription required Medium CVE-2020-16287 CVE-2020-16288 CVE-2020-16289 CVE-2020-16290 CVE-2020-16291 CVE-2020-16292 CVE-2020-16293 CVE-2020-16294 CVE-2020-16295 CVE-2020-16296 CVE-2020-16297 CVE-2020-16298 CVE-2020-16299 CVE-2020-16300 CVE-2020-16301 CVE-2020-16302 CVE-2020-16303 CVE-2020-16304 CVE-2020-16305 CVE-2020-16306 CVE-2020-16307 CVE-2020-16308 CVE-2020-16309 CVE-2020-16310 CVE-2020-17538 Ubuntu 20.04 LTS Kritphong Mongkhonvanit discovered that sane-backends incorrectly handled certain packets. A remote attacker could possibly use this issue to obtain sensitive memory information. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-6318) It was discovered that sane-backends incorrectly handled certain memory operations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only applied to Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-12861) It was discovered that sane-backends incorrectly handled certain memory operations. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2020-12862, CVE-2020-12863) It was discovered that sane-backends incorrectly handled certain memory operations. A remote attacker could possibly use this issue to obtain sensitive information. This issue only applied to Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-12864) It was discovered that sane-backends incorrectly handled certain memory operations. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2020-12865) It was discovered that sane-backends incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause a denial of service. This issue only applied to Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-12866) It was discovered that sane-backends incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-12867) Update Instructions: Run `sudo pro fix USN-4470-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsane - 1.0.29-0ubuntu5.1 libsane-common - 1.0.29-0ubuntu5.1 libsane1 - 1.0.29-0ubuntu5.1 sane-utils - 1.0.29-0ubuntu5.1 libsane-dev - 1.0.29-0ubuntu5.1 No subscription required Medium CVE-2017-6318 CVE-2020-12861 CVE-2020-12862 CVE-2020-12863 CVE-2020-12864 CVE-2020-12865 CVE-2020-12866 CVE-2020-12867 Ubuntu 20.04 LTS Tobias Neitzel discovered that Net-SNMP incorrectly handled certain symlinks. An attacker could possibly use this issue to access sensitive information. (CVE-2020-15861) It was discovered that Net-SNMP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-15862) Update Instructions: Run `sudo pro fix USN-4471-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: snmptrapd - 5.8+dfsg-2ubuntu2.3 libsnmp-dev - 5.8+dfsg-2ubuntu2.3 libsnmp-base - 5.8+dfsg-2ubuntu2.3 snmp - 5.8+dfsg-2ubuntu2.3 libsnmp-perl - 5.8+dfsg-2ubuntu2.3 tkmib - 5.8+dfsg-2ubuntu2.3 snmpd - 5.8+dfsg-2ubuntu2.3 libsnmp35 - 5.8+dfsg-2ubuntu2.3 No subscription required Medium CVE-2020-15861 CVE-2020-15862 Ubuntu 20.04 LTS Noah Misch discovered that PostgreSQL incorrectly handled the search_path setting when used with logical replication. A remote attacker could possibly use this issue to execute arbitrary SQL code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14349) Andres Freund discovered that PostgreSQL incorrectly handled search path elements in CREATE EXTENSION. A remote attacker could possibly use this issue to execute arbitrary SQL code. (CVE-2020-14350) Update Instructions: Run `sudo pro fix USN-4472-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.4-0ubuntu0.20.04.1 libecpg-dev - 12.4-0ubuntu0.20.04.1 libpq-dev - 12.4-0ubuntu0.20.04.1 libecpg6 - 12.4-0ubuntu0.20.04.1 libpq5 - 12.4-0ubuntu0.20.04.1 libpgtypes3 - 12.4-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.4-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.4-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.4-0ubuntu0.20.04.1 postgresql-doc-12 - 12.4-0ubuntu0.20.04.1 postgresql-12 - 12.4-0ubuntu0.20.04.1 postgresql-client-12 - 12.4-0ubuntu0.20.04.1 libecpg-compat3 - 12.4-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-14349 CVE-2020-14350 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, trick the user in to installing a malicious extension, spoof the URL bar, leak sensitive information between origins, or execute arbitrary code. (CVE-2020-15664, CVE-2020-15665, CVE-2020-15666, CVE-2020-15670) It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-12400, CVE-2020-12401, CVE-2020-6829) A data race was discovered when importing certificate information in to the trust store. An attacker could potentially exploit this to cause an unspecified impact. (CVE-2020-15668) Update Instructions: Run `sudo pro fix USN-4474-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 80.0+build2-0ubuntu0.20.04.1 firefox - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 80.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 80.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 80.0+build2-0ubuntu0.20.04.1 firefox-dev - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 80.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-12400 CVE-2020-12401 CVE-2020-15664 CVE-2020-15665 CVE-2020-15666 CVE-2020-15668 CVE-2020-15670 CVE-2020-6829 Ubuntu 20.04 LTS USN-4474-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, trick the user in to installing a malicious extension, spoof the URL bar, leak sensitive information between origins, or execute arbitrary code. (CVE-2020-15664, CVE-2020-15665, CVE-2020-15666, CVE-2020-15670) It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-12400, CVE-2020-12401, CVE-2020-6829) A data race was discovered when importing certificate information in to the trust store. An attacker could potentially exploit this to cause an unspecified impact. (CVE-2020-15668) Update Instructions: Run `sudo pro fix USN-4474-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 80.0.1+build1-0ubuntu0.20.04.1 firefox - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 80.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 80.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 80.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 80.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1893021 Ubuntu 20.04 LTS It was discovered that Chrony incorrectly handled certain symbolic links. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. Update Instructions: Run `sudo pro fix USN-4475-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: chrony - 3.5-6ubuntu6.2 No subscription required Medium CVE-2020-14367 Ubuntu 20.04 LTS It was discovered that NSS incorrectly handled some inputs. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4476-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.5 libnss3 - 2:3.49.1-1ubuntu1.5 libnss3-tools - 2:3.49.1-1ubuntu1.5 No subscription required Medium CVE-2020-12403 Ubuntu 20.04 LTS Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. (CVE-2020-15810) Régis Leroy discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request splitting attack, resulting in cache poisoning. (CVE-2020-15811) Lubos Uhliarik discovered that Squid incorrectly handled certain Cache Digest response messages sent by trusted peers. A remote attacker could possibly use this issue to cause Squid to consume resources, resulting in a denial of service. (CVE-2020-24606) Update Instructions: Run `sudo pro fix USN-4477-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.2 squidclient - 4.10-1ubuntu1.2 squid-purge - 4.10-1ubuntu1.2 squid - 4.10-1ubuntu1.2 squid-cgi - 4.10-1ubuntu1.2 No subscription required Medium CVE-2020-15810 CVE-2020-15811 CVE-2020-24606 Ubuntu 20.04 LTS USN-4478-1 fixed a vulnerability in Python-RSA. This update provides the corresponding update for Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. Original advisory details: It was discovered that Python-RSA incorrectly handled certain ciphertexts. An attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-4478-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-rsa - 4.0-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-13757 Ubuntu 20.04 LTS It was discovered that Django, when used with Python 3.7 or higher, incorrectly handled directory permissions. A local attacker could possibly use this issue to obtain sensitive information, or escalate permissions. Update Instructions: Run `sudo pro fix USN-4479-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.2 python-django-doc - 2:2.2.12-1ubuntu0.2 No subscription required Medium CVE-2020-24583 CVE-2020-24584 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4481-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 freerdp2-shadow-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.1 libfreerdp2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 freerdp2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.1 freerdp2-wayland - 2.2.0+dfsg1-0ubuntu0.20.04.1 libwinpr2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.1 libfreerdp-shadow2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 libuwac0-0 - 2.2.0+dfsg1-0ubuntu0.20.04.1 freerdp2-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.1 libwinpr2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 libwinpr-tools2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 libuwac0-dev - 2.2.0+dfsg1-0ubuntu0.20.04.1 libfreerdp-shadow-subsystem2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 libfreerdp-client2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 winpr-utils - 2.2.0+dfsg1-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-11095 CVE-2020-11096 CVE-2020-11097 CVE-2020-11098 CVE-2020-11099 CVE-2020-15103 CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 Ubuntu 20.04 LTS Fabian Vogt discovered that Ark incorrectly handled symbolic links in tar archive files. An attacker could use this to construct a malicious tar archive that, when opened, would create files outside the extraction directory. Update Instructions: Run `sudo pro fix USN-4482-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ark - 4:19.12.3-0ubuntu1.2 No subscription required Medium CVE-2020-24654 Ubuntu 20.04 LTS Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-20810) Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Pages. A local attacker with access to DAX storage could use this to gain administrative privileges. (CVE-2020-10757) It was discovered that the Linux kernel did not correctly apply Speculative Store Bypass Disable (SSBD) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10766) It was discovered that the Linux kernel did not correctly apply Indirect Branch Predictor Barrier (IBPB) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10767) It was discovered that the Linux kernel could incorrectly enable Indirect Branch Speculation after it has been disabled for a process via a prctl() call. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10768) Luca Bruno discovered that the zram module in the Linux kernel did not properly restrict unprivileged users from accessing the hot_add sysfs file. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-10781) It was discovered that the XFS file system implementation in the Linux kernel did not properly validate meta data in some circumstances. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. (CVE-2020-12655) It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. (CVE-2020-12771) It was discovered that the Virtual Terminal keyboard driver in the Linux kernel contained an integer overflow. A local attacker could possibly use this to have an unspecified impact. (CVE-2020-13974) It was discovered that the cgroup v2 subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2020-14356) Kyungtae Kim discovered that the USB testing driver in the Linux kernel did not properly deallocate memory on disconnect events. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-15393) It was discovered that the NFS server implementation in the Linux kernel did not properly honor umask settings when setting permissions while creating file system objects if the underlying file system did not support ACLs. An attacker could possibly use this to expose sensitive information or violate system integrity. (CVE-2020-24394) It was discovered that the Kerberos SUNRPC GSS implementation in the Linux kernel did not properly deallocate memory on module unload. A local privileged attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2020-12656) Update Instructions: Run `sudo pro fix USN-4483-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1016-raspi - 5.4.0-1016.17 No subscription required linux-image-5.4.0-1022-oracle - 5.4.0-1022.22 linux-image-5.4.0-1022-gcp - 5.4.0-1022.22 linux-image-5.4.0-1022-aws - 5.4.0-1022.22 No subscription required linux-image-5.4.0-1023-azure - 5.4.0-1023.23 No subscription required linux-image-5.4.0-45-generic - 5.4.0-45.49 linux-image-5.4.0-45-lowlatency - 5.4.0-45.49 linux-image-5.4.0-45-generic-lpae - 5.4.0-45.49 No subscription required linux-image-raspi - 5.4.0.1016.51 linux-image-raspi2 - 5.4.0.1016.51 linux-image-raspi-hwe-18.04-edge - 5.4.0.1016.51 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1016.51 linux-image-raspi-hwe-18.04 - 5.4.0.1016.51 linux-image-raspi2-hwe-18.04 - 5.4.0.1016.51 No subscription required linux-image-kvm - 5.4.0.1021.20 No subscription required linux-image-gke - 5.4.0.1022.20 linux-image-oracle - 5.4.0.1022.20 linux-image-gcp - 5.4.0.1022.20 No subscription required linux-image-aws - 5.4.0.1022.23 No subscription required linux-image-azure - 5.4.0.1023.22 No subscription required linux-image-oem-osp1 - 5.4.0.45.49 linux-image-generic-hwe-20.04 - 5.4.0.45.49 linux-image-generic-hwe-18.04 - 5.4.0.45.49 linux-image-generic-lpae-hwe-20.04 - 5.4.0.45.49 linux-image-generic-lpae-hwe-18.04 - 5.4.0.45.49 linux-image-virtual - 5.4.0.45.49 linux-image-lowlatency - 5.4.0.45.49 linux-image-virtual-hwe-20.04 - 5.4.0.45.49 linux-image-lowlatency-hwe-18.04 - 5.4.0.45.49 linux-image-generic - 5.4.0.45.49 linux-image-virtual-hwe-18.04 - 5.4.0.45.49 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.45.49 linux-image-oem - 5.4.0.45.49 linux-image-generic-hwe-18.04-edge - 5.4.0.45.49 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.45.49 linux-image-generic-lpae - 5.4.0.45.49 linux-image-lowlatency-hwe-20.04 - 5.4.0.45.49 linux-image-virtual-hwe-18.04-edge - 5.4.0.45.49 No subscription required Medium CVE-2019-20810 CVE-2020-10757 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-10781 CVE-2020-12655 CVE-2020-12656 CVE-2020-12771 CVE-2020-13974 CVE-2020-14356 CVE-2020-15393 CVE-2020-24394 Ubuntu 20.04 LTS Todd Carson discovered that libx11 incorrectly handled certain memory operations. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14344) Jayden Rivers discovered that libx11 incorrectly handled locales. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14363) Update Instructions: Run `sudo pro fix USN-4487-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libx11-6 - 2:1.6.9-2ubuntu1.1 libx11-data - 2:1.6.9-2ubuntu1.1 libx11-xcb-dev - 2:1.6.9-2ubuntu1.1 libx11-xcb1 - 2:1.6.9-2ubuntu1.1 libx11-doc - 2:1.6.9-2ubuntu1.1 libx11-6-udeb - 2:1.6.9-2ubuntu1.1 libx11-dev - 2:1.6.9-2ubuntu1.1 No subscription required Medium CVE-2020-14344 CVE-2020-14363 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14346) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could possibly use this issue to obtain sensitive information. (CVE-2020-14347) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSelectEvents function. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14361) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XRecordRegisterClients function. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14362) Update Instructions: Run `sudo pro fix USN-4488-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.8-2ubuntu2.3 xwayland - 2:1.20.8-2ubuntu2.3 xorg-server-source - 2:1.20.8-2ubuntu2.3 xdmx - 2:1.20.8-2ubuntu2.3 xserver-xorg-dev - 2:1.20.8-2ubuntu2.3 xvfb - 2:1.20.8-2ubuntu2.3 xnest - 2:1.20.8-2ubuntu2.3 xserver-xorg-legacy - 2:1.20.8-2ubuntu2.3 xdmx-tools - 2:1.20.8-2ubuntu2.3 xserver-xephyr - 2:1.20.8-2ubuntu2.3 xserver-xorg-core-udeb - 2:1.20.8-2ubuntu2.3 xserver-common - 2:1.20.8-2ubuntu2.3 No subscription required Medium CVE-2020-14346 CVE-2020-14347 CVE-2020-14361 CVE-2020-14362 Ubuntu 20.04 LTS Or Cohen discovered that the AF_PACKET implementation in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4489-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1018-raspi - 5.4.0-1018.20 No subscription required linux-image-5.4.0-1024-oracle - 5.4.0-1024.24 linux-image-5.4.0-1024-gcp - 5.4.0-1024.24 linux-image-5.4.0-1024-aws - 5.4.0-1024.24 No subscription required linux-image-5.4.0-1025-azure - 5.4.0-1025.25 No subscription required linux-image-5.4.0-47-generic - 5.4.0-47.51 linux-image-5.4.0-47-generic-lpae - 5.4.0-47.51 linux-image-5.4.0-47-lowlatency - 5.4.0-47.51 No subscription required linux-image-raspi - 5.4.0.1018.53 linux-image-raspi2 - 5.4.0.1018.53 linux-image-raspi-hwe-18.04-edge - 5.4.0.1018.53 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1018.53 linux-image-raspi-hwe-18.04 - 5.4.0.1018.53 linux-image-raspi2-hwe-18.04 - 5.4.0.1018.53 No subscription required linux-image-kvm - 5.4.0.1023.21 No subscription required linux-image-oracle - 5.4.0.1024.21 linux-image-gke - 5.4.0.1024.21 linux-image-gcp - 5.4.0.1024.21 No subscription required linux-image-aws - 5.4.0.1024.25 No subscription required linux-image-azure - 5.4.0.1025.24 No subscription required linux-image-oem-osp1 - 5.4.0.47.50 linux-image-generic-hwe-20.04 - 5.4.0.47.50 linux-image-generic-hwe-18.04 - 5.4.0.47.50 linux-image-generic-lpae-hwe-20.04 - 5.4.0.47.50 linux-image-generic-lpae-hwe-18.04 - 5.4.0.47.50 linux-image-virtual - 5.4.0.47.50 linux-image-lowlatency-hwe-18.04 - 5.4.0.47.50 linux-image-generic - 5.4.0.47.50 linux-image-virtual-hwe-18.04 - 5.4.0.47.50 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.47.50 linux-image-oem - 5.4.0.47.50 linux-image-generic-hwe-18.04-edge - 5.4.0.47.50 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.47.50 linux-image-virtual-hwe-20.04 - 5.4.0.47.50 linux-image-generic-lpae - 5.4.0.47.50 linux-image-lowlatency - 5.4.0.47.50 linux-image-lowlatency-hwe-20.04 - 5.4.0.47.50 linux-image-virtual-hwe-18.04-edge - 5.4.0.47.50 No subscription required High CVE-2020-14386 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSetNames function. A local attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-4490-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.8-2ubuntu2.4 xwayland - 2:1.20.8-2ubuntu2.4 xorg-server-source - 2:1.20.8-2ubuntu2.4 xdmx - 2:1.20.8-2ubuntu2.4 xserver-xorg-dev - 2:1.20.8-2ubuntu2.4 xvfb - 2:1.20.8-2ubuntu2.4 xnest - 2:1.20.8-2ubuntu2.4 xserver-xorg-legacy - 2:1.20.8-2ubuntu2.4 xserver-common - 2:1.20.8-2ubuntu2.4 xserver-xephyr - 2:1.20.8-2ubuntu2.4 xserver-xorg-core-udeb - 2:1.20.8-2ubuntu2.4 xdmx-tools - 2:1.20.8-2ubuntu2.4 No subscription required Medium CVE-2020-14345 Ubuntu 20.04 LTS It was discovered that GnuTLS incorrectly handled certain alerts when being used with TLS 1.3 servers. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4491-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgnutls30 - 3.6.13-2ubuntu1.3 libgnutls28-dev - 3.6.13-2ubuntu1.3 libgnutlsxx28 - 3.6.13-2ubuntu1.3 gnutls-doc - 3.6.13-2ubuntu1.3 libgnutls-dane0 - 3.6.13-2ubuntu1.3 gnutls-bin - 3.6.13-2ubuntu1.3 guile-gnutls - 3.6.13-2ubuntu1.3 libgnutls-openssl27 - 3.6.13-2ubuntu1.3 No subscription required Medium CVE-2020-24659 Ubuntu 20.04 LTS It was discovered that cryptsetup incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4493-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cryptsetup - 2:2.2.2-3ubuntu2.2 libcryptsetup12-udeb - 2:2.2.2-3ubuntu2.2 cryptsetup-run - 2:2.2.2-3ubuntu2.2 libcryptsetup12 - 2:2.2.2-3ubuntu2.2 libcryptsetup-dev - 2:2.2.2-3ubuntu2.2 cryptsetup-udeb - 2:2.2.2-3ubuntu2.2 cryptsetup-bin - 2:2.2.2-3ubuntu2.2 cryptsetup-initramfs - 2:2.2.2-3ubuntu2.2 No subscription required Medium CVE-2020-14382 Ubuntu 20.04 LTS It was discovered that GUPnP incorrectly handled certain subscription requests. A remote attacker could possibly use this issue to exfiltrate data or use GUPnP to perform DDoS attacks. Update Instructions: Run `sudo pro fix USN-4494-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gupnp-1.2 - 1.2.3-0ubuntu0.20.04.1 libgupnp-doc - 1.2.3-0ubuntu0.20.04.1 libgupnp-1.2-dev - 1.2.3-0ubuntu0.20.04.1 libgupnp-1.2-0 - 1.2.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-12695 Ubuntu 20.04 LTS It was discovered that websocket-extensions does not properly parse special headers. A remote attacker could use this issue to cause regex backtracking, resulting in a denial of service. (CVE-2020-7663) Update Instructions: Run `sudo pro fix USN-4502-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-websocket-extensions - 0.1.2-1+deb9u1build0.20.04.1 No subscription required Medium CVE-2020-7663 Ubuntu 20.04 LTS It was discovered that StoreBackup did not properly manage lock files. A local attacker could use this issue to cause a denial of service or escalate privileges and run arbitrary code. (CVE-2020-7040) Update Instructions: Run `sudo pro fix USN-4508-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: storebackup - 3.2.1-1+deb8u1build0.20.04.1 No subscription required Medium CVE-2020-7040 Ubuntu 20.04 LTS Ziming Zhang, Xiao Wei, Gonglei Arei, and Yanyu Zhang discovered that QEMU incorrectly handled certain USB packets. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. Update Instructions: Run `sudo pro fix USN-4511-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.6 qemu-system-common - 1:4.2-3ubuntu6.6 qemu-system-data - 1:4.2-3ubuntu6.6 qemu-system-s390x - 1:4.2-3ubuntu6.6 qemu-block-extra - 1:4.2-3ubuntu6.6 qemu-system-misc - 1:4.2-3ubuntu6.6 qemu-user - 1:4.2-3ubuntu6.6 qemu-system-sparc - 1:4.2-3ubuntu6.6 qemu-guest-agent - 1:4.2-3ubuntu6.6 qemu-system - 1:4.2-3ubuntu6.6 qemu-utils - 1:4.2-3ubuntu6.6 qemu-user-static - 1:4.2-3ubuntu6.6 qemu-kvm - 1:4.2-3ubuntu6.6 qemu-user-binfmt - 1:4.2-3ubuntu6.6 qemu-system-x86 - 1:4.2-3ubuntu6.6 qemu-system-arm - 1:4.2-3ubuntu6.6 qemu-system-gui - 1:4.2-3ubuntu6.6 qemu - 1:4.2-3ubuntu6.6 qemu-system-ppc - 1:4.2-3ubuntu6.6 qemu-system-mips - 1:4.2-3ubuntu6.6 qemu-system-x86-xen - 1:4.2-3ubuntu6.6 No subscription required Medium CVE-2020-14364 Ubuntu 20.04 LTS It was discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-4514-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libproxy-cil-dev - 0.4.15-10ubuntu1.1 libproxy1v5 - 0.4.15-10ubuntu1.1 libproxy0.4-cil - 0.4.15-10ubuntu1.1 libproxy1-plugin-gsettings - 0.4.15-10ubuntu1.1 libproxy-dev - 0.4.15-10ubuntu1.1 python3-libproxy - 0.4.15-10ubuntu1.1 libproxy1-plugin-webkit - 0.4.15-10ubuntu1.1 libproxy1-plugin-kconfig - 0.4.15-10ubuntu1.1 libproxy1-plugin-mozjs - 0.4.15-10ubuntu1.1 libproxy1-plugin-networkmanager - 0.4.15-10ubuntu1.1 libproxy-tools - 0.4.15-10ubuntu1.1 No subscription required Medium CVE-2020-25219 Ubuntu 20.04 LTS It was discovered that pam_tacplus did not properly manage shared secrets if DEBUG loglevel and journald are used. A remote attacker could use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4521-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpam-tacplus - 1.3.8-2+deb8u1build0.20.04.1 No subscription required Low CVE-2020-13881 Ubuntu 20.04 LTS It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-18808) It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19054) It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12888) It was discovered that the state of network RNG in the Linux kernel was potentially observable. A remote attacker could use this to expose sensitive information. (CVE-2020-16166) It was discovered that the NFS client implementation in the Linux kernel did not properly perform bounds checking before copying security labels in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25212) Update Instructions: Run `sudo pro fix USN-4525-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1019-raspi - 5.4.0-1019.21 No subscription required linux-image-5.4.0-1024-kvm - 5.4.0-1024.24 No subscription required linux-image-5.4.0-1025-oracle - 5.4.0-1025.25 linux-image-5.4.0-1025-gcp - 5.4.0-1025.25 linux-image-5.4.0-1025-aws - 5.4.0-1025.25 No subscription required linux-image-5.4.0-1026-azure - 5.4.0-1026.26 No subscription required linux-image-5.4.0-48-generic-lpae - 5.4.0-48.52 linux-image-5.4.0-48-generic - 5.4.0-48.52 linux-image-5.4.0-48-lowlatency - 5.4.0-48.52 No subscription required linux-image-raspi - 5.4.0.1019.54 linux-image-raspi2 - 5.4.0.1019.54 linux-image-raspi-hwe-18.04-edge - 5.4.0.1019.54 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1019.54 linux-image-raspi-hwe-18.04 - 5.4.0.1019.54 linux-image-raspi2-hwe-18.04 - 5.4.0.1019.54 No subscription required linux-image-kvm - 5.4.0.1024.22 No subscription required linux-image-gke - 5.4.0.1025.22 linux-image-oracle - 5.4.0.1025.22 linux-image-gcp - 5.4.0.1025.22 No subscription required linux-image-aws - 5.4.0.1025.26 No subscription required linux-image-azure - 5.4.0.1026.25 No subscription required linux-image-oem-osp1 - 5.4.0.48.51 linux-image-generic-hwe-20.04 - 5.4.0.48.51 linux-image-generic-hwe-18.04 - 5.4.0.48.51 linux-image-generic-lpae-hwe-20.04 - 5.4.0.48.51 linux-image-generic-lpae-hwe-18.04 - 5.4.0.48.51 linux-image-virtual - 5.4.0.48.51 linux-image-lowlatency-hwe-18.04 - 5.4.0.48.51 linux-image-generic - 5.4.0.48.51 linux-image-virtual-hwe-18.04 - 5.4.0.48.51 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.48.51 linux-image-oem - 5.4.0.48.51 linux-image-generic-hwe-18.04-edge - 5.4.0.48.51 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.48.51 linux-image-virtual-hwe-20.04 - 5.4.0.48.51 linux-image-generic-lpae - 5.4.0.48.51 linux-image-lowlatency - 5.4.0.48.51 linux-image-lowlatency-hwe-20.04 - 5.4.0.48.51 linux-image-virtual-hwe-18.04-edge - 5.4.0.48.51 No subscription required Medium CVE-2019-18808 CVE-2019-19054 CVE-2020-12888 CVE-2020-16166 CVE-2020-25212 Ubuntu 20.04 LTS It was discovered that the BusyBox wget applet incorrectly validated SSL certificates. A remote attacker could possibly use this issue to intercept secure communications. Update Instructions: Run `sudo pro fix USN-4531-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: busybox - 1:1.30.1-4ubuntu6.2 udhcpc - 1:1.30.1-4ubuntu6.2 busybox-syslogd - 1:1.30.1-4ubuntu6.2 udhcpd - 1:1.30.1-4ubuntu6.2 busybox-initramfs - 1:1.30.1-4ubuntu6.2 busybox-udeb - 1:1.30.1-4ubuntu6.2 busybox-static - 1:1.30.1-4ubuntu6.2 No subscription required Medium CVE-2018-1000500 Ubuntu 20.04 LTS Veeti Veteläinen discovered that the LTSP Display Manager (ldm) incorrectly handled user logins from unsupported shells. A local attacker could possibly use this issue to gain root privileges. (CVE-2019-20373) Update Instructions: Run `sudo pro fix USN-4533-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ldm-server - 2:2.18.06-1+deb10u1build0.20.04.1 ldm - 2:2.18.06-1+deb10u1build0.20.04.1 No subscription required None https://launchpad.net/bugs/1839431 Ubuntu 20.04 LTS Vaisha Bernard discovered that Aptdaemon incorrectly handled the Locale property. A local attacker could use this issue to test for the presence of local files. Update Instructions: Run `sudo pro fix USN-4537-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aptdaemon - 1.1.1+bzr982-0ubuntu32.2 python3-aptdaemon.gtk3widgets - 1.1.1+bzr982-0ubuntu32.2 aptdaemon-data - 1.1.1+bzr982-0ubuntu32.2 python3-aptdaemon.test - 1.1.1+bzr982-0ubuntu32.2 python3-aptdaemon - 1.1.1+bzr982-0ubuntu32.2 No subscription required Medium CVE-2020-15703 Ubuntu 20.04 LTS Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the MIME type of any file on the system. (CVE-2020-16121) Sami Niemimäki discovered that PackageKit incorrectly handled local deb packages. A local user could possibly use this issue to install untrusted packages, contrary to expectations. (CVE-2020-16122) Update Instructions: Run `sudo pro fix USN-4538-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: packagekit-docs - 1.1.13-2ubuntu1.1 libpackagekit-glib2-dev - 1.1.13-2ubuntu1.1 packagekit - 1.1.13-2ubuntu1.1 packagekit-tools - 1.1.13-2ubuntu1.1 libpackagekit-glib2-18 - 1.1.13-2ubuntu1.1 packagekit-command-not-found - 1.1.13-2ubuntu1.1 packagekit-gtk3-module - 1.1.13-2ubuntu1.1 gir1.2-packagekitglib-1.0 - 1.1.13-2ubuntu1.1 gstreamer1.0-packagekit - 1.1.13-2ubuntu1.1 No subscription required Medium CVE-2020-16121 CVE-2020-16122 Ubuntu 20.04 LTS Andrew Bartlett discovered that DAViCal Andrew's Web Libraries (AWL) did not properly manage session keys. An attacker could possibly use this issue to impersonate a session. (CVE-2020-11728) Update Instructions: Run `sudo pro fix USN-4539-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libawl-php - 0.60-1+deb10u1ubuntu1 awl-doc - 0.60-1+deb10u1ubuntu1 No subscription required Medium CVE-2020-11728 Ubuntu 20.04 LTS Michał Bentkowski discovered that Sanitize did not properly sanitize some math or svg HTML under certain circumstances. A remote attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2020-4054) Update Instructions: Run `sudo pro fix USN-4543-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-sanitize - 4.6.6-2.1~0.20.04.1 No subscription required Medium CVE-2020-4054 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting (XSS) attacks, spoof the site displayed in the download dialog, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4546-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 81.0+build2-0ubuntu0.20.04.1 firefox - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 81.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 81.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 81.0+build2-0ubuntu0.20.04.1 firefox-dev - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 81.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-15673 CVE-2020-15674 CVE-2020-15675 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 Ubuntu 20.04 LTS USN-4546-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting (XSS) attacks, spoof the site displayed in the download dialog, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4546-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 81.0.2+build1-0ubuntu0.20.04.1 firefox - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 81.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 81.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 81.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 81.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1900032 Ubuntu 20.04 LTS It was discovered that libuv incorrectly handled certain paths. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4548-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libuv1-dev - 1.34.2-1ubuntu1.1 libuv1 - 1.34.2-1ubuntu1.1 No subscription required Medium CVE-2020-8252 Ubuntu 20.04 LTS It was discovered that ImageMagick incorrectly handled certain specially crafted image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or other unspecified impact. (CVE-2019-19948, CVE-2019-19949) Update Instructions: Run `sudo pro fix USN-4549-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 No subscription required Low CVE-2019-19948 CVE-2019-19949 Ubuntu 20.04 LTS Ryan Hall discovered that DPDK incorrectly handled vhost crypto. An attacker inside a guest could use these issues to perform multiple attacks, including denial of service attacks, obtaining sensitive information from the host, and possibly executing arbitrary code on the host. Update Instructions: Run `sudo pro fix USN-4550-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librte-pmd-octeontx-crypto20.0 - 19.11.3-0ubuntu0.2 librte-pmd-memif20.0 - 19.11.3-0ubuntu0.2 dpdk-igb-uio-dkms - 19.11.3-0ubuntu0.2 librte-pmd-iavf20.0 - 19.11.3-0ubuntu0.2 librte-pmd-enic20.0 - 19.11.3-0ubuntu0.2 librte-pmd-af-packet20.0 - 19.11.3-0ubuntu0.2 librte-pmd-netvsc20.0 - 19.11.3-0ubuntu0.2 librte-pmd-octeontx2-event20.0 - 19.11.3-0ubuntu0.2 librte-bus-ifpga20.0 - 19.11.3-0ubuntu0.2 librte-mempool-dpaa2-20.0 - 19.11.3-0ubuntu0.2 librte-stack0.200 - 19.11.3-0ubuntu0.2 librte-pmd-e1000-20.0 - 19.11.3-0ubuntu0.2 librte-pmd-dpaa2-20.0 - 19.11.3-0ubuntu0.2 librte-pmd-bbdev-null20.0 - 19.11.3-0ubuntu0.2 librte-pipeline20.0 - 19.11.3-0ubuntu0.2 librte-sched20.0 - 19.11.3-0ubuntu0.2 librte-distributor20.0 - 19.11.3-0ubuntu0.2 librte-efd20.0 - 19.11.3-0ubuntu0.2 librte-pmd-ark20.0 - 19.11.3-0ubuntu0.2 librte-gro20.0 - 19.11.3-0ubuntu0.2 librte-pmd-dpaa20.0 - 19.11.3-0ubuntu0.2 librte-pmd-sfc20.0 - 19.11.3-0ubuntu0.2 librte-pmd-failsafe20.0 - 19.11.3-0ubuntu0.2 librte-pmd-pcap20.0 - 19.11.3-0ubuntu0.2 librte-rawdev20.0 - 19.11.3-0ubuntu0.2 librte-meter20.0 - 19.11.3-0ubuntu0.2 librte-hash20.0 - 19.11.3-0ubuntu0.2 librte-ring20.0 - 19.11.3-0ubuntu0.2 librte-mempool-octeontx20.0 - 19.11.3-0ubuntu0.2 librte-telemetry0.200 - 19.11.3-0ubuntu0.2 librte-rawdev-skeleton20.0 - 19.11.3-0ubuntu0.2 librte-pmd-bond20.0 - 19.11.3-0ubuntu0.2 librte-pmd-hinic20.0 - 19.11.3-0ubuntu0.2 librte-pmd-skeleton-event20.0 - 19.11.3-0ubuntu0.2 librte-pmd-mlx5-20.0 - 19.11.3-0ubuntu0.2 librte-pmd-octeontx20.0 - 19.11.3-0ubuntu0.2 librte-rawdev-dpaa2-cmdif20.0 - 19.11.3-0ubuntu0.2 librte-pmd-fm10k20.0 - 19.11.3-0ubuntu0.2 librte-cryptodev20.0 - 19.11.3-0ubuntu0.2 librte-pmd-i40e20.0 - 19.11.3-0ubuntu0.2 librte-cmdline20.0 - 19.11.3-0ubuntu0.2 librte-jobstats20.0 - 19.11.3-0ubuntu0.2 dpdk-dev - 19.11.3-0ubuntu0.2 librte-pmd-ccp20.0 - 19.11.3-0ubuntu0.2 librte-pmd-atlantic20.0 - 19.11.3-0ubuntu0.2 librte-pmd-sw-event20.0 - 19.11.3-0ubuntu0.2 librte-ip-frag20.0 - 19.11.3-0ubuntu0.2 librte-pmd-isal20.0 - 19.11.3-0ubuntu0.2 librte-pmd-dsw-event20.0 - 19.11.3-0ubuntu0.2 librte-pmd-nitrox20.0 - 19.11.3-0ubuntu0.2 librte-pmd-kni20.0 - 19.11.3-0ubuntu0.2 librte-mempool-bucket20.0 - 19.11.3-0ubuntu0.2 librte-pmd-dpaa2-event20.0 - 19.11.3-0ubuntu0.2 librte-gso20.0 - 19.11.3-0ubuntu0.2 librte-pmd-vdev-netvsc20.0 - 19.11.3-0ubuntu0.2 librte-pmd-openssl20.0 - 19.11.3-0ubuntu0.2 librte-pmd-bnx2x20.0 - 19.11.3-0ubuntu0.2 librte-pmd-octeontx-compress20.0 - 19.11.3-0ubuntu0.2 librte-rawdev-ioat20.0 - 19.11.3-0ubuntu0.2 librte-mempool-dpaa20.0 - 19.11.3-0ubuntu0.2 librte-latencystats20.0 - 19.11.3-0ubuntu0.2 librte-mempool-octeontx2-20.0 - 19.11.3-0ubuntu0.2 librte-kvargs20.0 - 19.11.3-0ubuntu0.2 librte-bus-fslmc20.0 - 19.11.3-0ubuntu0.2 librte-pmd-avp20.0 - 19.11.3-0ubuntu0.2 librte-pdump20.0 - 19.11.3-0ubuntu0.2 librte-metrics20.0 - 19.11.3-0ubuntu0.2 librte-bbdev0.200 - 19.11.3-0ubuntu0.2 librte-pmd-dpaa-sec20.0 - 19.11.3-0ubuntu0.2 librte-bus-vmbus20.0 - 19.11.3-0ubuntu0.2 librte-pmd-bnxt20.0 - 19.11.3-0ubuntu0.2 librte-timer20.0 - 19.11.3-0ubuntu0.2 librte-cfgfile20.0 - 19.11.3-0ubuntu0.2 librte-rcu0.200 - 19.11.3-0ubuntu0.2 librte-pmd-qat20.0 - 19.11.3-0ubuntu0.2 librte-mempool20.0 - 19.11.3-0ubuntu0.2 libdpdk-dev - 19.11.3-0ubuntu0.2 librte-pmd-null20.0 - 19.11.3-0ubuntu0.2 librte-pmd-virtio20.0 - 19.11.3-0ubuntu0.2 librte-pmd-axgbe20.0 - 19.11.3-0ubuntu0.2 librte-port20.0 - 19.11.3-0ubuntu0.2 librte-pmd-aesni-mb20.0 - 19.11.3-0ubuntu0.2 librte-rawdev-ntb20.0 - 19.11.3-0ubuntu0.2 librte-pmd-softnic20.0 - 19.11.3-0ubuntu0.2 dpdk-doc - 19.11.3-0ubuntu0.2 librte-pmd-mlx4-20.0 - 19.11.3-0ubuntu0.2 librte-net20.0 - 19.11.3-0ubuntu0.2 librte-pmd-bbdev-fpga-lte-fec20.0 - 19.11.3-0ubuntu0.2 librte-pmd-null-crypto20.0 - 19.11.3-0ubuntu0.2 librte-pmd-ena20.0 - 19.11.3-0ubuntu0.2 librte-pmd-ice20.0 - 19.11.3-0ubuntu0.2 librte-common-dpaax20.0 - 19.11.3-0ubuntu0.2 librte-member20.0 - 19.11.3-0ubuntu0.2 librte-bus-pci20.0 - 19.11.3-0ubuntu0.2 librte-kni20.0 - 19.11.3-0ubuntu0.2 librte-pmd-thunderx20.0 - 19.11.3-0ubuntu0.2 librte-common-octeontx20.0 - 19.11.3-0ubuntu0.2 dpdk - 19.11.3-0ubuntu0.2 librte-pmd-ifc20.0 - 19.11.3-0ubuntu0.2 librte-pmd-opdl-event20.0 - 19.11.3-0ubuntu0.2 librte-pci20.0 - 19.11.3-0ubuntu0.2 librte-eal20.0 - 19.11.3-0ubuntu0.2 librte-pmd-bbdev-turbo-sw20.0 - 19.11.3-0ubuntu0.2 librte-ethdev20.0 - 19.11.3-0ubuntu0.2 librte-table20.0 - 19.11.3-0ubuntu0.2 librte-pmd-hns3-20.0 - 19.11.3-0ubuntu0.2 librte-ipsec0.200 - 19.11.3-0ubuntu0.2 librte-pmd-zlib20.0 - 19.11.3-0ubuntu0.2 librte-bitratestats20.0 - 19.11.3-0ubuntu0.2 librte-pmd-dpaa2-sec20.0 - 19.11.3-0ubuntu0.2 librte-pmd-caam-jr20.0 - 19.11.3-0ubuntu0.2 librte-rawdev-octeontx2-dma20.0 - 19.11.3-0ubuntu0.2 librte-mbuf20.0 - 19.11.3-0ubuntu0.2 librte-pmd-octeontx-event20.0 - 19.11.3-0ubuntu0.2 librte-mempool-stack20.0 - 19.11.3-0ubuntu0.2 librte-power20.0 - 19.11.3-0ubuntu0.2 librte-pmd-liquidio20.0 - 19.11.3-0ubuntu0.2 librte-vhost20.0 - 19.11.3-0ubuntu0.2 librte-pmd-vhost20.0 - 19.11.3-0ubuntu0.2 librte-pmd-virtio-crypto20.0 - 19.11.3-0ubuntu0.2 librte-reorder20.0 - 19.11.3-0ubuntu0.2 librte-pmd-qede20.0 - 19.11.3-0ubuntu0.2 librte-pmd-pfe20.0 - 19.11.3-0ubuntu0.2 librte-flow-classify0.200 - 19.11.3-0ubuntu0.2 librte-rib0.200 - 19.11.3-0ubuntu0.2 librte-pmd-octeontx2-20.0 - 19.11.3-0ubuntu0.2 librte-pmd-cxgbe20.0 - 19.11.3-0ubuntu0.2 librte-mempool-ring20.0 - 19.11.3-0ubuntu0.2 librte-acl20.0 - 19.11.3-0ubuntu0.2 librte-common-cpt20.0 - 19.11.3-0ubuntu0.2 librte-pmd-aesni-gcm20.0 - 19.11.3-0ubuntu0.2 librte-rawdev-dpaa2-qdma20.0 - 19.11.3-0ubuntu0.2 librte-lpm20.0 - 19.11.3-0ubuntu0.2 librte-pmd-tap20.0 - 19.11.3-0ubuntu0.2 librte-eventdev20.0 - 19.11.3-0ubuntu0.2 librte-pmd-nfp20.0 - 19.11.3-0ubuntu0.2 librte-bus-dpaa20.0 - 19.11.3-0ubuntu0.2 librte-pmd-ring20.0 - 19.11.3-0ubuntu0.2 librte-bus-vdev20.0 - 19.11.3-0ubuntu0.2 librte-common-octeontx2-20.0 - 19.11.3-0ubuntu0.2 librte-pmd-ixgbe20.0 - 19.11.3-0ubuntu0.2 librte-pmd-vmxnet3-20.0 - 19.11.3-0ubuntu0.2 librte-pmd-crypto-scheduler20.0 - 19.11.3-0ubuntu0.2 librte-pmd-enetc20.0 - 19.11.3-0ubuntu0.2 librte-pmd-dpaa-event20.0 - 19.11.3-0ubuntu0.2 librte-pmd-octeontx2-crypto20.0 - 19.11.3-0ubuntu0.2 librte-security20.0 - 19.11.3-0ubuntu0.2 librte-compressdev0.200 - 19.11.3-0ubuntu0.2 librte-fib0.200 - 19.11.3-0ubuntu0.2 librte-bpf0.200 - 19.11.3-0ubuntu0.2 No subscription required Medium CVE-2020-14374 CVE-2020-14375 CVE-2020-14376 CVE-2020-14377 CVE-2020-14378 Ubuntu 20.04 LTS It was discovered that Teeworlds server did not properly handler certain network traffic. A remote, unauthenticated attacker could use this vulnerability to cause Teeworlds server to crash. Update Instructions: Run `sudo pro fix USN-4553-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: teeworlds-data - 0.7.2-5ubuntu1.1 teeworlds-server - 0.7.2-5ubuntu1.1 teeworlds - 0.7.2-5ubuntu1.1 No subscription required Medium CVE-2020-12066 Ubuntu 20.04 LTS It was discovered that netqmail did not properly handle certain input. Both remote and local attackers could use this vulnerability to cause netqmail to crash or execute arbitrary code. (CVE-2005-1513, CVE-2005-1514, CVE-2005-1515) It was discovered that netqmail did not properly handle certain input when validating email addresses. An attacker could use this to bypass email address validation. (CVE-2020-3811) It was discovered that netqmail did not properly handle certain input when validating email addresses. An attacker could use this vulnerability to cause netqmail to disclose sensitive information. (CVE-2020-3812) Update Instructions: Run `sudo pro fix USN-4556-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qmail - 1.06-6.2~deb10u1build0.20.04.1 qmail-uids-gids - 1.06-6.2~deb10u1build0.20.04.1 No subscription required Medium CVE-2005-1513 CVE-2005-1514 CVE-2005-1515 CVE-2020-3811 CVE-2020-3812 Ubuntu 20.04 LTS Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. While a previous security update fixed the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which forced a secure netlogon channel, this update provides additional improvements. For compatibility reasons with older devices, Samba now allows specifying an insecure netlogon configuration per machine. See the following link for examples: https://www.samba.org/samba/security/CVE-2020-1472.html In addition, this update adds additional server checks for the protocol attack in the client-specified challenge to provide some protection when 'server schannel = no/auto' and avoid the false-positive results when running the proof-of-concept exploit. Update Instructions: Run `sudo pro fix USN-4559-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.11.6+dfsg-0ubuntu1.5 samba - 2:4.11.6+dfsg-0ubuntu1.5 libnss-winbind - 2:4.11.6+dfsg-0ubuntu1.5 libpam-winbind - 2:4.11.6+dfsg-0ubuntu1.5 libsmbclient - 2:4.11.6+dfsg-0ubuntu1.5 smbclient - 2:4.11.6+dfsg-0ubuntu1.5 winbind - 2:4.11.6+dfsg-0ubuntu1.5 samba-testsuite - 2:4.11.6+dfsg-0ubuntu1.5 python3-samba - 2:4.11.6+dfsg-0ubuntu1.5 samba-common-bin - 2:4.11.6+dfsg-0ubuntu1.5 libwbclient0 - 2:4.11.6+dfsg-0ubuntu1.5 samba-dsdb-modules - 2:4.11.6+dfsg-0ubuntu1.5 samba-dev - 2:4.11.6+dfsg-0ubuntu1.5 libsmbclient-dev - 2:4.11.6+dfsg-0ubuntu1.5 samba-vfs-modules - 2:4.11.6+dfsg-0ubuntu1.5 samba-common - 2:4.11.6+dfsg-0ubuntu1.5 registry-tools - 2:4.11.6+dfsg-0ubuntu1.5 samba-libs - 2:4.11.6+dfsg-0ubuntu1.5 ctdb - 2:4.11.6+dfsg-0ubuntu1.5 No subscription required Medium CVE-2020-1472 Ubuntu 20.04 LTS USN-4561-1 fixed vulnerabilities in Rack. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10. Original advisory details: It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-8161) It was discovered that Rack incorrectly validated cookies. An attacker could possibly use this issue to forge a secure cookie. (CVE-2020-8184) Update Instructions: Run `sudo pro fix USN-4561-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rack - 2.0.7-2ubuntu0.1 No subscription required Medium CVE-2020-8161 CVE-2020-8184 Ubuntu 20.04 LTS It was discovered that kramdown insecurely handled certain crafted input. An attacker could use this vulnerability to read restricted files or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4562-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: kramdown - 1.17.0-4ubuntu0.1 ruby-kramdown - 1.17.0-4ubuntu0.1 No subscription required Medium CVE-2020-14001 Ubuntu 20.04 LTS USN-4563-1 fixed a vulnerability in NTP. This update provides the corresponding update for Ubuntu 20.04 LTS and Ubuntu 20.10. Original advisory details: It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cause a denial of service (crash). Update Instructions: Run `sudo pro fix USN-4563-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ntp - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1 sntp - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1 ntp-doc - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1 ntpdate - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1 No subscription required Medium CVE-2019-8936 Ubuntu 20.04 LTS It was discovered that Brotli incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. Update Instructions: Run `sudo pro fix USN-4568-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbrotli1 - 1.0.7-6ubuntu0.1 python3-brotli - 1.0.7-6ubuntu0.1 brotli - 1.0.7-6ubuntu0.1 libbrotli-dev - 1.0.7-6ubuntu0.1 No subscription required Medium CVE-2020-8927 Ubuntu 20.04 LTS It was discovered that urllib3 incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection. Update Instructions: Run `sudo pro fix USN-4570-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-urllib3 - 1.25.8-2ubuntu0.1 No subscription required Medium CVE-2020-26137 Ubuntu 20.04 LTS Frediano Ziglio discovered that Spice incorrectly handled QUIC image decoding. A remote attacker could use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4572-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libspice-server1 - 0.14.2-4ubuntu3.1 libspice-server-dev - 0.14.2-4ubuntu3.1 No subscription required Medium CVE-2020-14355 Ubuntu 20.04 LTS Nicolas Ruff discovered that Vino incorrectly handled large ClientCutText messages. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. (CVE-2014-6053) It was discovered that Vino incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code. (CVE-2018-7225) Pavel Cheremushkin discovered that an information disclosure vulnerability existed in Vino when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. (CVE-2019-15681) It was discovered that Vino incorrectly handled region clipping. A remote attacker could possibly use this issue to cause Vino to crash, resulting in a denial of service. (CVE-2020-14397) It was discovered that Vino incorrectly handled encodings. A remote attacker could use this issue to cause Vino to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-14402, CVE-2020-14403, CVE-2020-14404) Update Instructions: Run `sudo pro fix USN-4573-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vino - 3.22.0-5ubuntu2.1 No subscription required Medium CVE-2014-6053 CVE-2018-7225 CVE-2019-15681 CVE-2020-14397 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 Ubuntu 20.04 LTS Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-16119) Jay Shin discovered that the ext4 file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-14314) David Alan Gilbert discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation in some circumstances. A local attacker could use this to cause a denial of service. (CVE-2020-14385) Giuseppe Scrivano discovered that the overlay file system in the Linux kernel did not properly perform permission checks in some situations. A local attacker could possibly use this to bypass intended restrictions and gain read access to restricted files. (CVE-2020-16120) It was discovered that a race condition existed in the hugetlb sysctl implementation in the Linux kernel. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2020-25285) It was discovered that the block layer subsystem in the Linux kernel did not properly handle zero-length requests. A local attacker could use this to cause a denial of service. (CVE-2020-25641) Update Instructions: Run `sudo pro fix USN-4576-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1021-raspi - 5.4.0-1021.24 No subscription required linux-image-5.4.0-1026-kvm - 5.4.0-1026.27 No subscription required linux-image-5.4.0-1028-oracle - 5.4.0-1028.29 linux-image-5.4.0-1028-aws - 5.4.0-1028.29 linux-image-5.4.0-1028-gcp - 5.4.0-1028.29 No subscription required linux-image-5.4.0-1031-azure - 5.4.0-1031.32 No subscription required linux-image-5.4.0-51-lowlatency - 5.4.0-51.56 linux-image-5.4.0-51-generic-lpae - 5.4.0-51.56 linux-image-5.4.0-51-generic - 5.4.0-51.56 No subscription required linux-image-raspi - 5.4.0.1021.56 linux-image-raspi2 - 5.4.0.1021.56 linux-image-raspi-hwe-18.04-edge - 5.4.0.1021.56 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1021.56 linux-image-raspi-hwe-18.04 - 5.4.0.1021.56 linux-image-raspi2-hwe-18.04 - 5.4.0.1021.56 No subscription required linux-image-kvm - 5.4.0.1026.24 No subscription required linux-image-oracle - 5.4.0.1028.25 No subscription required linux-image-aws - 5.4.0.1028.29 No subscription required linux-image-gke - 5.4.0.1028.36 linux-image-gcp - 5.4.0.1028.36 No subscription required linux-image-azure - 5.4.0.1031.29 No subscription required linux-image-oem-osp1 - 5.4.0.51.54 linux-image-generic-hwe-20.04 - 5.4.0.51.54 linux-image-generic-hwe-18.04 - 5.4.0.51.54 linux-image-generic-lpae-hwe-20.04 - 5.4.0.51.54 linux-image-generic-lpae-hwe-18.04 - 5.4.0.51.54 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.51.54 linux-image-lowlatency - 5.4.0.51.54 linux-image-virtual - 5.4.0.51.54 linux-image-virtual-hwe-20.04 - 5.4.0.51.54 linux-image-lowlatency-hwe-18.04 - 5.4.0.51.54 linux-image-generic - 5.4.0.51.54 linux-image-virtual-hwe-18.04 - 5.4.0.51.54 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.51.54 linux-image-generic-hwe-18.04-edge - 5.4.0.51.54 linux-image-lowlatency-hwe-20.04 - 5.4.0.51.54 linux-image-oem - 5.4.0.51.54 linux-image-generic-lpae - 5.4.0.51.54 linux-image-virtual-hwe-18.04-edge - 5.4.0.51.54 No subscription required High CVE-2020-14314 CVE-2020-14385 CVE-2020-16119 CVE-2020-16120 CVE-2020-25285 CVE-2020-25641 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain encrypt ciphers. An attacker could possibly use this issue to decrease security or cause incorrect encryption data. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-7069) It was discorevered that PHP incorrectly handled certain HTTP cookies. An attacker could possibly use this issue to forge cookie which is supposed to be secure. (CVE-2020-7070) Update Instructions: Run `sudo pro fix USN-4583-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.4 php7.4 - 7.4.3-4ubuntu2.4 php7.4-dba - 7.4.3-4ubuntu2.4 php7.4-bcmath - 7.4.3-4ubuntu2.4 php7.4-xmlrpc - 7.4.3-4ubuntu2.4 php7.4-intl - 7.4.3-4ubuntu2.4 php7.4-phpdbg - 7.4.3-4ubuntu2.4 php7.4-sybase - 7.4.3-4ubuntu2.4 php7.4-ldap - 7.4.3-4ubuntu2.4 php7.4-readline - 7.4.3-4ubuntu2.4 php7.4-curl - 7.4.3-4ubuntu2.4 php7.4-xsl - 7.4.3-4ubuntu2.4 php7.4-pgsql - 7.4.3-4ubuntu2.4 php7.4-pspell - 7.4.3-4ubuntu2.4 php7.4-zip - 7.4.3-4ubuntu2.4 php7.4-enchant - 7.4.3-4ubuntu2.4 php7.4-odbc - 7.4.3-4ubuntu2.4 php7.4-json - 7.4.3-4ubuntu2.4 php7.4-mbstring - 7.4.3-4ubuntu2.4 php7.4-imap - 7.4.3-4ubuntu2.4 php7.4-bz2 - 7.4.3-4ubuntu2.4 php7.4-cgi - 7.4.3-4ubuntu2.4 php7.4-common - 7.4.3-4ubuntu2.4 php7.4-dev - 7.4.3-4ubuntu2.4 php7.4-interbase - 7.4.3-4ubuntu2.4 php7.4-tidy - 7.4.3-4ubuntu2.4 php7.4-gmp - 7.4.3-4ubuntu2.4 php7.4-sqlite3 - 7.4.3-4ubuntu2.4 php7.4-fpm - 7.4.3-4ubuntu2.4 php7.4-soap - 7.4.3-4ubuntu2.4 php7.4-cli - 7.4.3-4ubuntu2.4 libphp7.4-embed - 7.4.3-4ubuntu2.4 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.4 php7.4-mysql - 7.4.3-4ubuntu2.4 php7.4-snmp - 7.4.3-4ubuntu2.4 php7.4-xml - 7.4.3-4ubuntu2.4 php7.4-opcache - 7.4.3-4ubuntu2.4 No subscription required Medium CVE-2020-7069 CVE-2020-7070 Ubuntu 20.04 LTS USN-4589-1 fixed a vulnerability in containerd. This update provides the corresponding update for docker.io. Original advisory details: It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials. Update Instructions: Run `sudo pro fix USN-4589-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-docker-docker-dev - 19.03.8-0ubuntu1.20.04.1 docker.io - 19.03.8-0ubuntu1.20.04.1 golang-docker-dev - 19.03.8-0ubuntu1.20.04.1 vim-syntax-docker - 19.03.8-0ubuntu1.20.04.1 docker-doc - 19.03.8-0ubuntu1.20.04.1 No subscription required Medium CVE-2020-15157 Ubuntu 20.04 LTS Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12351) Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information (kernel memory). (CVE-2020-12352) Update Instructions: Run `sudo pro fix USN-4591-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1022-raspi - 5.4.0-1022.25 No subscription required linux-image-5.4.0-52-lowlatency - 5.4.0-52.57 linux-image-5.4.0-52-generic-lpae - 5.4.0-52.57 linux-image-5.4.0-52-generic - 5.4.0-52.57 No subscription required linux-image-raspi - 5.4.0.1022.57 linux-image-raspi2 - 5.4.0.1022.57 linux-image-raspi-hwe-18.04-edge - 5.4.0.1022.57 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1022.57 linux-image-raspi-hwe-18.04 - 5.4.0.1022.57 linux-image-raspi2-hwe-18.04 - 5.4.0.1022.57 No subscription required linux-image-oem-osp1 - 5.4.0.52.55 linux-image-generic-hwe-20.04 - 5.4.0.52.55 linux-image-generic-hwe-18.04 - 5.4.0.52.55 linux-image-generic-lpae-hwe-20.04 - 5.4.0.52.55 linux-image-generic-lpae-hwe-18.04 - 5.4.0.52.55 linux-image-virtual - 5.4.0.52.55 linux-image-virtual-hwe-20.04 - 5.4.0.52.55 linux-image-lowlatency-hwe-18.04 - 5.4.0.52.55 linux-image-generic - 5.4.0.52.55 linux-image-virtual-hwe-18.04 - 5.4.0.52.55 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.52.55 linux-image-oem - 5.4.0.52.55 linux-image-generic-hwe-18.04-edge - 5.4.0.52.55 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.52.55 linux-image-generic-lpae - 5.4.0.52.55 linux-image-lowlatency - 5.4.0.52.55 linux-image-lowlatency-hwe-20.04 - 5.4.0.52.55 linux-image-virtual-hwe-18.04-edge - 5.4.0.52.55 No subscription required High CVE-2020-12351 CVE-2020-12352 Ubuntu 20.04 LTS Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. Update Instructions: Run `sudo pro fix USN-4593-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreetype6-udeb - 2.10.1-2ubuntu0.1 libfreetype6 - 2.10.1-2ubuntu0.1 libfreetype6-dev - 2.10.1-2ubuntu0.1 freetype2-doc - 2.10.1-2ubuntu0.1 libfreetype-dev - 2.10.1-2ubuntu0.1 freetype2-demos - 2.10.1-2ubuntu0.1 No subscription required High CVE-2020-15999 Ubuntu 20.04 LTS It was discovered that Tomcat did not properly manage HTTP/2 streams. An attacker could possibly use this to cause Tomcat to consume resources, resulting in a denial of service. (CVE-2020-11996) It was discovered that Tomcat did not properly release the HTTP/1.1 processor after the upgrade to HTTP/2. An attacker could possibly use this to generate an OutOfMemoryException, resulting in a denial of service. (CVE-2020-13934) It was discovered that Tomcat did not properly validate the payload length in a WebSocket frame. An attacker could possibly use this to trigger an infinite loop, resulting in a denial of service. (CVE-2020-13935) It was discovered that Tomcat did not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-9484) Update Instructions: Run `sudo pro fix USN-4596-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tomcat9-docs - 9.0.31-1ubuntu0.1 libtomcat9-embed-java - 9.0.31-1ubuntu0.1 tomcat9-admin - 9.0.31-1ubuntu0.1 tomcat9-common - 9.0.31-1ubuntu0.1 libtomcat9-java - 9.0.31-1ubuntu0.1 tomcat9-user - 9.0.31-1ubuntu0.1 tomcat9 - 9.0.31-1ubuntu0.1 tomcat9-examples - 9.0.31-1ubuntu0.1 No subscription required Medium CVE-2020-11996 CVE-2020-13934 CVE-2020-13935 CVE-2020-9484 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the prompt for opening an external application, obtain sensitive information, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4599-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 82.0+build2-0ubuntu0.20.04.1 firefox - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 82.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 82.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 82.0+build2-0ubuntu0.20.04.1 firefox-dev - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 82.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-15254 CVE-2020-15680 CVE-2020-15681 CVE-2020-15682 CVE-2020-15683 CVE-2020-15684 CVE-2020-15969 Ubuntu 20.04 LTS USN-4599-1 and USN-4599-2 fixed vulnerabilities in Firefox. The updates introduced various minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the prompt for opening an external application, obtain sensitive information, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4599-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 82.0.2+build1-0ubuntu0.20.04.1 firefox - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 82.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 82.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 82.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 82.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1903197 https://usn.ubuntu.com/4599-2 Ubuntu 20.04 LTS ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10543) Hugo van der Sanden and Slaven Rezic discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10878) Sergey Aleynikov discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12723) Update Instructions: Run `sudo pro fix USN-4602-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: perl-modules-5.30 - 5.30.0-9ubuntu0.2 libperl-dev - 5.30.0-9ubuntu0.2 perl-doc - 5.30.0-9ubuntu0.2 perl - 5.30.0-9ubuntu0.2 perl-base - 5.30.0-9ubuntu0.2 libperl5.30 - 5.30.0-9ubuntu0.2 perl-debug - 5.30.0-9ubuntu0.2 No subscription required Low CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 Ubuntu 20.04 LTS It was discovered that MariaDB didn't properly validate the content of a packet received from a server. A remote attacker could use this vulnerability to sent a specialy crafted file to cause a denial of service. (CVE-2020-13249) It was discovered that MariaDB has other security issues. An attacker can cause a hang or frequently repeatable crash (denial of service). (CVE-2020-15180, CVE-2020-2752, CVE-2020-2760, CVE-2020-2812, CVE-2020-2814) In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Update Instructions: Run `sudo pro fix USN-4603-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.25-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.25-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.25-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.25-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.25-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.25-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.25-0ubuntu0.20.04.1 mariadb-client - 1:10.3.25-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.25-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.25-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.25-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.25-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.25-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.25-0ubuntu0.20.04.1 mariadb-server - 1:10.3.25-0ubuntu0.20.04.1 mariadb-common - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.25-0ubuntu0.20.04.1 mariadb-test - 1:10.3.25-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-13249 CVE-2020-15180 CVE-2020-2752 CVE-2020-2760 CVE-2020-2812 CVE-2020-2814 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.22 in Ubuntu 20.04 LTS and Ubuntu 20.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.32. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-32.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-22.html https://www.oracle.com/security-alerts/cpuoct2020.html Update Instructions: Run `sudo pro fix USN-4604-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.22-0ubuntu0.20.04.2 libmysqlclient-dev - 8.0.22-0ubuntu0.20.04.2 mysql-testsuite-8.0 - 8.0.22-0ubuntu0.20.04.2 mysql-router - 8.0.22-0ubuntu0.20.04.2 mysql-server - 8.0.22-0ubuntu0.20.04.2 libmysqlclient21 - 8.0.22-0ubuntu0.20.04.2 mysql-client-core-8.0 - 8.0.22-0ubuntu0.20.04.2 mysql-server-core-8.0 - 8.0.22-0ubuntu0.20.04.2 mysql-server-8.0 - 8.0.22-0ubuntu0.20.04.2 mysql-testsuite - 8.0.22-0ubuntu0.20.04.2 mysql-client-8.0 - 8.0.22-0ubuntu0.20.04.2 mysql-source-8.0 - 8.0.22-0ubuntu0.20.04.2 No subscription required Medium CVE-2020-14672 CVE-2020-14760 CVE-2020-14765 CVE-2020-14769 CVE-2020-14771 CVE-2020-14773 CVE-2020-14775 CVE-2020-14776 CVE-2020-14777 CVE-2020-14785 CVE-2020-14786 CVE-2020-14789 CVE-2020-14790 CVE-2020-14791 CVE-2020-14793 CVE-2020-14794 CVE-2020-14800 CVE-2020-14804 CVE-2020-14809 CVE-2020-14812 CVE-2020-14814 CVE-2020-14821 CVE-2020-14827 CVE-2020-14828 CVE-2020-14829 CVE-2020-14830 CVE-2020-14836 CVE-2020-14837 CVE-2020-14838 CVE-2020-14839 CVE-2020-14844 CVE-2020-14845 CVE-2020-14846 CVE-2020-14848 CVE-2020-14852 CVE-2020-14853 CVE-2020-14860 CVE-2020-14861 CVE-2020-14866 CVE-2020-14867 CVE-2020-14868 CVE-2020-14869 CVE-2020-14870 CVE-2020-14873 CVE-2020-14878 CVE-2020-14888 CVE-2020-14891 CVE-2020-14893 Ubuntu 20.04 LTS Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. (CVE-2020-15238) Update Instructions: Run `sudo pro fix USN-4605-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: blueman - 2.1.2-1ubuntu0.1 No subscription required Medium CVE-2020-15238 Ubuntu 20.04 LTS Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. (CVE-2020-15238) While a previous security update fixed the issue, this update provides additional improvements by enabling PolicyKit authentication for privileged commands. Update Instructions: Run `sudo pro fix USN-4605-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: blueman - 2.1.2-1ubuntu0.2 No subscription required None https://launchpad.net/bugs/1897287 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly handled deserializing Proxy class objects with many interfaces. A remote attacker could possibly use this issue to cause a denial of service (memory consumption) via a specially crafted input. (CVE-2020-14779) Sergey Ostanin discovered that OpenJDK incorrectly restricted authentication mechanisms. A remote attacker could possibly use this issue to obtain sensitive information over an unencrypted connection. (CVE-2020-14781) It was discovered that OpenJDK incorrectly handled untrusted certificates. An attacker could possibly use this issue to read or write sensitive information. (CVE-2020-14782) Zhiqiang Zang discovered that OpenJDK incorrectly checked for integer overflows. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14792) Markus Loewe discovered that OpenJDK incorrectly checked permissions when converting a file system path to an URI. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14796) Markus Loewe discovered that OpenJDK incorrectly checked for invalid characters when converting an URI to a path. An attacker could possibly use this issue to read or write sensitive information. (CVE-2020-14797) Markus Loewe discovered that OpenJDK incorrectly checked the length of input strings. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14798) It was discovered that OpenJDK incorrectly handled boundary checks. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14803) Update Instructions: Run `sudo pro fix USN-4607-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.9+11-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.9+11-0ubuntu1~20.04 openjdk-11-doc - 11.0.9+11-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.9+11-0ubuntu1~20.04 openjdk-11-jdk - 11.0.9+11-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.9+11-0ubuntu1~20.04 openjdk-11-jre - 11.0.9+11-0ubuntu1~20.04 openjdk-11-demo - 11.0.9+11-0ubuntu1~20.04 No subscription required openjdk-8-source - 8u272-b10-0ubuntu1~20.04 openjdk-8-doc - 8u272-b10-0ubuntu1~20.04 openjdk-8-jdk - 8u272-b10-0ubuntu1~20.04 openjdk-8-jre-headless - 8u272-b10-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u272-b10-0ubuntu1~20.04 openjdk-8-jre - 8u272-b10-0ubuntu1~20.04 openjdk-8-jre-zero - 8u272-b10-0ubuntu1~20.04 openjdk-8-demo - 8u272-b10-0ubuntu1~20.04 No subscription required Medium CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 Ubuntu 20.04 LTS USN-4607-1 fixed vulnerabilities and added features in OpenJDK. Unfortunately, that update introduced a regression that could cause TLS connections with client certificate authentication to fail in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that OpenJDK incorrectly handled deserializing Proxy class objects with many interfaces. A remote attacker could possibly use this issue to cause a denial of service (memory consumption) via a specially crafted input. (CVE-2020-14779) Sergey Ostanin discovered that OpenJDK incorrectly restricted authentication mechanisms. A remote attacker could possibly use this issue to obtain sensitive information over an unencrypted connection. (CVE-2020-14781) It was discovered that OpenJDK incorrectly handled untrusted certificates. An attacker could possibly use this issue to read or write sensitive information. (CVE-2020-14782) Zhiqiang Zang discovered that OpenJDK incorrectly checked for integer overflows. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14792) Markus Loewe discovered that OpenJDK incorrectly checked permissions when converting a file system path to an URI. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14796) Markus Loewe discovered that OpenJDK incorrectly checked for invalid characters when converting an URI to a path. An attacker could possibly use this issue to read or write sensitive information. (CVE-2020-14797) Markus Loewe discovered that OpenJDK incorrectly checked the length of input strings. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14798) It was discovered that OpenJDK incorrectly handled boundary checks. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14803) Update Instructions: Run `sudo pro fix USN-4607-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-doc - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-jdk - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-jre - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-demo - 11.0.9.1+1-0ubuntu1~20.04 No subscription required openjdk-8-source - 8u275-b01-0ubuntu1~20.04 openjdk-8-doc - 8u275-b01-0ubuntu1~20.04 openjdk-8-jdk - 8u275-b01-0ubuntu1~20.04 openjdk-8-jre-headless - 8u275-b01-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u275-b01-0ubuntu1~20.04 openjdk-8-jre - 8u275-b01-0ubuntu1~20.04 openjdk-8-jre-zero - 8u275-b01-0ubuntu1~20.04 openjdk-8-demo - 8u275-b01-0ubuntu1~20.04 No subscription required Medium CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 Ubuntu 20.04 LTS The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.44 version of the Mozilla certificate authority bundle. Update Instructions: Run `sudo pro fix USN-4608-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates-udeb - 20201027ubuntu0.20.04.1 ca-certificates - 20201027ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1900727 Ubuntu 20.04 LTS It was discovered that fastd did not properly handle receive buffers under certain circumstances. A remote attacker could possibly use this issue to cause a memory leak, resulting in a denial of service. (CVE-2020-27638) Update Instructions: Run `sudo pro fix USN-4610-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: fastd - 18-3ubuntu0.1 No subscription required Medium CVE-2020-27638 Ubuntu 20.04 LTS Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. (CVE-2020-14318) Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use this issue to cause winbind to crash, resulting in a denial of service. (CVE-2020-14323) Francis Brosnan Blázquez discovered that Samba incorrectly handled certain invalid DNS records. A remote attacker could possibly use this issue to cause the DNS server to crash, resulting in a denial of service. (CVE-2020-14383) Update Instructions: Run `sudo pro fix USN-4611-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.11.6+dfsg-0ubuntu1.6 samba - 2:4.11.6+dfsg-0ubuntu1.6 libnss-winbind - 2:4.11.6+dfsg-0ubuntu1.6 libpam-winbind - 2:4.11.6+dfsg-0ubuntu1.6 libsmbclient - 2:4.11.6+dfsg-0ubuntu1.6 ctdb - 2:4.11.6+dfsg-0ubuntu1.6 smbclient - 2:4.11.6+dfsg-0ubuntu1.6 libwbclient0 - 2:4.11.6+dfsg-0ubuntu1.6 samba-testsuite - 2:4.11.6+dfsg-0ubuntu1.6 samba-common-bin - 2:4.11.6+dfsg-0ubuntu1.6 winbind - 2:4.11.6+dfsg-0ubuntu1.6 samba-dsdb-modules - 2:4.11.6+dfsg-0ubuntu1.6 samba-dev - 2:4.11.6+dfsg-0ubuntu1.6 libsmbclient-dev - 2:4.11.6+dfsg-0ubuntu1.6 samba-vfs-modules - 2:4.11.6+dfsg-0ubuntu1.6 samba-common - 2:4.11.6+dfsg-0ubuntu1.6 registry-tools - 2:4.11.6+dfsg-0ubuntu1.6 samba-libs - 2:4.11.6+dfsg-0ubuntu1.6 python3-samba - 2:4.11.6+dfsg-0ubuntu1.6 No subscription required Medium CVE-2020-14318 CVE-2020-14323 CVE-2020-14383 Ubuntu 20.04 LTS Hubert Kario discovered that python-cryptography incorrectly handled certain decryption. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4613-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-cryptography - 2.8-3ubuntu0.1 python-cryptography - 2.8-3ubuntu0.1 python-cryptography-doc - 2.8-3ubuntu0.1 No subscription required Medium CVE-2020-25659 Ubuntu 20.04 LTS Kevin Backhouse discovered that GDM incorrectly launched the initial setup tool when the accountsservice daemon was not reachable. A local attacker able to cause accountsservice to crash or stop responding could trick GDM into launching the initial setup tool and create a privileged user. Update Instructions: Run `sudo pro fix USN-4614-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gdm-1.0 - 3.36.3-0ubuntu0.20.04.2 libgdm-dev - 3.36.3-0ubuntu0.20.04.2 gdm3 - 3.36.3-0ubuntu0.20.04.2 libgdm1 - 3.36.3-0ubuntu0.20.04.2 No subscription required Medium CVE-2020-16125 Ubuntu 20.04 LTS Kevin Backhouse discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. (CVE-2020-16126) Kevin Backhouse discovered that AccountsService incorrectly handled reading .pam_environment files. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2020-16127) Matthias Gerstner discovered that AccountsService incorrectly handled certain path checks. A local attacker could possibly use this issue to read arbitrary files. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-14036) Update Instructions: Run `sudo pro fix USN-4616-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: accountsservice - 0.6.55-0ubuntu12~20.04.4 gir1.2-accountsservice-1.0 - 0.6.55-0ubuntu12~20.04.4 libaccountsservice-doc - 0.6.55-0ubuntu12~20.04.4 libaccountsservice-dev - 0.6.55-0ubuntu12~20.04.4 libaccountsservice0 - 0.6.55-0ubuntu12~20.04.4 No subscription required Medium CVE-2018-14036 CVE-2020-16126 CVE-2020-16127 Ubuntu 20.04 LTS Matthias Gerstner discovered that SPICE vdagent incorrectly handled the active_xfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service. (CVE-2020-25650) Matthias Gerstner discovered that SPICE vdagent incorrectly handled the active_xfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service, or obtain sensitive file contents. (CVE-2020-25651) Matthias Gerstner discovered that SPICE vdagent incorrectly handled a large number of client connections. A local attacker could possibly use this issue to cause SPICE vdagent to consume resources, resulting in a denial of service. (CVE-2020-25652) Matthias Gerstner discovered that SPICE vdagent incorrectly handled client connections. A local attacker could possibly use this issue to obtain sensitive information, paste clipboard contents, and transfer files into the active session. (CVE-2020-25653) Update Instructions: Run `sudo pro fix USN-4617-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: spice-vdagent - 0.19.0-2ubuntu0.2 No subscription required Low CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653 Ubuntu 20.04 LTS Sergey Nizovtsev discovered that tmux incorrectly handled some inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4618-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tmux - 3.0a-2ubuntu0.2 No subscription required Medium CVE-2020-27347 Ubuntu 20.04 LTS It was discovered that OpenLDAP incorrectly handled certain network packets. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4622-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.4 libldap-common - 2.4.49+dfsg-2ubuntu1.4 slapd-contrib - 2.4.49+dfsg-2ubuntu1.4 slapi-dev - 2.4.49+dfsg-2ubuntu1.4 ldap-utils - 2.4.49+dfsg-2ubuntu1.4 libldap2-dev - 2.4.49+dfsg-2ubuntu1.4 slapd - 2.4.49+dfsg-2ubuntu1.4 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.4 No subscription required Medium CVE-2020-25692 Ubuntu 20.04 LTS Ken Gaillot discovered that Pacemaker incorrectly handled IPC communications permissions. A local attacker could possibly use this issue to bypass ACL restrictions and execute arbitrary code as root. Update Instructions: Run `sudo pro fix USN-4623-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pacemaker-remote - 2.0.3-3ubuntu4.1 libcrmcommon-dev - 2.0.3-3ubuntu4.1 libcib27 - 2.0.3-3ubuntu4.1 pacemaker-resource-agents - 2.0.3-3ubuntu4.1 pacemaker-cli-utils - 2.0.3-3ubuntu4.1 libstonithd26 - 2.0.3-3ubuntu4.1 liblrmd28 - 2.0.3-3ubuntu4.1 libcrmservice28 - 2.0.3-3ubuntu4.1 pacemaker-common - 2.0.3-3ubuntu4.1 libcrmcluster-dev - 2.0.3-3ubuntu4.1 libstonithd-dev - 2.0.3-3ubuntu4.1 libpe-rules26 - 2.0.3-3ubuntu4.1 pacemaker-dev - 2.0.3-3ubuntu4.1 libcrmcluster29 - 2.0.3-3ubuntu4.1 libcib-dev - 2.0.3-3ubuntu4.1 pacemaker - 2.0.3-3ubuntu4.1 libcrmservice-dev - 2.0.3-3ubuntu4.1 libcrmcommon34 - 2.0.3-3ubuntu4.1 liblrmd-dev - 2.0.3-3ubuntu4.1 libpe-status28 - 2.0.3-3ubuntu4.1 libpacemaker1 - 2.0.3-3ubuntu4.1 libpengine-dev - 2.0.3-3ubuntu4.1 pacemaker-doc - 2.0.3-3ubuntu4.1 No subscription required Medium CVE-2020-25654 Ubuntu 20.04 LTS It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause unexpected behaviours, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4624-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libexif-doc - 0.6.21-6ubuntu0.4 libexif-dev - 0.6.21-6ubuntu0.4 libexif12 - 0.6.21-6ubuntu0.4 No subscription required Medium CVE-2020-0452 Ubuntu 20.04 LTS A use-after-free was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4625-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nn - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ne - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nb - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fa - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fi - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fr - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fy - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-or - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kab - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-oc - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cs - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ga - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gd - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gn - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gl - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gu - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pa - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pl - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cy - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pt - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hi - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-uk - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-he - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hy - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hr - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hu - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-as - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ar - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ia - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-az - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-id - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mai - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-af - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-is - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-it - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-an - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bs - 82.0.3+build1-0ubuntu0.20.04.1 firefox - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ro - 82.0.3+build1-0ubuntu0.20.04.1 firefox-geckodriver - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ja - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ru - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-br - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bn - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-be - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bg - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sl - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sk - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-si - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sw - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sv - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sr - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sq - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ko - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kn - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-km - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kk - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ka - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-xh - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ca - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ku - 82.0.3+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lv - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lt - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-th - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 82.0.3+build1-0ubuntu0.20.04.1 firefox-dev - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-te - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cak - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ta - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lg - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-tr - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nso - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-de - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-da - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ms - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mr - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-my - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-uz - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ml - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mn - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mk - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ur - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-vi - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-eu - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-et - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-es - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-csb - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-el - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-eo - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-en - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zu - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ast - 82.0.3+build1-0ubuntu0.20.04.1 No subscription required High CVE-2020-26950 Ubuntu 20.04 LTS Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4627-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1029-oracle - 5.4.0-1029.31 linux-image-5.4.0-1029-gcp - 5.4.0-1029.31 No subscription required linux-image-5.4.0-53-generic - 5.4.0-53.59 linux-image-5.4.0-53-lowlatency - 5.4.0-53.59 linux-image-5.4.0-53-generic-lpae - 5.4.0-53.59 No subscription required linux-image-oracle - 5.4.0.1029.26 No subscription required linux-image-gke - 5.4.0.1029.37 linux-image-gcp - 5.4.0.1029.37 No subscription required linux-image-oem-osp1 - 5.4.0.53.56 linux-image-generic-hwe-20.04 - 5.4.0.53.56 linux-image-generic-hwe-18.04 - 5.4.0.53.56 linux-image-generic-lpae-hwe-20.04 - 5.4.0.53.56 linux-image-generic-lpae-hwe-18.04 - 5.4.0.53.56 linux-image-virtual - 5.4.0.53.56 linux-image-virtual-hwe-20.04 - 5.4.0.53.56 linux-image-lowlatency-hwe-18.04 - 5.4.0.53.56 linux-image-generic - 5.4.0.53.56 linux-image-virtual-hwe-18.04 - 5.4.0.53.56 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.53.56 linux-image-oem - 5.4.0.53.56 linux-image-generic-hwe-18.04-edge - 5.4.0.53.56 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.53.56 linux-image-generic-lpae - 5.4.0.53.56 linux-image-lowlatency - 5.4.0.53.56 linux-image-lowlatency-hwe-20.04 - 5.4.0.53.56 linux-image-virtual-hwe-18.04-edge - 5.4.0.53.56 No subscription required Medium CVE-2020-8694 Ubuntu 20.04 LTS Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698) Update Instructions: Run `sudo pro fix USN-4628-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20201110.0ubuntu0.20.04.1 No subscription required Medium CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 Ubuntu 20.04 LTS USN-4628-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Tiger Lake family from booting successfully. This update reverts the microcode update for the Tiger Lake processor family. Please note that the 'dis_ucode_ldr' kernel command line option can be added in the boot menu to disable microcode loading for system recovery. We apologize for the inconvenience. Original advisory details: Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698) Update Instructions: Run `sudo pro fix USN-4628-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20201110.0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/1903883 Ubuntu 20.04 LTS USN-4628-1 provided updated Intel Processor Microcode for various processor types. This update provides the corresponding updates for some additional processor types. Original advisory details: Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698) Update Instructions: Run `sudo pro fix USN-4628-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20210216.0ubuntu0.20.04.1 No subscription required Medium CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 Ubuntu 20.04 LTS Hanno Böck discovered that Raptor incorrectly handled certain memory operations. If a user were tricked into opening a specially crafted document in an application linked against Raptor, an attacker could cause the application to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4630-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libraptor2-doc - 2.0.15-0ubuntu1.20.04.1 raptor2-utils - 2.0.15-0ubuntu1.20.04.1 libraptor2-dev - 2.0.15-0ubuntu1.20.04.1 libraptor2-0 - 2.0.15-0ubuntu1.20.04.1 No subscription required Medium CVE-2017-18926 Ubuntu 20.04 LTS It was discovered that libmaxminddb incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause applications using libmaxminddb to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4631-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mmdb-bin - 1.4.2-0ubuntu1.20.04.1 libmaxminddb-dev - 1.4.2-0ubuntu1.20.04.1 libmaxminddb0 - 1.4.2-0ubuntu1.20.04.1 No subscription required Medium CVE-2020-28241 Ubuntu 20.04 LTS Peter Eisentraut discovered that PostgreSQL incorrectly handled connection security settings. Client applications could possibly be connecting with certain security parameters dropped, contrary to expectations. (CVE-2020-25694) Etienne Stalmans discovered that PostgreSQL incorrectly handled the security restricted operation sandbox. An authenticated remote attacker could possibly use this issue to execute arbitrary SQL functions as a superuser. (CVE-2020-25695) Nick Cleaton discovered that PostgreSQL incorrectly handled the \gset meta-command. A remote attacker with a compromised server could possibly use this issue to execute arbitrary code. (CVE-2020-25696) Update Instructions: Run `sudo pro fix USN-4633-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpq5 - 12.5-0ubuntu0.20.04.1 postgresql-server-dev-12 - 12.5-0ubuntu0.20.04.1 libecpg6 - 12.5-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.5-0ubuntu0.20.04.1 libpgtypes3 - 12.5-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.5-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.5-0ubuntu0.20.04.1 libecpg-dev - 12.5-0ubuntu0.20.04.1 libpq-dev - 12.5-0ubuntu0.20.04.1 postgresql-doc-12 - 12.5-0ubuntu0.20.04.1 postgresql-12 - 12.5-0ubuntu0.20.04.1 postgresql-client-12 - 12.5-0ubuntu0.20.04.1 libecpg-compat3 - 12.5-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 Ubuntu 20.04 LTS It was discovered that OpenLDAP incorrectly handled certain malformed inputs. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4634-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.5 libldap-common - 2.4.49+dfsg-2ubuntu1.5 slapd-contrib - 2.4.49+dfsg-2ubuntu1.5 slapi-dev - 2.4.49+dfsg-2ubuntu1.5 ldap-utils - 2.4.49+dfsg-2ubuntu1.5 libldap2-dev - 2.4.49+dfsg-2ubuntu1.5 slapd - 2.4.49+dfsg-2ubuntu1.5 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.5 No subscription required Medium CVE-2020-25709 CVE-2020-25710 Ubuntu 20.04 LTS Demi Obenour discovered that Kerberos incorrectly handled certain ASN.1. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-4635-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libk5crypto3 - 1.17-6ubuntu4.1 krb5-kpropd - 1.17-6ubuntu4.1 libkdb5-9 - 1.17-6ubuntu4.1 krb5-user - 1.17-6ubuntu4.1 libgssrpc4 - 1.17-6ubuntu4.1 libkrb5support0 - 1.17-6ubuntu4.1 krb5-doc - 1.17-6ubuntu4.1 libkrb5-dev - 1.17-6ubuntu4.1 krb5-pkinit - 1.17-6ubuntu4.1 libkrb5-3 - 1.17-6ubuntu4.1 krb5-kdc-ldap - 1.17-6ubuntu4.1 krb5-otp - 1.17-6ubuntu4.1 krb5-gss-samples - 1.17-6ubuntu4.1 libkrad-dev - 1.17-6ubuntu4.1 krb5-locales - 1.17-6ubuntu4.1 libgssapi-krb5-2 - 1.17-6ubuntu4.1 krb5-kdc - 1.17-6ubuntu4.1 krb5-multidev - 1.17-6ubuntu4.1 krb5-k5tls - 1.17-6ubuntu4.1 libkrad0 - 1.17-6ubuntu4.1 libkadm5srv-mit11 - 1.17-6ubuntu4.1 libkadm5clnt-mit11 - 1.17-6ubuntu4.1 krb5-admin-server - 1.17-6ubuntu4.1 No subscription required Medium CVE-2020-28196 Ubuntu 20.04 LTS It was discovered that LibVNCServer incorrectly handled certain internals. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Vino package ships with a LibVNCServer source and all listed releases were affected for this package. Update Instructions: Run `sudo pro fix USN-4636-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvncserver1 - 0.9.12+dfsg-9ubuntu0.3 libvncserver-dev - 0.9.12+dfsg-9ubuntu0.3 libvncclient1 - 0.9.12+dfsg-9ubuntu0.3 No subscription required vino - 3.22.0-5ubuntu2.2 No subscription required Medium CVE-2020-25708 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across origins, bypass security restrictions, conduct phishing attacks, conduct cross-site scripting (XSS) attacks, bypass Content Security Policy (CSP) restrictions, conduct DNS rebinding attacks, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4637-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 83.0+build2-0ubuntu0.20.04.1 firefox - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 83.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 83.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 83.0+build2-0ubuntu0.20.04.1 firefox-dev - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 83.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-16012 CVE-2020-26951 CVE-2020-26952 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26962 CVE-2020-26963 CVE-2020-26965 CVE-2020-26967 CVE-2020-26968 CVE-2020-26969 Ubuntu 20.04 LTS James Henstridge discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle snap client connections. An attacker could possibly use this to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4640-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpulse0 - 1:13.99.1-1ubuntu3.8 pulseaudio-module-zeroconf - 1:13.99.1-1ubuntu3.8 pulseaudio-module-gsettings - 1:13.99.1-1ubuntu3.8 pulseaudio-module-bluetooth - 1:13.99.1-1ubuntu3.8 libpulse-dev - 1:13.99.1-1ubuntu3.8 pulseaudio-utils - 1:13.99.1-1ubuntu3.8 pulseaudio-module-raop - 1:13.99.1-1ubuntu3.8 pulseaudio - 1:13.99.1-1ubuntu3.8 libpulsedsp - 1:13.99.1-1ubuntu3.8 pulseaudio-equalizer - 1:13.99.1-1ubuntu3.8 libpulse-mainloop-glib0 - 1:13.99.1-1ubuntu3.8 pulseaudio-module-lirc - 1:13.99.1-1ubuntu3.8 pulseaudio-module-jack - 1:13.99.1-1ubuntu3.8 No subscription required Medium CVE-2020-16123 Ubuntu 20.04 LTS It was discovered that Mutt incorrectly handled certain connections. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4645-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mutt - 1.13.2-1ubuntu0.3 No subscription required Medium CVE-2020-28896 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4648-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.30.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.30.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.30.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.30.3-0ubuntu0.20.04.1 webkit2gtk-driver - 2.30.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.30.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.30.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.30.3-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.30.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.30.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-13753 CVE-2020-9948 CVE-2020-9951 CVE-2020-9952 CVE-2020-9983 Ubuntu 20.04 LTS Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4649-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xdg-utils - 1.1.3-2ubuntu1.20.04.1 No subscription required Low CVE-2020-27748 Ubuntu 20.04 LTS USN-4649-1 fixed vulnerabilities in xdg-utils. That update caused a regression by removing the --attach functionality in thunderbird and others applications. This update fix the problem by reverting these changes. Original advisory details: Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4649-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xdg-utils - 1.1.3-2ubuntu1.20.04.2 No subscription required None https://launchpad.net/bugs/1909941 Ubuntu 20.04 LTS Alexander Bulekov discovered that QEMU incorrectly handled SDHCI device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2020-17380) Sergej Schumilo, Cornelius Aschermann, and Simon Wrner discovered that QEMU incorrectly handled USB device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-25084) Sergej Schumilo, Cornelius Aschermann, and Simon Wrner discovered that QEMU incorrectly handled SDHCI device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-25085) Gaoning Pan, Yongkang Jia, and Yi Ren discovered that QEMU incorrectly handled USB device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-25624) It was discovered that QEMU incorrectly handled USB device emulation. An attacker inside the guest could use this issue to cause QEMU to hang, resulting in a denial of service. (CVE-2020-25625) Cheolwoo Myung discovered that QEMU incorrectly handled USB device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-25723) Gaoning Pan discovered that QEMU incorrectly handled ATI graphics device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2020-27616) Gaoning Pan discovered that QEMU incorrectly handled networking. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-27617) Update Instructions: Run `sudo pro fix USN-4650-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-common - 1:4.2-3ubuntu6.10 qemu-system-data - 1:4.2-3ubuntu6.10 qemu-system-misc - 1:4.2-3ubuntu6.10 qemu-block-extra - 1:4.2-3ubuntu6.10 qemu-system-s390x - 1:4.2-3ubuntu6.10 qemu-user - 1:4.2-3ubuntu6.10 qemu-system-gui - 1:4.2-3ubuntu6.10 qemu-guest-agent - 1:4.2-3ubuntu6.10 qemu - 1:4.2-3ubuntu6.10 qemu-system - 1:4.2-3ubuntu6.10 qemu-utils - 1:4.2-3ubuntu6.10 qemu-user-static - 1:4.2-3ubuntu6.10 qemu-kvm - 1:4.2-3ubuntu6.10 qemu-user-binfmt - 1:4.2-3ubuntu6.10 qemu-system-x86 - 1:4.2-3ubuntu6.10 qemu-system-arm - 1:4.2-3ubuntu6.10 qemu-system-sparc - 1:4.2-3ubuntu6.10 qemu-system-x86-microvm - 1:4.2-3ubuntu6.10 qemu-system-ppc - 1:4.2-3ubuntu6.10 qemu-system-mips - 1:4.2-3ubuntu6.10 qemu-system-x86-xen - 1:4.2-3ubuntu6.10 No subscription required Medium CVE-2020-17380 CVE-2020-25084 CVE-2020-25085 CVE-2020-25624 CVE-2020-25625 CVE-2020-25723 CVE-2020-27616 CVE-2020-27617 Ubuntu 20.04 LTS Tom Reynolds discovered that due to a packaging error, the MySQL X Plugin was listening to all network interfaces by default, contrary to expectations. This update changes the default MySQL configuration to bind the MySQL X Plugin to localhost only. This change may impact environments where the MySQL X Plugin needs to be accessible from the network. The mysqlx-bind-address setting in the /etc/mysql/mysql.conf.d/mysqld.cnf file can be modified to allow network access. Update Instructions: Run `sudo pro fix USN-4651-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.22-0ubuntu0.20.04.3 mysql-client-8.0 - 8.0.22-0ubuntu0.20.04.3 libmysqlclient-dev - 8.0.22-0ubuntu0.20.04.3 mysql-testsuite-8.0 - 8.0.22-0ubuntu0.20.04.3 mysql-router - 8.0.22-0ubuntu0.20.04.3 mysql-server - 8.0.22-0ubuntu0.20.04.3 libmysqlclient21 - 8.0.22-0ubuntu0.20.04.3 mysql-client-core-8.0 - 8.0.22-0ubuntu0.20.04.3 mysql-server-core-8.0 - 8.0.22-0ubuntu0.20.04.3 mysql-testsuite - 8.0.22-0ubuntu0.20.04.3 mysql-server-8.0 - 8.0.22-0ubuntu0.20.04.3 mysql-source-8.0 - 8.0.22-0ubuntu0.20.04.3 No subscription required None https://launchpad.net/bugs/1857584 Ubuntu 20.04 LTS It was discovered that access controls for the shim’s API socket did not restrict access to the abstract unix domain socket in some cases. An attacker could use this vulnerability to run containers with elevated privileges. Update Instructions: Run `sudo pro fix USN-4653-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.3.3-0ubuntu2.1 golang-github-docker-containerd-dev - 1.3.3-0ubuntu2.1 No subscription required Medium CVE-2020-15257 Ubuntu 20.04 LTS USN-4653-1 fixed a vulnerability in containerd. Unfortunately, those containerd packages introduced a regression in docker.io and the update was reverted. This update addresses the docker.io issue and reintroduces the fixes from USN-4653-1. We apologize for the inconvenience. Update Instructions: Run `sudo pro fix USN-4653-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.3.3-0ubuntu2.2 golang-github-docker-containerd-dev - 1.3.3-0ubuntu2.2 No subscription required Medium CVE-2020-15257 https://launchpad.net/bugs/1870514 Ubuntu 20.04 LTS It was discovered that PEAR incorrectly sanitized filenames. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4654-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-pear - 1:1.10.9+submodules+notgz-1ubuntu0.20.04.1 No subscription required Medium CVE-2020-28948 CVE-2020-28949 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server XKB extension incorrectly handled certain inputs. A local attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-4656-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.8-2ubuntu2.6 xwayland - 2:1.20.8-2ubuntu2.6 xorg-server-source - 2:1.20.8-2ubuntu2.6 xdmx - 2:1.20.8-2ubuntu2.6 xserver-xorg-dev - 2:1.20.8-2ubuntu2.6 xvfb - 2:1.20.8-2ubuntu2.6 xnest - 2:1.20.8-2ubuntu2.6 xserver-xorg-legacy - 2:1.20.8-2ubuntu2.6 xserver-common - 2:1.20.8-2ubuntu2.6 xserver-xephyr - 2:1.20.8-2ubuntu2.6 xserver-xorg-core-udeb - 2:1.20.8-2ubuntu2.6 xdmx-tools - 2:1.20.8-2ubuntu2.6 No subscription required Medium CVE-2020-14360 CVE-2020-25712 Ubuntu 20.04 LTS It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-0423) Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. (CVE-2020-10135) It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An attacker with access to the perf subsystem could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14351) It was discovered that the frame buffer implementation in the Linux kernel did not properly handle some edge cases in software scrollback. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14390) It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25211) It was discovered that the Rados block device (rbd) driver in the Linux kernel did not properly perform privilege checks for access to rbd devices in some situations. A local attacker could use this to map or unmap rbd block devices. (CVE-2020-25284) It was discovered that the HDLC PPP implementation in the Linux kernel did not properly validate input in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25643) It was discovered that the GENEVE tunnel implementation in the Linux kernel when combined with IPSec did not properly select IP routes in some situations. An attacker could use this to expose sensitive information (unencrypted network traffic). (CVE-2020-25645) Keyu Man discovered that the ICMP global rate limiter in the Linux kernel could be used to assist in scanning open UDP ports. A remote attacker could use to facilitate attacks on UDP based services that depend on source port randomization. (CVE-2020-25705) It was discovered that the framebuffer implementation in the Linux kernel did not properly perform range checks in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28915) It was discovered that Power 9 processors could be coerced to expose information from the L1 cache in certain situations. A local attacker could use this to expose sensitive information. (CVE-2020-4788) Update Instructions: Run `sudo pro fix USN-4658-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1023-raspi - 5.4.0-1023.26 No subscription required linux-image-5.4.0-1028-kvm - 5.4.0-1028.29 No subscription required linux-image-5.4.0-1030-aws - 5.4.0-1030.31 No subscription required linux-image-5.4.0-1030-gcp - 5.4.0-1030.32 linux-image-5.4.0-1030-oracle - 5.4.0-1030.32 No subscription required linux-image-5.4.0-1032-azure - 5.4.0-1032.33 No subscription required linux-image-5.4.0-56-generic-lpae - 5.4.0-56.62 linux-image-5.4.0-56-lowlatency - 5.4.0-56.62 linux-image-5.4.0-56-generic - 5.4.0-56.62 No subscription required linux-image-raspi - 5.4.0.1023.58 linux-image-raspi2 - 5.4.0.1023.58 linux-image-raspi-hwe-18.04-edge - 5.4.0.1023.58 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1023.58 linux-image-raspi-hwe-18.04 - 5.4.0.1023.58 linux-image-raspi2-hwe-18.04 - 5.4.0.1023.58 No subscription required linux-image-kvm - 5.4.0.1028.26 No subscription required linux-image-oracle - 5.4.0.1030.27 No subscription required linux-image-aws - 5.4.0.1030.31 No subscription required linux-image-gke - 5.4.0.1030.38 linux-image-gcp - 5.4.0.1030.38 No subscription required linux-image-azure - 5.4.0.1032.30 No subscription required linux-image-oem-osp1 - 5.4.0.56.59 linux-image-generic-hwe-20.04 - 5.4.0.56.59 linux-image-generic-hwe-18.04 - 5.4.0.56.59 linux-image-generic-lpae-hwe-20.04 - 5.4.0.56.59 linux-image-generic-lpae-hwe-18.04 - 5.4.0.56.59 linux-image-virtual - 5.4.0.56.59 linux-image-virtual-hwe-20.04 - 5.4.0.56.59 linux-image-lowlatency-hwe-18.04 - 5.4.0.56.59 linux-image-generic - 5.4.0.56.59 linux-image-virtual-hwe-18.04 - 5.4.0.56.59 linux-image-oem - 5.4.0.56.59 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.56.59 linux-image-generic-hwe-18.04-edge - 5.4.0.56.59 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.56.59 linux-image-generic-lpae - 5.4.0.56.59 linux-image-lowlatency - 5.4.0.56.59 linux-image-lowlatency-hwe-20.04 - 5.4.0.56.59 linux-image-virtual-hwe-18.04-edge - 5.4.0.56.59 No subscription required Medium CVE-2020-0423 CVE-2020-10135 CVE-2020-14351 CVE-2020-14390 CVE-2020-25211 CVE-2020-25284 CVE-2020-25643 CVE-2020-25645 CVE-2020-25705 CVE-2020-28915 CVE-2020-4788 Ubuntu 20.04 LTS USN-4658-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem. Original advisory details: It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-0423) Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. (CVE-2020-10135) It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An attacker with access to the perf subsystem could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14351) It was discovered that the frame buffer implementation in the Linux kernel did not properly handle some edge cases in software scrollback. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14390) It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25211) It was discovered that the Rados block device (rbd) driver in the Linux kernel did not properly perform privilege checks for access to rbd devices in some situations. A local attacker could use this to map or unmap rbd block devices. (CVE-2020-25284) It was discovered that the HDLC PPP implementation in the Linux kernel did not properly validate input in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25643) It was discovered that the GENEVE tunnel implementation in the Linux kernel when combined with IPSec did not properly select IP routes in some situations. An attacker could use this to expose sensitive information (unencrypted network traffic). (CVE-2020-25645) Keyu Man discovered that the ICMP global rate limiter in the Linux kernel could be used to assist in scanning open UDP ports. A remote attacker could use to facilitate attacks on UDP based services that depend on source port randomization. (CVE-2020-25705) It was discovered that the framebuffer implementation in the Linux kernel did not properly perform range checks in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28915) It was discovered that Power 9 processors could be coerced to expose information from the L1 cache in certain situations. A local attacker could use this to expose sensitive information. (CVE-2020-4788) Update Instructions: Run `sudo pro fix USN-4658-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1025-raspi - 5.4.0-1025.28 No subscription required linux-image-5.4.0-1030-kvm - 5.4.0-1030.31 No subscription required linux-image-5.4.0-1032-aws - 5.4.0-1032.33 No subscription required linux-image-5.4.0-1032-oracle - 5.4.0-1032.34 linux-image-5.4.0-1032-gcp - 5.4.0-1032.34 No subscription required linux-image-5.4.0-1034-azure - 5.4.0-1034.35 No subscription required linux-image-5.4.0-58-lowlatency - 5.4.0-58.64 linux-image-5.4.0-58-generic - 5.4.0-58.64 linux-image-5.4.0-58-generic-lpae - 5.4.0-58.64 No subscription required linux-image-raspi - 5.4.0.1025.60 linux-image-raspi2 - 5.4.0.1025.60 linux-image-raspi-hwe-18.04-edge - 5.4.0.1025.60 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1025.60 linux-image-raspi-hwe-18.04 - 5.4.0.1025.60 linux-image-raspi2-hwe-18.04 - 5.4.0.1025.60 No subscription required linux-image-kvm - 5.4.0.1030.28 No subscription required linux-image-oracle - 5.4.0.1032.29 No subscription required linux-image-aws - 5.4.0.1032.33 No subscription required linux-image-gke - 5.4.0.1032.41 linux-image-gcp - 5.4.0.1032.41 No subscription required linux-image-azure - 5.4.0.1034.32 No subscription required linux-image-oem-osp1 - 5.4.0.58.61 linux-image-generic-hwe-20.04 - 5.4.0.58.61 linux-image-generic-hwe-18.04 - 5.4.0.58.61 linux-image-generic-lpae-hwe-20.04 - 5.4.0.58.61 linux-image-generic-lpae-hwe-18.04 - 5.4.0.58.61 linux-image-virtual - 5.4.0.58.61 linux-image-lowlatency - 5.4.0.58.61 linux-image-virtual-hwe-20.04 - 5.4.0.58.61 linux-image-lowlatency-hwe-18.04 - 5.4.0.58.61 linux-image-generic - 5.4.0.58.61 linux-image-virtual-hwe-18.04 - 5.4.0.58.61 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.58.61 linux-image-oem - 5.4.0.58.61 linux-image-generic-hwe-18.04-edge - 5.4.0.58.61 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.58.61 linux-image-generic-lpae - 5.4.0.58.61 linux-image-virtual-hwe-18.04-edge - 5.4.0.58.61 linux-image-lowlatency-hwe-20.04 - 5.4.0.58.61 No subscription required None https://launchpad.net/bugs/1907262 Ubuntu 20.04 LTS David Benjamin discovered that OpenSSL incorrectly handled comparing certificates containing a EDIPartyName name type. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4662-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcrypto1.1-udeb - 1.1.1f-1ubuntu2.1 libssl-dev - 1.1.1f-1ubuntu2.1 openssl - 1.1.1f-1ubuntu2.1 libssl-doc - 1.1.1f-1ubuntu2.1 libssl1.1-udeb - 1.1.1f-1ubuntu2.1 libssl1.1 - 1.1.1f-1ubuntu2.1 No subscription required High CVE-2020-1971 Ubuntu 20.04 LTS Melvin Kool discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to hang, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4663-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgdk-pixbuf2.0-0 - 2.40.0+dfsg-3ubuntu0.1 libgdk-pixbuf2.0-common - 2.40.0+dfsg-3ubuntu0.1 libgdk-pixbuf2.0-0-udeb - 2.40.0+dfsg-3ubuntu0.1 libgdk-pixbuf2.0-bin - 2.40.0+dfsg-3ubuntu0.1 libgdk-pixbuf2.0-dev - 2.40.0+dfsg-3ubuntu0.1 libgdk-pixbuf2.0-doc - 2.40.0+dfsg-3ubuntu0.1 gir1.2-gdkpixbuf-2.0 - 2.40.0+dfsg-3ubuntu0.1 No subscription required Medium CVE-2020-29385 Ubuntu 20.04 LTS Kevin Backhouse discovered that Aptdaemon incorrectly handled certain properties. A local attacker could use this issue to test for the presence of local files. (CVE-2020-16128) Kevin Backhouse discovered that Aptdaemon incorrectly handled permission checks. A local attacker could possibly use this issue to cause a denial of service. (CVE-2020-27349) Update Instructions: Run `sudo pro fix USN-4664-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aptdaemon-data - 1.1.1+bzr982-0ubuntu32.3 python3-aptdaemon.gtk3widgets - 1.1.1+bzr982-0ubuntu32.3 aptdaemon - 1.1.1+bzr982-0ubuntu32.3 python3-aptdaemon.test - 1.1.1+bzr982-0ubuntu32.3 python3-aptdaemon - 1.1.1+bzr982-0ubuntu32.3 No subscription required Medium CVE-2020-16128 CVE-2020-27349 Ubuntu 20.04 LTS Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information. This issue only affected Ubuntu 20.10. (CVE-2020-8231) Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV responses. An attacker could possibly use this issue to trick curl into connecting to an arbitrary IP address and be used to perform port scanner and other information gathering. (CVE-2020-8284) It was discovered that curl incorrectly handled FTP wildcard matchins. A remote attacker could possibly use this issue to cause curl to consume resources and crash, resulting in a denial of service. (CVE-2020-8285) It was discovered that curl incorrectly handled OCSP response verification. A remote attacker could possibly use this issue to provide a fraudulent OCSP response. (CVE-2020-8286) Update Instructions: Run `sudo pro fix USN-4665-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.4 libcurl4-openssl-dev - 7.68.0-1ubuntu2.4 libcurl3-gnutls - 7.68.0-1ubuntu2.4 libcurl4-doc - 7.68.0-1ubuntu2.4 libcurl3-nss - 7.68.0-1ubuntu2.4 libcurl4-nss-dev - 7.68.0-1ubuntu2.4 libcurl4 - 7.68.0-1ubuntu2.4 curl - 7.68.0-1ubuntu2.4 No subscription required Medium CVE-2020-8231 CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 Ubuntu 20.04 LTS It was discovered that lxml incorrectly handled certain HTML. An attacker could possibly use this issue to cross-site scripting (XSS) attacks. Update Instructions: Run `sudo pro fix USN-4666-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-lxml - 4.5.0-1ubuntu0.1 python-lxml - 4.5.0-1ubuntu0.1 python-lxml-doc - 4.5.0-1ubuntu0.1 No subscription required Medium CVE-2020-27783 Ubuntu 20.04 LTS USN-4666-1 partially fixed a vulnerability in lxml, but an additional patch was needed. This update provides the corresponding additional patch in order to properly fix the vulnerability. Original advisory details: It was discovered that lxml incorrectly handled certain HTML. An attacker could possibly use this issue to cross-site scripting (XSS) attacks. Update Instructions: Run `sudo pro fix USN-4666-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-lxml - 4.5.0-1ubuntu0.2 python-lxml - 4.5.0-1ubuntu0.2 python-lxml-doc - 4.5.0-1ubuntu0.2 No subscription required Medium CVE-2020-27783 Ubuntu 20.04 LTS Kevin Backhouse discovered that APT incorrectly handled certain packages. A local attacker could possibly use this issue to cause APT to crash or stop responding, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4667-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apt-doc - 2.0.2ubuntu0.2 libapt-pkg6.0 - 2.0.2ubuntu0.2 apt-transport-https - 2.0.2ubuntu0.2 libapt-pkg-doc - 2.0.2ubuntu0.2 apt - 2.0.2ubuntu0.2 apt-utils - 2.0.2ubuntu0.2 libapt-pkg-dev - 2.0.2ubuntu0.2 No subscription required Medium CVE-2020-27350 Ubuntu 20.04 LTS Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-4668-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-apt - 2.0.0ubuntu0.20.04.2 python-apt - 2.0.0ubuntu0.20.04.2 python-apt-common - 2.0.0ubuntu0.20.04.2 python-apt-dev - 2.0.0ubuntu0.20.04.2 python-apt-doc - 2.0.0ubuntu0.20.04.2 No subscription required Medium CVE-2020-27351 Ubuntu 20.04 LTS USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-4668-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-apt - 2.0.0ubuntu0.20.04.3 python-apt - 2.0.0ubuntu0.20.04.3 python-apt-common - 2.0.0ubuntu0.20.04.3 python-apt-dev - 2.0.0ubuntu0.20.04.3 python-apt-doc - 2.0.0ubuntu0.20.04.3 No subscription required None https://launchpad.net/bugs/1907676 Ubuntu 20.04 LTS It was discovered that ImageMagick incorrectly handled certain specially crafted image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.10. (CVE-2019-19948, CVE-2019-19949) It was discovered that ImageMagick incorrectly handled certain specially crafted image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. (CVE-2020-27560) Update Instructions: Run `sudo pro fix USN-4670-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 No subscription required Low CVE-2019-19948 CVE-2019-19949 CVE-2020-27560 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass the CSS sanitizer, bypass security restrictions, spoof the URL bar, or execute arbitrary code. (CVE-2020-16042, CVE-2020-26971, CVE-2020-26972, CVE-2020-26793, CVE-2020-26974, CVE-2020-26976, CVE-2020-26978, CVE-2020-26979, CVE-2020-35113, CVE-2020-35114) It was discovered that the proxy.onRequest API did not catch view-source URLs. If a user were tricked in to installing an extension with the proxy permission and opening View Source, an attacker could potentially exploit this to obtain sensitive information. (CVE-2020-35111) Update Instructions: Run `sudo pro fix USN-4671-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 84.0+build3-0ubuntu0.20.04.1 firefox - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 84.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 84.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 84.0+build3-0ubuntu0.20.04.1 firefox-dev - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 84.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-16042 CVE-2020-26971 CVE-2020-26972 CVE-2020-26973 CVE-2020-26974 CVE-2020-26976 CVE-2020-26978 CVE-2020-26979 CVE-2020-35111 CVE-2020-35113 CVE-2020-35114 Ubuntu 20.04 LTS Li Fei discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4673-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libproxy-cil-dev - 0.4.15-10ubuntu1.2 libproxy1v5 - 0.4.15-10ubuntu1.2 libproxy0.4-cil - 0.4.15-10ubuntu1.2 libproxy1-plugin-gsettings - 0.4.15-10ubuntu1.2 libproxy-dev - 0.4.15-10ubuntu1.2 python3-libproxy - 0.4.15-10ubuntu1.2 libproxy1-plugin-webkit - 0.4.15-10ubuntu1.2 libproxy1-plugin-kconfig - 0.4.15-10ubuntu1.2 libproxy1-plugin-mozjs - 0.4.15-10ubuntu1.2 libproxy1-plugin-networkmanager - 0.4.15-10ubuntu1.2 libproxy-tools - 0.4.15-10ubuntu1.2 No subscription required Medium CVE-2020-26154 Ubuntu 20.04 LTS It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users' email. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-24386) Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. (CVE-2020-25275) Update Instructions: Run `sudo pro fix USN-4674-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dovecot-auth-lua - 1:2.3.7.2-1ubuntu3.3 dovecot-pgsql - 1:2.3.7.2-1ubuntu3.3 dovecot-mysql - 1:2.3.7.2-1ubuntu3.3 dovecot-sieve - 1:2.3.7.2-1ubuntu3.3 dovecot-core - 1:2.3.7.2-1ubuntu3.3 dovecot-ldap - 1:2.3.7.2-1ubuntu3.3 dovecot-sqlite - 1:2.3.7.2-1ubuntu3.3 dovecot-dev - 1:2.3.7.2-1ubuntu3.3 dovecot-pop3d - 1:2.3.7.2-1ubuntu3.3 dovecot-imapd - 1:2.3.7.2-1ubuntu3.3 dovecot-managesieved - 1:2.3.7.2-1ubuntu3.3 dovecot-lucene - 1:2.3.7.2-1ubuntu3.3 mail-stack-delivery - 1:2.3.7.2-1ubuntu3.3 dovecot-gssapi - 1:2.3.7.2-1ubuntu3.3 dovecot-solr - 1:2.3.7.2-1ubuntu3.3 dovecot-submissiond - 1:2.3.7.2-1ubuntu3.3 dovecot-lmtpd - 1:2.3.7.2-1ubuntu3.3 No subscription required Medium CVE-2020-24386 CVE-2020-25275 Ubuntu 20.04 LTS Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL. Update Instructions: Run `sudo pro fix USN-4675-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openstack-dashboard - 3:18.3.2-0ubuntu0.20.04.4 python3-django-horizon - 3:18.3.2-0ubuntu0.20.04.4 openstack-dashboard-ubuntu-theme - 3:18.3.2-0ubuntu0.20.04.4 python3-django-openstack-auth - 3:18.3.2-0ubuntu0.20.04.4 openstack-dashboard-common - 3:18.3.2-0ubuntu0.20.04.4 No subscription required Medium CVE-2020-29565 Ubuntu 20.04 LTS It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4676-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenexr-dev - 2.3.0-6ubuntu0.3 openexr - 2.3.0-6ubuntu0.3 libopenexr24 - 2.3.0-6ubuntu0.3 openexr-doc - 2.3.0-6ubuntu0.3 No subscription required Medium CVE-2020-16587 CVE-2020-16588 CVE-2020-16589 Ubuntu 20.04 LTS David Cook discovered that p11-kit incorrectly handled certain memory operations. An attacker could use this issue to cause p11-kit to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4677-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libp11-kit0 - 0.23.20-1ubuntu0.1 libp11-kit-dev - 0.23.20-1ubuntu0.1 p11-kit-modules - 0.23.20-1ubuntu0.1 p11-kit - 0.23.20-1ubuntu0.1 No subscription required Medium CVE-2020-29361 CVE-2020-29362 CVE-2020-29363 Ubuntu 20.04 LTS It was discovered that the AMD Running Average Power Limit (RAPL) driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information. (CVE-2020-12912) Jann Horn discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations. A local attacker could use this to expose sensitive information or possibly escalate privileges. (CVE-2020-29534) Update Instructions: Run `sudo pro fix USN-4678-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-34-generic - 5.8.0-34.37~20.04.2 linux-image-5.8.0-34-generic-lpae - 5.8.0-34.37~20.04.2 linux-image-5.8.0-34-lowlatency - 5.8.0-34.37~20.04.2 No subscription required linux-image-virtual-hwe-20.04 - 5.8.0.34.37~20.04.20 linux-image-generic-hwe-20.04-edge - 5.8.0.34.37~20.04.20 linux-image-virtual-hwe-20.04-edge - 5.8.0.34.37~20.04.20 linux-image-generic-lpae-hwe-20.04 - 5.8.0.34.37~20.04.20 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.34.37~20.04.20 linux-image-lowlatency-hwe-20.04 - 5.8.0.34.37~20.04.20 linux-image-generic-hwe-20.04 - 5.8.0.34.37~20.04.20 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.34.37~20.04.20 No subscription required Medium CVE-2020-12912 CVE-2020-29534 Ubuntu 20.04 LTS It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-25656) Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-25668) Kiyin (尹亮) discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2020-25704) Jinoh Kang discovered that the Xen event channel infrastructure in the Linux kernel contained a race condition. An attacker in guest could possibly use this to cause a denial of service (dom0 crash). (CVE-2020-27675) Daniel Axtens discovered that PowerPC RTAS implementation in the Linux kernel did not properly restrict memory accesses in some situations. A privileged local attacker could use this to arbitrarily modify kernel memory, potentially bypassing kernel lockdown restrictions. (CVE-2020-27777) Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-28974) Update Instructions: Run `sudo pro fix USN-4679-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1026-raspi - 5.4.0-1026.29 No subscription required linux-image-5.4.0-1031-kvm - 5.4.0-1031.32 No subscription required linux-image-5.4.0-1033-gcp - 5.4.0-1033.35 No subscription required linux-image-5.4.0-1034-aws - 5.4.0-1034.35 No subscription required linux-image-5.4.0-1034-oracle - 5.4.0-1034.36 No subscription required linux-image-5.4.0-1035-azure - 5.4.0-1035.36 No subscription required linux-image-5.4.0-59-generic - 5.4.0-59.65 linux-image-5.4.0-59-generic-lpae - 5.4.0-59.65 linux-image-5.4.0-59-lowlatency - 5.4.0-59.65 No subscription required linux-image-raspi - 5.4.0.1026.61 linux-image-raspi2 - 5.4.0.1026.61 linux-image-raspi-hwe-18.04-edge - 5.4.0.1026.61 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1026.61 linux-image-raspi-hwe-18.04 - 5.4.0.1026.61 linux-image-raspi2-hwe-18.04 - 5.4.0.1026.61 No subscription required linux-image-kvm - 5.4.0.1031.29 No subscription required linux-image-gcp - 5.4.0.1033.42 No subscription required linux-image-oracle - 5.4.0.1034.31 No subscription required linux-image-aws - 5.4.0.1034.35 No subscription required linux-image-azure - 5.4.0.1035.33 No subscription required linux-image-oem-osp1 - 5.4.0.59.62 linux-image-generic-hwe-20.04 - 5.4.0.59.62 linux-image-generic-hwe-18.04 - 5.4.0.59.62 linux-image-generic-lpae-hwe-20.04 - 5.4.0.59.62 linux-image-generic-lpae-hwe-18.04 - 5.4.0.59.62 linux-image-virtual - 5.4.0.59.62 linux-image-virtual-hwe-20.04 - 5.4.0.59.62 linux-image-lowlatency-hwe-18.04 - 5.4.0.59.62 linux-image-generic - 5.4.0.59.62 linux-image-virtual-hwe-18.04 - 5.4.0.59.62 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.59.62 linux-image-oem - 5.4.0.59.62 linux-image-generic-hwe-18.04-edge - 5.4.0.59.62 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.59.62 linux-image-generic-lpae - 5.4.0.59.62 linux-image-lowlatency - 5.4.0.59.62 linux-image-lowlatency-hwe-20.04 - 5.4.0.59.62 linux-image-virtual-hwe-18.04-edge - 5.4.0.59.62 No subscription required Medium CVE-2020-25656 CVE-2020-25668 CVE-2020-25704 CVE-2020-27675 CVE-2020-27777 CVE-2020-28974 Ubuntu 20.04 LTS It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to execute arbitrary code or cause a crash. Update Instructions: Run `sudo pro fix USN-4682-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwavpack1 - 5.2.0-1ubuntu0.1 libwavpack-dev - 5.2.0-1ubuntu0.1 wavpack - 5.2.0-1ubuntu0.1 No subscription required Medium CVE-2020-35738 Ubuntu 20.04 LTS Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). Update Instructions: Run `sudo pro fix USN-4683-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1039-oem - 5.6.0-1039.43 No subscription required linux-image-oem-20.04 - 5.6.0.1039.37 No subscription required Medium CVE-2020-28974 Ubuntu 20.04 LTS Laszlo Ersek discovered that EDK II incorrectly validated certain signed images. An attacker could possibly use this issue with a specially crafted image to cause EDK II to hang, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2019-14562) It was discovered that EDK II incorrectly parsed signed PKCS #7 data. An attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-14584) Update Instructions: Run `sudo pro fix USN-4684-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-efi-arm - 0~20191122.bd85bf54-2ubuntu3.1 qemu-efi - 0~20191122.bd85bf54-2ubuntu3.1 qemu-efi-aarch64 - 0~20191122.bd85bf54-2ubuntu3.1 ovmf - 0~20191122.bd85bf54-2ubuntu3.1 No subscription required Low CVE-2019-14562 CVE-2019-14584 Ubuntu 20.04 LTS It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4685-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenjp2-tools - 2.3.1-1ubuntu4.20.04.1 libopenjpip-server - 2.3.1-1ubuntu4.20.04.1 libopenjpip-viewer - 2.3.1-1ubuntu4.20.04.1 libopenjp3d-tools - 2.3.1-1ubuntu4.20.04.1 libopenjpip7 - 2.3.1-1ubuntu4.20.04.1 libopenjp2-7 - 2.3.1-1ubuntu4.20.04.1 libopenjp2-7-dev - 2.3.1-1ubuntu4.20.04.1 libopenjp3d7 - 2.3.1-1ubuntu4.20.04.1 libopenjpip-dec-server - 2.3.1-1ubuntu4.20.04.1 No subscription required Medium CVE-2020-15389 CVE-2020-27814 CVE-2020-27823 CVE-2020-27824 CVE-2020-27841 CVE-2020-27842 CVE-2020-27843 CVE-2020-27845 Ubuntu 20.04 LTS A use-after-free was discovered in Firefox when handling SCTP packets. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4687-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 84.0.2+build1-0ubuntu0.20.04.1 firefox - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 84.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 84.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 84.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 84.0.2+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-16044 Ubuntu 20.04 LTS It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. (CVE-2021-1052) It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1053) Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1056) Update Instructions: Run `sudo pro fix USN-4689-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nvidia-compute-utils-390 - 390.141-0ubuntu0.20.04.1 libnvidia-ifr1-390 - 390.141-0ubuntu0.20.04.1 nvidia-kernel-common-390 - 390.141-0ubuntu0.20.04.1 libnvidia-decode-390 - 390.141-0ubuntu0.20.04.1 nvidia-utils-390 - 390.141-0ubuntu0.20.04.1 libnvidia-gl-390 - 390.141-0ubuntu0.20.04.1 libnvidia-compute-390 - 390.141-0ubuntu0.20.04.1 nvidia-driver-390 - 390.141-0ubuntu0.20.04.1 nvidia-384-dev - 390.141-0ubuntu0.20.04.1 nvidia-opencl-icd-384 - 390.141-0ubuntu0.20.04.1 libcuda1-384 - 390.141-0ubuntu0.20.04.1 libnvidia-cfg1-390 - 390.141-0ubuntu0.20.04.1 libnvidia-fbc1-390 - 390.141-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-390 - 390.141-0ubuntu0.20.04.1 libnvidia-encode-390 - 390.141-0ubuntu0.20.04.1 nvidia-headless-no-dkms-390 - 390.141-0ubuntu0.20.04.1 nvidia-headless-390 - 390.141-0ubuntu0.20.04.1 libnvidia-common-390 - 390.141-0ubuntu0.20.04.1 nvidia-dkms-390 - 390.141-0ubuntu0.20.04.1 nvidia-libopencl1-384 - 390.141-0ubuntu0.20.04.1 nvidia-kernel-source-390 - 390.141-0ubuntu0.20.04.1 nvidia-384 - 390.141-0ubuntu0.20.04.1 No subscription required libnvidia-encode-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-fbc1-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-compute-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-common-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-encode-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-common-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-cfg1-450 - 450.102.04-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-driver-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-cfg1-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-compute-utils-440 - 450.102.04-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-common-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-decode-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-driver-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-utils-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-compute-utils-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-common-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-decode-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-ifr1-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-fbc1-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-source-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-source-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-ifr1-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-dkms-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-extra-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-gl-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-utils-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-dkms-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-compute-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-extra-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-gl-440 - 450.102.04-0ubuntu0.20.04.1 No subscription required libnvidia-common-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-fbc1-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-headless-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-gl-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-common-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-cfg1-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-encode-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-compute-utils-460 - 460.32.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-kernel-common-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-cfg1-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-utils-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-compute-460 - 460.32.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-driver-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-kernel-source-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-dkms-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-extra-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-compute-utils-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-kernel-common-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-decode-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-driver-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-fbc1-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-kernel-source-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-ifr1-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-decode-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-encode-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-utils-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-gl-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-ifr1-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-dkms-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-headless-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-extra-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-compute-455 - 460.32.03-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-1052 CVE-2021-1053 CVE-2021-1056 Ubuntu 20.04 LTS USN-4689-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. (CVE-2021-1052) It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1053) Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1056) Update Instructions: Run `sudo pro fix USN-4689-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1034-gcp - 5.4.0-1034.37 No subscription required linux-image-5.4.0-1035-aws - 5.4.0-1035.37 No subscription required linux-image-5.4.0-1035-oracle - 5.4.0-1035.38 No subscription required linux-image-5.4.0-1036-azure - 5.4.0-1036.38 No subscription required linux-image-5.4.0-60-lowlatency - 5.4.0-60.67 linux-image-5.4.0-60-generic-lpae - 5.4.0-60.67 linux-image-5.4.0-60-generic - 5.4.0-60.67 No subscription required linux-image-gcp - 5.4.0.1034.43 No subscription required linux-image-oracle - 5.4.0.1035.32 No subscription required linux-image-aws - 5.4.0.1035.36 No subscription required linux-image-azure - 5.4.0.1036.34 No subscription required linux-image-oem-osp1 - 5.4.0.60.63 linux-image-generic-hwe-18.04 - 5.4.0.60.63 linux-image-generic-lpae-hwe-18.04 - 5.4.0.60.63 linux-image-virtual - 5.4.0.60.63 linux-image-lowlatency-hwe-18.04 - 5.4.0.60.63 linux-image-generic - 5.4.0.60.63 linux-image-virtual-hwe-18.04 - 5.4.0.60.63 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.60.63 linux-image-oem - 5.4.0.60.63 linux-image-generic-hwe-18.04-edge - 5.4.0.60.63 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.60.63 linux-image-generic-lpae - 5.4.0.60.63 linux-image-lowlatency - 5.4.0.60.63 linux-image-virtual-hwe-18.04-edge - 5.4.0.60.63 No subscription required linux-image-5.6.0-1042-oem - 5.6.0-1042.46 No subscription required linux-image-oem-20.04 - 5.6.0.1042.38 No subscription required linux-image-5.8.0-36-generic - 5.8.0-36.40~20.04.1 linux-image-5.8.0-36-generic-lpae - 5.8.0-36.40~20.04.1 linux-image-5.8.0-36-lowlatency - 5.8.0-36.40~20.04.1 No subscription required linux-image-generic-hwe-20.04 - 5.8.0.36.40~20.04.21 linux-image-virtual-hwe-20.04-edge - 5.8.0.36.40~20.04.21 linux-image-generic-lpae-hwe-20.04 - 5.8.0.36.40~20.04.21 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.36.40~20.04.21 linux-image-virtual-hwe-20.04 - 5.8.0.36.40~20.04.21 linux-image-generic-hwe-20.04-edge - 5.8.0.36.40~20.04.21 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.36.40~20.04.21 linux-image-lowlatency-hwe-20.04 - 5.8.0.36.40~20.04.21 No subscription required Medium CVE-2021-1052 CVE-2021-1053 CVE-2021-1056 Ubuntu 20.04 LTS It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. (CVE-2021-1052) It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1053) Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1056) Update Instructions: Run `sudo pro fix USN-4689-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nvidia-headless-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-kernel-source-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-decode-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-ifr1-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-encode-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-compute-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-utils-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-gl-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-common-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-dkms-418-server - 418.181.07-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-fbc1-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-driver-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-cfg1-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-compute-utils-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-kernel-common-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-headless-no-dkms-418-server - 418.181.07-0ubuntu0.20.04.1 No subscription required nvidia-headless-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-cfg1-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-fbc1-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-compute-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-common-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-encode-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-ifr1-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-driver-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-common-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-decode-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-dkms-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-gl-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-compute-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-source-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-decode-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-encode-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-fbc1-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-extra-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-cfg1-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-common-450-server - 450.102.04-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-dkms-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-extra-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-source-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-compute-utils-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-utils-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-common-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-gl-440-server - 450.102.04-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-utils-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-ifr1-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-compute-utils-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-driver-440-server - 450.102.04-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-1052 CVE-2021-1053 Ubuntu 20.04 LTS USN-4689-3 fixed vulnerabilities in the NVIDIA server graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. (CVE-2021-1052) It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1053) Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1056) Update Instructions: Run `sudo pro fix USN-4689-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-64-generic-lpae - 5.4.0-64.72 linux-image-5.4.0-64-generic - 5.4.0-64.72 linux-image-5.4.0-64-lowlatency - 5.4.0-64.72 No subscription required linux-image-oem-osp1 - 5.4.0.64.67 linux-image-generic-hwe-18.04 - 5.4.0.64.67 linux-image-generic-lpae-hwe-18.04 - 5.4.0.64.67 linux-image-virtual - 5.4.0.64.67 linux-image-lowlatency-hwe-18.04 - 5.4.0.64.67 linux-image-generic - 5.4.0.64.67 linux-image-virtual-hwe-18.04 - 5.4.0.64.67 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.64.67 linux-image-oem - 5.4.0.64.67 linux-image-generic-hwe-18.04-edge - 5.4.0.64.67 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.64.67 linux-image-generic-lpae - 5.4.0.64.67 linux-image-lowlatency - 5.4.0.64.67 linux-image-virtual-hwe-18.04-edge - 5.4.0.64.67 No subscription required linux-image-5.8.0-40-generic - 5.8.0-40.45~20.04.1 linux-image-5.8.0-40-lowlatency - 5.8.0-40.45~20.04.1 linux-image-5.8.0-40-generic-lpae - 5.8.0-40.45~20.04.1 No subscription required linux-image-generic-hwe-20.04 - 5.8.0.40.45~20.04.25 linux-image-virtual-hwe-20.04-edge - 5.8.0.40.45~20.04.25 linux-image-generic-lpae-hwe-20.04 - 5.8.0.40.45~20.04.25 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.40.45~20.04.25 linux-image-virtual-hwe-20.04 - 5.8.0.40.45~20.04.25 linux-image-generic-hwe-20.04-edge - 5.8.0.40.45~20.04.25 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.40.45~20.04.25 linux-image-lowlatency-hwe-20.04 - 5.8.0.40.45~20.04.25 No subscription required Medium CVE-2021-1052 CVE-2021-1053 Ubuntu 20.04 LTS It was discovered that coTURN allowed peers to connect and relay packets to loopback addresses in the range of 127.x.x.x. A malicious user could use this vulnerability to insert packages into the loopback interface. Update Instructions: Run `sudo pro fix USN-4690-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: coturn - 4.5.1.1-1.1ubuntu0.20.04.2 No subscription required Medium CVE-2020-26262 Ubuntu 20.04 LTS Jonas Rudloff discovered that Open vSwitch incorrectly handled certain malformed LLDP packets. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4691-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-doc - 2.13.1-0ubuntu0.20.04.3 openvswitch-switch - 2.13.1-0ubuntu0.20.04.3 openvswitch-pki - 2.13.1-0ubuntu0.20.04.3 openvswitch-common - 2.13.1-0ubuntu0.20.04.3 openvswitch-testcontroller - 2.13.1-0ubuntu0.20.04.3 openvswitch-vtep - 2.13.1-0ubuntu0.20.04.3 openvswitch-source - 2.13.1-0ubuntu0.20.04.3 python3-openvswitch - 2.13.1-0ubuntu0.20.04.3 openvswitch-switch-dpdk - 2.13.1-0ubuntu0.20.04.3 openvswitch-test - 2.13.1-0ubuntu0.20.04.3 No subscription required Medium CVE-2015-8011 CVE-2020-27827 Ubuntu 20.04 LTS Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-20482) Daniel Axtens discovered that tar incorrectly handled certain malformed tar files. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to cause tar to crash, resulting in a denial of service. (CVE-2019-9923) Update Instructions: Run `sudo pro fix USN-4692-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tar-scripts - 1.30+dfsg-7ubuntu0.20.04.1 tar - 1.30+dfsg-7ubuntu0.20.04.1 No subscription required Low CVE-2018-20482 CVE-2019-9923 Ubuntu 20.04 LTS It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. Update Instructions: Run `sudo pro fix USN-4694-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-62-generic-lpae - 5.4.0-62.70 linux-image-5.4.0-62-generic - 5.4.0-62.70 linux-image-5.4.0-62-lowlatency - 5.4.0-62.70 No subscription required linux-image-oem-osp1 - 5.4.0.62.65 linux-image-generic-hwe-18.04 - 5.4.0.62.65 linux-image-generic-lpae-hwe-18.04 - 5.4.0.62.65 linux-image-virtual - 5.4.0.62.65 linux-image-lowlatency-hwe-18.04 - 5.4.0.62.65 linux-image-generic - 5.4.0.62.65 linux-image-virtual-hwe-18.04 - 5.4.0.62.65 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.62.65 linux-image-oem - 5.4.0.62.65 linux-image-generic-hwe-18.04-edge - 5.4.0.62.65 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.62.65 linux-image-generic-lpae - 5.4.0.62.65 linux-image-lowlatency - 5.4.0.62.65 linux-image-virtual-hwe-18.04-edge - 5.4.0.62.65 No subscription required linux-image-5.8.0-38-lowlatency - 5.8.0-38.43~20.04.1 linux-image-5.8.0-38-generic-lpae - 5.8.0-38.43~20.04.1 linux-image-5.8.0-38-generic - 5.8.0-38.43~20.04.1 No subscription required linux-image-generic-hwe-20.04 - 5.8.0.38.43~20.04.23 linux-image-virtual-hwe-20.04-edge - 5.8.0.38.43~20.04.23 linux-image-generic-lpae-hwe-20.04 - 5.8.0.38.43~20.04.23 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.38.43~20.04.23 linux-image-virtual-hwe-20.04 - 5.8.0.38.43~20.04.23 linux-image-generic-hwe-20.04-edge - 5.8.0.38.43~20.04.23 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.38.43~20.04.23 linux-image-lowlatency-hwe-20.04 - 5.8.0.38.43~20.04.23 No subscription required High CVE-2020-28374 Ubuntu 20.04 LTS It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. (CVE-2020-35653) It was discovered that Pillow incorrectly handled certain Tiff image files. If a user or automated system were tricked into opening a specially-crafted Tiff file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2020-35654) It was discovered that Pillow incorrectly handled certain SGI image files. If a user or automated system were tricked into opening a specially-crafted SGI file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-35655) Update Instructions: Run `sudo pro fix USN-4697-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.2 python-pil-doc - 7.0.0-4ubuntu0.2 python3-pil - 7.0.0-4ubuntu0.2 No subscription required Medium CVE-2020-35653 CVE-2020-35654 CVE-2020-35655 Ubuntu 20.04 LTS Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25681, CVE-2020-25687) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25682, CVE-2020-25683) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25684) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25685) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25686) It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2019-14834) Update Instructions: Run `sudo pro fix USN-4698-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsmasq - 2.80-1.1ubuntu1.2 dnsmasq-base-lua - 2.80-1.1ubuntu1.2 dnsmasq-utils - 2.80-1.1ubuntu1.2 dnsmasq-base - 2.80-1.1ubuntu1.2 No subscription required Medium CVE-2019-14834 CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 CVE-2020-25687 Ubuntu 20.04 LTS USN-4698-1 fixed vulnerabilities in Dnsmasq. The updates introduced regressions in certain environments related to issues with multiple queries, and issues with retries. This update fixes the problem. Original advisory details: Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25681, CVE-2020-25687) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25682, CVE-2020-25683) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25684) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25685) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25686) It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2019-14834) Update Instructions: Run `sudo pro fix USN-4698-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsmasq - 2.80-1.1ubuntu1.3 dnsmasq-utils - 2.80-1.1ubuntu1.3 dnsmasq-base-lua - 2.80-1.1ubuntu1.3 dnsmasq-base - 2.80-1.1ubuntu1.3 No subscription required None https://launchpad.net/bugs/1916462 Ubuntu 20.04 LTS It was discovered that Apache Log4net incorrectly handled certain configuration files. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4699-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4net1.2-cil - 1.2.10+dfsg-7ubuntu0.20.04.1 liblog4net-cil-dev - 1.2.10+dfsg-7ubuntu0.20.04.1 No subscription required Medium CVE-2018-1285 Ubuntu 20.04 LTS It was discovered that Mutt incorrectly handled certain email messages. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-4703-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mutt - 1.13.2-1ubuntu0.4 No subscription required Medium CVE-2021-3181 Ubuntu 20.04 LTS It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator account. (CVE-2021-3156) It was discovered that the Sudo sudoedit utility incorrectly handled checking directory permissions. A local attacker could possibly use this issue to bypass file permissions and determine if a directory exists or not. (CVE-2021-23239) Update Instructions: Run `sudo pro fix USN-4705-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sudo-ldap - 1.8.31-1ubuntu1.2 sudo - 1.8.31-1ubuntu1.2 No subscription required High CVE-2021-23239 CVE-2021-3156 Ubuntu 20.04 LTS Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly restrict access, resulting in gaining access to unauthorized resources. An authenticated user could use this vulnerability to modify the configuration and possibly conduct further attacks. (CVE-2020-10736) Adam Mohammed found that Ceph Object Gateway was vulnerable to HTTP header injection via a CORS ExposeHeader tag. An attacker could use this to gain access or cause a crash. (CVE-2020-10753) Ilya Dryomov found that Cephx authentication did not verify Ceph clients correctly and was then vulnerable to replay attacks in Nautilus. An attacker could use the Ceph cluster network to authenticate via a packet sniffer and perform actions. This issue is a reintroduction of CVE-2018-1128. (CVE-2020-25660) Update Instructions: Run `sudo pro fix USN-4706-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-rbd - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-modules-core - 15.2.7-0ubuntu0.20.04.2 ceph-mgr - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-cephadm - 15.2.7-0ubuntu0.20.04.2 ceph - 15.2.7-0ubuntu0.20.04.2 ceph-osd - 15.2.7-0ubuntu0.20.04.2 rbd-mirror - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-diskprediction-local - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-dashboard - 15.2.7-0ubuntu0.20.04.2 librbd-dev - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-rook - 15.2.7-0ubuntu0.20.04.2 rbd-fuse - 15.2.7-0ubuntu0.20.04.2 libradospp-dev - 15.2.7-0ubuntu0.20.04.2 librados-dev - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-diskprediction-cloud - 15.2.7-0ubuntu0.20.04.2 python3-ceph - 15.2.7-0ubuntu0.20.04.2 cephadm - 15.2.7-0ubuntu0.20.04.2 libradosstriper-dev - 15.2.7-0ubuntu0.20.04.2 librados2 - 15.2.7-0ubuntu0.20.04.2 ceph-mon - 15.2.7-0ubuntu0.20.04.2 libcephfs2 - 15.2.7-0ubuntu0.20.04.2 ceph-immutable-object-cache - 15.2.7-0ubuntu0.20.04.2 librgw2 - 15.2.7-0ubuntu0.20.04.2 ceph-mds - 15.2.7-0ubuntu0.20.04.2 radosgw - 15.2.7-0ubuntu0.20.04.2 librbd1 - 15.2.7-0ubuntu0.20.04.2 python3-rgw - 15.2.7-0ubuntu0.20.04.2 rbd-nbd - 15.2.7-0ubuntu0.20.04.2 libcephfs-dev - 15.2.7-0ubuntu0.20.04.2 rados-objclass-dev - 15.2.7-0ubuntu0.20.04.2 libradosstriper1 - 15.2.7-0ubuntu0.20.04.2 python3-ceph-argparse - 15.2.7-0ubuntu0.20.04.2 python3-ceph-common - 15.2.7-0ubuntu0.20.04.2 librgw-dev - 15.2.7-0ubuntu0.20.04.2 python3-rados - 15.2.7-0ubuntu0.20.04.2 ceph-base - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-k8sevents - 15.2.7-0ubuntu0.20.04.2 python3-cephfs - 15.2.7-0ubuntu0.20.04.2 ceph-fuse - 15.2.7-0ubuntu0.20.04.2 cephfs-shell - 15.2.7-0ubuntu0.20.04.2 ceph-common - 15.2.7-0ubuntu0.20.04.2 libcephfs-java - 15.2.7-0ubuntu0.20.04.2 ceph-resource-agents - 15.2.7-0ubuntu0.20.04.2 libcephfs-jni - 15.2.7-0ubuntu0.20.04.2 No subscription required Medium CVE-2020-10736 CVE-2020-10753 CVE-2020-25660 Ubuntu 20.04 LTS It was discovered that TCMU lacked a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. Update Instructions: Run `sudo pro fix USN-4707-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tcmu-runner - 1.5.2-5ubuntu0.20.04.1 libtcmu2 - 1.5.2-5ubuntu0.20.04.1 No subscription required Medium CVE-2021-3139 Ubuntu 20.04 LTS USN-4576-1 fixed a vulnerability in the overlay file system implementation in the Linux kernel. Unfortunately, that fix introduced a regression that could incorrectly deny access to overlay files in some situations. This update fixes the problem. We apologize for the inconvenience. Original vulnerability details: Giuseppe Scrivano discovered that the overlay file system in the Linux kernel did not properly perform permission checks in some situations. A local attacker could possibly use this to bypass intended restrictions and gain read access to restricted files. Update Instructions: Run `sudo pro fix USN-4712-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-65-generic - 5.4.0-65.73 linux-image-5.4.0-65-generic-lpae - 5.4.0-65.73 linux-image-5.4.0-65-lowlatency - 5.4.0-65.73 No subscription required linux-image-oem-osp1 - 5.4.0.65.68 linux-image-generic-hwe-18.04 - 5.4.0.65.68 linux-image-generic-lpae-hwe-18.04 - 5.4.0.65.68 linux-image-virtual - 5.4.0.65.68 linux-image-lowlatency-hwe-18.04 - 5.4.0.65.68 linux-image-generic - 5.4.0.65.68 linux-image-virtual-hwe-18.04 - 5.4.0.65.68 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.65.68 linux-image-oem - 5.4.0.65.68 linux-image-generic-hwe-18.04-edge - 5.4.0.65.68 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.65.68 linux-image-generic-lpae - 5.4.0.65.68 linux-image-lowlatency - 5.4.0.65.68 linux-image-virtual-hwe-18.04-edge - 5.4.0.65.68 No subscription required linux-image-5.8.0-41-generic - 5.8.0-41.46~20.04.1 linux-image-5.8.0-41-lowlatency - 5.8.0-41.46~20.04.1 linux-image-5.8.0-41-generic-lpae - 5.8.0-41.46~20.04.1 No subscription required linux-image-generic-64k-hwe-20.04-edge - 5.8.0.41.46~20.04.27 linux-image-generic-hwe-20.04 - 5.8.0.41.46~20.04.27 linux-image-virtual-hwe-20.04-edge - 5.8.0.41.46~20.04.27 linux-image-generic-lpae-hwe-20.04 - 5.8.0.41.46~20.04.27 linux-image-virtual-hwe-20.04 - 5.8.0.41.46~20.04.27 linux-image-generic-hwe-20.04-edge - 5.8.0.41.46~20.04.27 linux-image-generic-64k-hwe-20.04 - 5.8.0.41.46~20.04.27 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.41.46~20.04.27 linux-image-lowlatency-hwe-20.04 - 5.8.0.41.46~20.04.27 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.41.46~20.04.27 No subscription required None https://bugs.launchpad.net/bugs/1900141 https://usn.ubuntu.com/usn/usn-4576-1 Ubuntu 20.04 LTS It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. Update Instructions: Run `sudo pro fix USN-4713-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1028-raspi - 5.4.0-1028.31 No subscription required linux-image-5.4.0-1032-kvm - 5.4.0-1032.33 No subscription required linux-image-5.4.0-1036-gcp - 5.4.0-1036.39 No subscription required linux-image-5.4.0-1037-aws - 5.4.0-1037.39 No subscription required linux-image-5.4.0-1037-oracle - 5.4.0-1037.40 No subscription required linux-image-5.4.0-1039-azure - 5.4.0-1039.41 No subscription required linux-image-raspi-hwe-18.04-edge - 5.4.0.1028.63 linux-image-raspi-hwe-18.04 - 5.4.0.1028.63 linux-image-raspi - 5.4.0.1028.63 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1028.63 linux-image-raspi2 - 5.4.0.1028.63 linux-image-raspi2-hwe-18.04 - 5.4.0.1028.63 No subscription required linux-image-kvm - 5.4.0.1032.30 No subscription required linux-image-gcp - 5.4.0.1036.45 No subscription required linux-image-oracle - 5.4.0.1037.34 No subscription required linux-image-aws - 5.4.0.1037.38 No subscription required linux-image-azure - 5.4.0.1039.37 No subscription required High CVE-2020-28374 Ubuntu 20.04 LTS Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. (CVE-2020-26217) It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream. (CVE-2020-26258) It was discovered that XStream was vulnerable to arbitrary file deletion on the local host. A remote attacker could use this to delete arbitrary known files on the host as long as the executing process had sufficient rights only by manipulating the processed input stream. (CVE-2020-26259) Update Instructions: Run `sudo pro fix USN-4714-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxstream-java - 1.4.11.1-1ubuntu0.1 No subscription required Medium CVE-2020-26217 CVE-2020-26258 CVE-2020-26259 Ubuntu 20.04 LTS Wang Baohua discovered that Django incorrectly extracted archive files. A remote attacker could possibly use this issue to extract files outside of their expected location. Update Instructions: Run `sudo pro fix USN-4715-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.3 python-django-doc - 2:2.2.12-1ubuntu0.3 No subscription required Medium CVE-2021-3281 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.23 in Ubuntu 20.04 LTS and Ubuntu 20.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.33. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-33.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-23.html https://www.oracle.com/security-alerts/cpujan2021.html Update Instructions: Run `sudo pro fix USN-4716-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.23-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.23-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.23-0ubuntu0.20.04.1 mysql-router - 8.0.23-0ubuntu0.20.04.1 mysql-server - 8.0.23-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.23-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.23-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.23-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.23-0ubuntu0.20.04.1 mysql-testsuite - 8.0.23-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.23-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.23-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-2002 CVE-2021-2010 CVE-2021-2011 CVE-2021-2014 CVE-2021-2021 CVE-2021-2022 CVE-2021-2024 CVE-2021-2031 CVE-2021-2032 CVE-2021-2036 CVE-2021-2038 CVE-2021-2046 CVE-2021-2048 CVE-2021-2056 CVE-2021-2058 CVE-2021-2060 CVE-2021-2061 CVE-2021-2065 CVE-2021-2070 CVE-2021-2072 CVE-2021-2076 CVE-2021-2081 CVE-2021-2087 CVE-2021-2088 CVE-2021-2122 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct clickjacking attacks, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4717-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 85.0+build1-0ubuntu0.20.04.1 firefox - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 85.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 85.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 85.0+build1-0ubuntu0.20.04.1 firefox-dev - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 85.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-23953 CVE-2021-23954 CVE-2021-23955 CVE-2021-23956 CVE-2021-23958 CVE-2021-23960 CVE-2021-23961 CVE-2021-23962 CVE-2021-23963 CVE-2021-23964 CVE-2021-23965 Ubuntu 20.04 LTS USN-4717-1 fixed vulnerabilities in Firefox. The update caused a startup hang in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct clickjacking attacks, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4717-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 85.0.1+build1-0ubuntu0.20.04.1 firefox - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 85.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 85.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 85.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 85.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1914147 Ubuntu 20.04 LTS The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.46 version of the Mozilla certificate authority bundle. Update Instructions: Run `sudo pro fix USN-4719-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates-udeb - 20210119~20.04.1 ca-certificates - 20210119~20.04.1 No subscription required None https://launchpad.net/bugs/1914064 Ubuntu 20.04 LTS Itai Greenhut discovered that Apport incorrectly parsed certain files in the /proc filesystem. A local attacker could use this issue to escalate privileges and run arbitrary code. (CVE-2021-25682, CVE-2021-25683) Itai Greenhut discovered that Apport incorrectly handled opening certain special files. A local attacker could possibly use this issue to cause Apport to hang, resulting in a denial of service. (CVE-2021-25684) Update Instructions: Run `sudo pro fix USN-4720-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.16 apport-kde - 2.20.11-0ubuntu27.16 apport-retrace - 2.20.11-0ubuntu27.16 apport-valgrind - 2.20.11-0ubuntu27.16 python3-apport - 2.20.11-0ubuntu27.16 dh-apport - 2.20.11-0ubuntu27.16 apport-gtk - 2.20.11-0ubuntu27.16 apport - 2.20.11-0ubuntu27.16 apport-noui - 2.20.11-0ubuntu27.16 No subscription required Medium CVE-2021-25682 CVE-2021-25683 CVE-2021-25684 Ubuntu 20.04 LTS Simon McVittie discovered that flatpak-portal service allowed sandboxed applications to execute arbitrary code on the host system (a sandbox escape). A malicious user could create a Flatpak application that set environment variables, trusted by the Flatpak "run" command, and use it to execute arbitrary code outside the sandbox. Update Instructions: Run `sudo pro fix USN-4721-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libflatpak0 - 1.6.5-0ubuntu0.2 libflatpak-dev - 1.6.5-0ubuntu0.2 gir1.2-flatpak-1.0 - 1.6.5-0ubuntu0.2 libflatpak-doc - 1.6.5-0ubuntu0.2 flatpak - 1.6.5-0ubuntu0.2 flatpak-tests - 1.6.5-0ubuntu0.2 No subscription required Medium CVE-2021-21261 Ubuntu 20.04 LTS It was discovered that ReadyMedia (MiniDLNA) allowed subscription requests with a delivery URL on a different network segment than the fully qualified event- subscription URL. An attacker could use this to hijack smart devices and cause denial of service attacks. (CVE-2020-12695) It was discovered that ReadyMedia (MiniDLNA) allowed remote code execution. A remote attacker could send a malicious UPnP HTTP request to the service using HTTP chunked encoding and cause a denial of service. (CVE-2020-28926) Update Instructions: Run `sudo pro fix USN-4722-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: minidlna - 1.2.1+dfsg-1ubuntu0.20.04.1 No subscription required Medium CVE-2020-12695 CVE-2020-28926 Ubuntu 20.04 LTS It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4723-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-pear - 1:1.10.9+submodules+notgz-1ubuntu0.20.04.2 No subscription required Medium CVE-2020-36193 Ubuntu 20.04 LTS It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. (CVE-2020-36221) It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-36222, CVE-2020-36224, CVE-2020-36225, CVE-2020-36226) It was discovered that OpenLDAP incorrectly handled Return Filter control handling. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-36223) It was discovered that OpenLDAP incorrectly handled certain cancel operations. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. (CVE-2020-36227) It was discovered that OpenLDAP incorrectly handled Certificate List Extract Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. (CVE-2020-36228) It was discovered that OpenLDAP incorrectly handled X.509 DN parsing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. (CVE-2020-36229, CVE-2020-36230) Update Instructions: Run `sudo pro fix USN-4724-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.6 libldap-common - 2.4.49+dfsg-2ubuntu1.6 slapd-contrib - 2.4.49+dfsg-2ubuntu1.6 slapi-dev - 2.4.49+dfsg-2ubuntu1.6 ldap-utils - 2.4.49+dfsg-2ubuntu1.6 libldap2-dev - 2.4.49+dfsg-2ubuntu1.6 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.6 slapd - 2.4.49+dfsg-2ubuntu1.6 No subscription required Medium CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 Ubuntu 20.04 LTS It was discovered that QEMU incorrectly handled memory in iSCSI emulation. An attacker inside the guest could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-11947) Alexander Bulekov discovered that QEMU incorrectly handled Intel e1000e emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-15859) Alexander Bulekov discovered that QEMU incorrectly handled memory region cache. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-27821) Cheol-woo Myung discovered that QEMU incorrectly handled Intel e1000e emulation. An attacker inside the guest could use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-28916) Wenxiang Qian discovered that QEMU incorrectly handled ATAPI emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-29443) It was discovered that QEMU incorrectly handled VirtFS directory sharing. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-20181) Update Instructions: Run `sudo pro fix USN-4725-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.12 qemu-system-common - 1:4.2-3ubuntu6.12 qemu-system-data - 1:4.2-3ubuntu6.12 qemu-system-s390x - 1:4.2-3ubuntu6.12 qemu-block-extra - 1:4.2-3ubuntu6.12 qemu-system-misc - 1:4.2-3ubuntu6.12 qemu-user - 1:4.2-3ubuntu6.12 qemu-system-sparc - 1:4.2-3ubuntu6.12 qemu-guest-agent - 1:4.2-3ubuntu6.12 qemu-system - 1:4.2-3ubuntu6.12 qemu-utils - 1:4.2-3ubuntu6.12 qemu-user-static - 1:4.2-3ubuntu6.12 qemu-kvm - 1:4.2-3ubuntu6.12 qemu-user-binfmt - 1:4.2-3ubuntu6.12 qemu-system-x86 - 1:4.2-3ubuntu6.12 qemu-system-arm - 1:4.2-3ubuntu6.12 qemu-system-gui - 1:4.2-3ubuntu6.12 qemu - 1:4.2-3ubuntu6.12 qemu-system-ppc - 1:4.2-3ubuntu6.12 qemu-system-mips - 1:4.2-3ubuntu6.12 qemu-system-x86-xen - 1:4.2-3ubuntu6.12 No subscription required Medium CVE-2020-11947 CVE-2020-15859 CVE-2020-27821 CVE-2020-28916 CVE-2020-29443 CVE-2021-20181 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly handled the direct buffering of characters. An attacker could use this issue to cause OpenJDK to crash, resulting in a denial of service, or cause other unspecified impact. Update Instructions: Run `sudo pro fix USN-4726-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.10+9-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.10+9-0ubuntu1~20.04 openjdk-11-doc - 11.0.10+9-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.10+9-0ubuntu1~20.04 openjdk-11-jdk - 11.0.10+9-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.10+9-0ubuntu1~20.04 openjdk-11-jre - 11.0.10+9-0ubuntu1~20.04 openjdk-11-demo - 11.0.10+9-0ubuntu1~20.04 No subscription required openjdk-8-source - 8u282-b08-0ubuntu1~20.04 openjdk-8-doc - 8u282-b08-0ubuntu1~20.04 openjdk-8-jdk - 8u282-b08-0ubuntu1~20.04 openjdk-8-jre-headless - 8u282-b08-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u282-b08-0ubuntu1~20.04 openjdk-8-jre - 8u282-b08-0ubuntu1~20.04 openjdk-8-jre-zero - 8u282-b08-0ubuntu1~20.04 openjdk-8-demo - 8u282-b08-0ubuntu1~20.04 No subscription required None https://launchpad.net/bugs/1914824 Ubuntu 20.04 LTS Alexander Popov discovered that multiple race conditions existed in the AF_VSOCK implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4727-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1047-oem - 5.6.0-1047.51 No subscription required linux-image-oem-20.04 - 5.6.0.1047.43 No subscription required linux-image-5.8.0-43-generic - 5.8.0-43.49~20.04.1 linux-image-5.8.0-43-generic-lpae - 5.8.0-43.49~20.04.1 linux-image-5.8.0-43-lowlatency - 5.8.0-43.49~20.04.1 No subscription required linux-image-virtual-hwe-20.04-edge - 5.8.0.43.49~20.04.29 linux-image-virtual-hwe-20.04 - 5.8.0.43.49~20.04.29 linux-image-generic-lpae-hwe-20.04 - 5.8.0.43.49~20.04.29 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.43.49~20.04.29 linux-image-generic-64k-hwe-20.04 - 5.8.0.43.49~20.04.29 linux-image-generic-64k-hwe-20.04-edge - 5.8.0.43.49~20.04.29 linux-image-generic-hwe-20.04 - 5.8.0.43.49~20.04.29 linux-image-generic-hwe-20.04-edge - 5.8.0.43.49~20.04.29 linux-image-lowlatency-hwe-20.04 - 5.8.0.43.49~20.04.29 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.43.49~20.04.29 No subscription required High CVE-2021-26708 Ubuntu 20.04 LTS Gilad Reti and Nimrod Stoler discovered that snapd did not correctly specify cgroup delegation when generating systemd service units for various container management snaps. This could allow a local attacker to escalate privileges via access to arbitrary devices of the container host from within a compromised or malicious container. Update Instructions: Run `sudo pro fix USN-4728-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.48.3+20.04 ubuntu-core-launcher - 2.48.3+20.04 snap-confine - 2.48.3+20.04 ubuntu-snappy-cli - 2.48.3+20.04 golang-github-snapcore-snapd-dev - 2.48.3+20.04 snapd-xdg-open - 2.48.3+20.04 snapd - 2.48.3+20.04 golang-github-ubuntu-core-snappy-dev - 2.48.3+20.04 ubuntu-snappy - 2.48.3+20.04 No subscription required High CVE-2020-27352 Ubuntu 20.04 LTS Joakim Hindersson discovered that Open vSwitch incorrectly parsed certain network packets. A remote attacker could use this issue to cause a denial of service, or possibly alter packet classification. Update Instructions: Run `sudo pro fix USN-4729-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-doc - 2.13.1-0ubuntu0.20.04.4 openvswitch-switch - 2.13.1-0ubuntu0.20.04.4 openvswitch-pki - 2.13.1-0ubuntu0.20.04.4 openvswitch-common - 2.13.1-0ubuntu0.20.04.4 openvswitch-testcontroller - 2.13.1-0ubuntu0.20.04.4 openvswitch-vtep - 2.13.1-0ubuntu0.20.04.4 openvswitch-source - 2.13.1-0ubuntu0.20.04.4 python3-openvswitch - 2.13.1-0ubuntu0.20.04.4 openvswitch-switch-dpdk - 2.13.1-0ubuntu0.20.04.4 openvswitch-test - 2.13.1-0ubuntu0.20.04.4 No subscription required Medium CVE-2020-35498 Ubuntu 20.04 LTS It was discovered that JUnit 4 contains a local information disclosure vulnerability. An attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-4731-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: junit4 - 4.12-8ubuntu0.20.04.1 junit4-doc - 4.12-8ubuntu0.20.04.1 No subscription required Medium CVE-2020-15250 Ubuntu 20.04 LTS Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution. Update Instructions: Run `sudo pro fix USN-4733-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgnome-autoar-0-dev - 0.2.3-2ubuntu0.1 libgnome-autoar-gtk-0-0 - 0.2.3-2ubuntu0.1 gir1.2-gnomeautoar-0.1 - 0.2.3-2ubuntu0.1 libgnome-autoar-gtk-0-dev - 0.2.3-2ubuntu0.1 gir1.2-gnomeautoargtk-0.1 - 0.2.3-2ubuntu0.1 libgnome-autoar-doc - 0.2.3-2ubuntu0.1 libgnome-autoar-0-0 - 0.2.3-2ubuntu0.1 No subscription required Medium CVE-2020-36241 Ubuntu 20.04 LTS USN-4733-1 fixed a vulnerability in GNOME Autoar. The upstream fix introduced a regression when extracting archives containing directories. This update fixes the problem. Original advisory details: Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution. Update Instructions: Run `sudo pro fix USN-4733-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgnome-autoar-0-dev - 0.2.3-2ubuntu0.2 libgnome-autoar-gtk-0-0 - 0.2.3-2ubuntu0.2 gir1.2-gnomeautoar-0.1 - 0.2.3-2ubuntu0.2 libgnome-autoar-gtk-0-dev - 0.2.3-2ubuntu0.2 gir1.2-gnomeautoargtk-0.1 - 0.2.3-2ubuntu0.2 libgnome-autoar-doc - 0.2.3-2ubuntu0.2 libgnome-autoar-0-0 - 0.2.3-2ubuntu0.2 No subscription required None https://launchpad.net/bugs/1917812 Ubuntu 20.04 LTS It was discovered that wpa_supplicant did not properly handle P2P (Wi-Fi Direct) group information in some situations, leading to a heap overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-0326) It was discovered that hostapd did not properly handle UPnP subscribe messages in some circumstances. An attacker could use this to cause a denial of service. (CVE-2020-12695) Update Instructions: Run `sudo pro fix USN-4734-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: hostapd - 2:2.9-1ubuntu4.2 wpagui - 2:2.9-1ubuntu4.2 wpasupplicant - 2:2.9-1ubuntu4.2 wpasupplicant-udeb - 2:2.9-1ubuntu4.2 No subscription required High CVE-2020-12695 CVE-2021-0326 Ubuntu 20.04 LTS Heikki Linnakangas discovered that PostgreSQL incorrectly leaked values of denied columns when handling certain errors. A remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-4735-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.6-0ubuntu0.20.04.1 libecpg6 - 12.6-0ubuntu0.20.04.1 libpq-dev - 12.6-0ubuntu0.20.04.1 libpgtypes3 - 12.6-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.6-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.6-0ubuntu0.20.04.1 libecpg-dev - 12.6-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.6-0ubuntu0.20.04.1 libpq5 - 12.6-0ubuntu0.20.04.1 postgresql-doc-12 - 12.6-0ubuntu0.20.04.1 postgresql-12 - 12.6-0ubuntu0.20.04.1 postgresql-client-12 - 12.6-0ubuntu0.20.04.1 libecpg-compat3 - 12.6-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-3393 Ubuntu 20.04 LTS It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the Bind AppArmor profile. Update Instructions: Run `sudo pro fix USN-4737-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.6 bind9-libs - 1:9.16.1-0ubuntu2.6 bind9utils - 1:9.16.1-0ubuntu2.6 bind9-doc - 1:9.16.1-0ubuntu2.6 bind9-utils - 1:9.16.1-0ubuntu2.6 bind9 - 1:9.16.1-0ubuntu2.6 bind9-dnsutils - 1:9.16.1-0ubuntu2.6 bind9-host - 1:9.16.1-0ubuntu2.6 No subscription required Medium CVE-2020-8625 Ubuntu 20.04 LTS Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2021-23840) Tavis Ormandy discovered that OpenSSL incorrectly handled parsing issuer fields. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2021-23841) Update Instructions: Run `sudo pro fix USN-4738-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcrypto1.1-udeb - 1.1.1f-1ubuntu2.2 libssl-dev - 1.1.1f-1ubuntu2.2 openssl - 1.1.1f-1ubuntu2.2 libssl-doc - 1.1.1f-1ubuntu2.2 libssl1.1-udeb - 1.1.1f-1ubuntu2.2 libssl1.1 - 1.1.1f-1ubuntu2.2 No subscription required Medium CVE-2021-23840 CVE-2021-23841 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4739-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.30.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.30.5-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.30.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.30.5-0ubuntu0.20.04.1 webkit2gtk-driver - 2.30.5-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.30.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.30.5-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.30.5-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.30.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.30.5-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-13558 Ubuntu 20.04 LTS It was discovered that Apache Shiro mishandled specially crafted requests. An attacker could use this vulnerability to bypass authentication mechanisms. Update Instructions: Run `sudo pro fix USN-4740-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libshiro-java - 1.3.2-4ubuntu0.1 No subscription required Medium CVE-2020-11989 CVE-2020-1957 Ubuntu 20.04 LTS It was discovered that Django incorrectly accepted semicolons as query parameters. A remote attacker could possibly use this issue to perform a Web Cache Poisoning attack. Update Instructions: Run `sudo pro fix USN-4742-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.4 python-django-doc - 2:2.2.12-1ubuntu0.4 No subscription required Low CVE-2021-23336 Ubuntu 20.04 LTS It was discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4743-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgdk-pixbuf2.0-0 - 2.40.0+dfsg-3ubuntu0.2 libgdk-pixbuf2.0-common - 2.40.0+dfsg-3ubuntu0.2 libgdk-pixbuf2.0-0-udeb - 2.40.0+dfsg-3ubuntu0.2 libgdk-pixbuf2.0-bin - 2.40.0+dfsg-3ubuntu0.2 libgdk-pixbuf2.0-dev - 2.40.0+dfsg-3ubuntu0.2 libgdk-pixbuf2.0-doc - 2.40.0+dfsg-3ubuntu0.2 gir1.2-gdkpixbuf-2.0 - 2.40.0+dfsg-3ubuntu0.2 No subscription required Medium CVE-2021-20240 Ubuntu 20.04 LTS Pasi Saarinen discovered that OpenLDAP incorrectly handled certain short timestamps. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4744-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.7 libldap-common - 2.4.49+dfsg-2ubuntu1.7 slapd-contrib - 2.4.49+dfsg-2ubuntu1.7 slapi-dev - 2.4.49+dfsg-2ubuntu1.7 ldap-utils - 2.4.49+dfsg-2ubuntu1.7 libldap2-dev - 2.4.49+dfsg-2ubuntu1.7 slapd - 2.4.49+dfsg-2ubuntu1.7 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.7 No subscription required Medium CVE-2021-27212 Ubuntu 20.04 LTS Tavis Ormandy discovered that xterm incorrectly handled certain character sequences. A remote attacker could use this issue to cause xterm to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4746-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xterm - 353-1ubuntu1.20.04.2 No subscription required Medium CVE-2021-27135 Ubuntu 20.04 LTS Felix Weinmann discovered that GNU Screen incorrectly handled certain character sequences. A remote attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4747-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: screen - 4.8.0-1ubuntu0.1 screen-udeb - 4.8.0-1ubuntu0.1 No subscription required Medium CVE-2021-26937 Ubuntu 20.04 LTS Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-25669) It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2020-27815) Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in the Linux kernel did not correctly handle setting line discipline in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-27830, CVE-2020-28941) It was discovered that an information leak existed in the syscall implementation in the Linux kernel on 32 bit systems. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28588) Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event processing backend in the Linux kernel did not properly limit the number of events queued. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-29568) Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the Xen paravirt block backend in the Linux kernel, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-29569) Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-29660) Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle filter rules in some situations. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service. (CVE-2021-20177) Update Instructions: Run `sudo pro fix USN-4750-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1010-gkeop - 5.4.0-1010.11 No subscription required linux-image-5.4.0-1029-raspi - 5.4.0-1029.32 No subscription required linux-image-5.4.0-1033-kvm - 5.4.0-1033.34 No subscription required linux-image-5.4.0-1037-gcp - 5.4.0-1037.40 No subscription required linux-image-5.4.0-1038-aws - 5.4.0-1038.40 No subscription required linux-image-5.4.0-1038-oracle - 5.4.0-1038.41 No subscription required linux-image-5.4.0-1040-azure - 5.4.0-1040.42 No subscription required linux-image-5.4.0-66-lowlatency - 5.4.0-66.74 linux-image-5.4.0-66-generic-lpae - 5.4.0-66.74 linux-image-5.4.0-66-generic - 5.4.0-66.74 No subscription required linux-image-gkeop-5.4 - 5.4.0.1010.13 linux-image-gkeop - 5.4.0.1010.13 No subscription required linux-image-raspi - 5.4.0.1029.64 linux-image-raspi2 - 5.4.0.1029.64 linux-image-raspi-hwe-18.04-edge - 5.4.0.1029.64 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1029.64 linux-image-raspi-hwe-18.04 - 5.4.0.1029.64 linux-image-raspi2-hwe-18.04 - 5.4.0.1029.64 No subscription required linux-image-kvm - 5.4.0.1033.31 No subscription required linux-image-gcp - 5.4.0.1037.46 No subscription required linux-image-oracle - 5.4.0.1038.35 No subscription required linux-image-aws - 5.4.0.1038.39 No subscription required linux-image-azure - 5.4.0.1040.38 No subscription required linux-image-oem-osp1 - 5.4.0.66.69 linux-image-generic-hwe-18.04 - 5.4.0.66.69 linux-image-generic-lpae-hwe-18.04 - 5.4.0.66.69 linux-image-virtual - 5.4.0.66.69 linux-image-lowlatency-hwe-18.04 - 5.4.0.66.69 linux-image-generic - 5.4.0.66.69 linux-image-virtual-hwe-18.04 - 5.4.0.66.69 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.66.69 linux-image-oem - 5.4.0.66.69 linux-image-generic-hwe-18.04-edge - 5.4.0.66.69 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.66.69 linux-image-generic-lpae - 5.4.0.66.69 linux-image-lowlatency - 5.4.0.66.69 linux-image-virtual-hwe-18.04-edge - 5.4.0.66.69 No subscription required High CVE-2020-25669 CVE-2020-27815 CVE-2020-27830 CVE-2020-28588 CVE-2020-28941 CVE-2020-29568 CVE-2020-29569 CVE-2020-29660 CVE-2020-29661 CVE-2021-20177 Ubuntu 20.04 LTS It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-25656) Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-25668) Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-25669) Kiyin (尹亮) discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2020-25704) Julien Grall discovered that the Xen dom0 event handler in the Linux kernel did not properly limit the number of events queued. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-27673) Jinoh Kang discovered that the Xen event channel infrastructure in the Linux kernel contained a race condition. An attacker in guest could possibly use this to cause a denial of service (dom0 crash). (CVE-2020-27675) Daniel Axtens discovered that PowerPC RTAS implementation in the Linux kernel did not properly restrict memory accesses in some situations. A privileged local attacker could use this to arbitrarily modify kernel memory, potentially bypassing kernel lockdown restrictions. (CVE-2020-27777) It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2020-27815) Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in the Linux kernel did not correctly handle setting line discipline in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-27830, CVE-2020-28941) It was discovered that a use-after-free vulnerability existed in the infiniband hfi1 device driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2020-27835) It was discovered that an information leak existed in the syscall implementation in the Linux kernel on 32 bit systems. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28588) Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-28974) Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event processing backend in the Linux kernel did not properly limit the number of events queued. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-29568) Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the Xen paravirt block backend in the Linux kernel, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-29569) Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-29660) Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661) It was discovered that a race condition existed that caused the Linux kernel to not properly restrict exit signal delivery. A local attacker could possibly use this to send signals to arbitrary processes. (CVE-2020-35508) Update Instructions: Run `sudo pro fix USN-4751-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-44-lowlatency - 5.8.0-44.50~20.04.1 linux-image-5.8.0-44-generic-lpae - 5.8.0-44.50~20.04.1 linux-image-5.8.0-44-generic - 5.8.0-44.50~20.04.1 No subscription required linux-image-virtual-hwe-20.04-edge - 5.8.0.44.50~20.04.30 linux-image-generic-hwe-20.04-edge - 5.8.0.44.50~20.04.30 linux-image-generic-lpae-hwe-20.04 - 5.8.0.44.50~20.04.30 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.44.50~20.04.30 linux-image-generic-64k-hwe-20.04 - 5.8.0.44.50~20.04.30 linux-image-lowlatency-hwe-20.04 - 5.8.0.44.50~20.04.30 linux-image-generic-64k-hwe-20.04-edge - 5.8.0.44.50~20.04.30 linux-image-virtual-hwe-20.04 - 5.8.0.44.50~20.04.30 linux-image-generic-hwe-20.04 - 5.8.0.44.50~20.04.30 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.44.50~20.04.30 No subscription required High CVE-2020-25656 CVE-2020-25668 CVE-2020-25669 CVE-2020-25704 CVE-2020-27673 CVE-2020-27675 CVE-2020-27777 CVE-2020-27815 CVE-2020-27830 CVE-2020-27835 CVE-2020-28588 CVE-2020-28941 CVE-2020-28974 CVE-2020-29568 CVE-2020-29569 CVE-2020-29660 CVE-2020-29661 CVE-2020-35508 Ubuntu 20.04 LTS Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. (CVE-2020-10135) Jay Shin discovered that the ext4 file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-14314) It was discovered that the block layer implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-15436) It was discovered that the serial port driver in the Linux kernel did not properly initialize a pointer in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2020-15437) Andy Nguyen discovered that the Bluetooth HCI event packet parser in the Linux kernel did not properly handle event advertisements of certain sizes, leading to a heap-based buffer overflow. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-24490) It was discovered that the NFS client implementation in the Linux kernel did not properly perform bounds checking before copying security labels in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25212) It was discovered that the Rados block device (rbd) driver in the Linux kernel did not properly perform privilege checks for access to rbd devices in some situations. A local attacker could use this to map or unmap rbd block devices. (CVE-2020-25284) It was discovered that the block layer subsystem in the Linux kernel did not properly handle zero-length requests. A local attacker could use this to cause a denial of service. (CVE-2020-25641) It was discovered that the HDLC PPP implementation in the Linux kernel did not properly validate input in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25643) Kiyin (尹亮) discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2020-25704) It was discovered that the KVM hypervisor in the Linux kernel did not properly handle interrupts in certain situations. A local attacker in a guest VM could possibly use this to cause a denial of service (host system crash). (CVE-2020-27152) It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2020-27815) It was discovered that an information leak existed in the syscall implementation in the Linux kernel on 32 bit systems. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28588) It was discovered that the framebuffer implementation in the Linux kernel did not properly perform range checks in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28915) Jann Horn discovered a race condition in the copy-on-write implementation in the Linux kernel when handling hugepages. A local attacker could use this to gain unintended write access to read-only memory pages. (CVE-2020-29368) Jann Horn discovered that the mmap implementation in the Linux kernel contained a race condition when handling munmap() operations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2020-29369) Jann Horn discovered that the romfs file system in the Linux kernel did not properly validate file system meta-data, leading to an out-of-bounds read. An attacker could use this to construct a malicious romfs image that, when mounted, exposed sensitive information (kernel memory). (CVE-2020-29371) Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-29660) Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661) It was discovered that a race condition existed that caused the Linux kernel to not properly restrict exit signal delivery. A local attacker could possibly use this to send signals to arbitrary processes. (CVE-2020-35508) Update Instructions: Run `sudo pro fix USN-4752-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1048-oem - 5.6.0-1048.52 No subscription required linux-image-oem-20.04 - 5.6.0.1048.44 No subscription required High CVE-2020-10135 CVE-2020-14314 CVE-2020-15436 CVE-2020-15437 CVE-2020-24490 CVE-2020-25212 CVE-2020-25284 CVE-2020-25641 CVE-2020-25643 CVE-2020-25704 CVE-2020-27152 CVE-2020-27815 CVE-2020-28588 CVE-2020-28915 CVE-2020-29368 CVE-2020-29369 CVE-2020-29371 CVE-2020-29660 CVE-2020-29661 CVE-2020-35508 Ubuntu 20.04 LTS It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. Update Instructions: Run `sudo pro fix USN-4753-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1014-oem - 5.10.0-1014.15 No subscription required linux-image-oem-20.04-edge - 5.10.0.1014.15 linux-image-oem-20.04b - 5.10.0.1014.15 No subscription required High CVE-2020-28374 Ubuntu 20.04 LTS It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. (CVE-2020-27619, CVE-2021-3177) Update Instructions: Run `sudo pro fix USN-4754-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.5-1~20.04.2 python3.8-examples - 3.8.5-1~20.04.2 python3.8-dev - 3.8.5-1~20.04.2 libpython3.8-minimal - 3.8.5-1~20.04.2 libpython3.8-dev - 3.8.5-1~20.04.2 python3.8-venv - 3.8.5-1~20.04.2 libpython3.8 - 3.8.5-1~20.04.2 idle-python3.8 - 3.8.5-1~20.04.2 libpython3.8-testsuite - 3.8.5-1~20.04.2 libpython3.8-stdlib - 3.8.5-1~20.04.2 python3.8 - 3.8.5-1~20.04.2 python3.8-doc - 3.8.5-1~20.04.2 No subscription required Medium CVE-2020-27619 CVE-2021-3177 Ubuntu 20.04 LTS USN-4754-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 18.04 and Ubuntu 20.04. In the case of Python 2.7 for 20.04, these additional fixes are included: It was dicovered that Python allowed remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. (CVE-2019-9674) It was discovered that Python had potentially misleading information about whether sorting occurs. This fix updates the documentation about it. (CVE-2019-17514) It was discovered that Python incorrectly handled certain TAR archives. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-20907) It was discovered that Python allowed an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. (CVE-2020-8492) It was discovered that Python allowed CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. (CVE-2020-26116) Original advisory details: It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. (CVE-2020-27619, CVE-2021-3177) Update Instructions: Run `sudo pro fix USN-4754-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpython2.7-minimal - 2.7.18-1~20.04.1 libpython2.7 - 2.7.18-1~20.04.1 python2.7 - 2.7.18-1~20.04.1 idle-python2.7 - 2.7.18-1~20.04.1 libpython2.7-testsuite - 2.7.18-1~20.04.1 libpython2.7-dev - 2.7.18-1~20.04.1 python2.7-minimal - 2.7.18-1~20.04.1 python2.7-doc - 2.7.18-1~20.04.1 python2.7-dev - 2.7.18-1~20.04.1 python2.7-examples - 2.7.18-1~20.04.1 libpython2.7-stdlib - 2.7.18-1~20.04.1 No subscription required Medium CVE-2019-17514 CVE-2019-20907 CVE-2019-9674 CVE-2020-26116 CVE-2020-27619 CVE-2020-8492 CVE-2021-3177 Ubuntu 20.04 LTS It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Update Instructions: Run `sudo pro fix USN-4755-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.1 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.1 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.1 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.1 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.1 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.1 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.1 No subscription required Medium CVE-2020-35523 CVE-2020-35524 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct cross-site scripting (XSS) attacks, bypass HTTP auth phishing warnings, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4756-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 86.0+build3-0ubuntu0.20.04.1 firefox - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 86.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 86.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 86.0+build3-0ubuntu0.20.04.1 firefox-dev - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 86.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-23968 CVE-2021-23969 CVE-2021-23970 CVE-2021-23971 CVE-2021-23972 CVE-2021-23973 CVE-2021-23974 CVE-2021-23975 CVE-2021-23978 CVE-2021-23979 Ubuntu 20.04 LTS It was discovered that wpa_supplicant did not properly handle P2P (Wi-Fi Direct) provision discovery requests in some situations. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4757-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: hostapd - 2:2.9-1ubuntu4.3 wpagui - 2:2.9-1ubuntu4.3 wpasupplicant - 2:2.9-1ubuntu4.3 wpasupplicant-udeb - 2:2.9-1ubuntu4.3 No subscription required Medium CVE-2021-27803 Ubuntu 20.04 LTS It was discovered that Go applications incorrectly handled uploaded content. If a user were tricked into visiting a malicious page, a remote attacker could exploit this with a crafted file to conduct cross-site scripting (XSS) attacks. Update Instructions: Run `sudo pro fix USN-4758-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.14 - 1.14.3-2ubuntu2~20.04.2 golang-1.14-doc - 1.14.3-2ubuntu2~20.04.2 golang-1.14-go - 1.14.3-2ubuntu2~20.04.2 golang-1.14-src - 1.14.3-2ubuntu2~20.04.2 No subscription required Low CVE-2020-24553 Ubuntu 20.04 LTS Krzesimir Nowak discovered that GLib incorrectly handled certain large buffers. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-27218) Kevin Backhouse discovered that GLib incorrectly handled certain memory allocations. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-27219) Update Instructions: Run `sudo pro fix USN-4759-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libglib2.0-0 - 2.64.6-1~ubuntu20.04.2 libglib2.0-data - 2.64.6-1~ubuntu20.04.2 libglib2.0-udeb - 2.64.6-1~ubuntu20.04.2 libglib2.0-tests - 2.64.6-1~ubuntu20.04.2 libglib2.0-doc - 2.64.6-1~ubuntu20.04.2 libglib2.0-bin - 2.64.6-1~ubuntu20.04.2 libglib2.0-dev - 2.64.6-1~ubuntu20.04.2 libglib2.0-dev-bin - 2.64.6-1~ubuntu20.04.2 No subscription required Medium CVE-2021-27218 CVE-2021-27219 Ubuntu 20.04 LTS It was discovered that libzstd incorrectly handled file permissions. A local attacker could possibly use this issue to access certain files, contrary to expectations. Update Instructions: Run `sudo pro fix USN-4760-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: zstd - 1.4.4+dfsg-3ubuntu0.1 libzstd-dev - 1.4.4+dfsg-3ubuntu0.1 libzstd1 - 1.4.4+dfsg-3ubuntu0.1 libzstd1-udeb - 1.4.4+dfsg-3ubuntu0.1 No subscription required Medium CVE-2021-24031 CVE-2021-24032 Ubuntu 20.04 LTS Matheus Tavares discovered that Git incorrectly handled delay-capable clean/smudge filters when being used on case-insensitive filesystems. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4761-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.1 gitweb - 1:2.25.1-1ubuntu3.1 git-gui - 1:2.25.1-1ubuntu3.1 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.1 git-el - 1:2.25.1-1ubuntu3.1 gitk - 1:2.25.1-1ubuntu3.1 git-all - 1:2.25.1-1ubuntu3.1 git-mediawiki - 1:2.25.1-1ubuntu3.1 git-daemon-run - 1:2.25.1-1ubuntu3.1 git-man - 1:2.25.1-1ubuntu3.1 git-doc - 1:2.25.1-1ubuntu3.1 git-svn - 1:2.25.1-1ubuntu3.1 git-cvs - 1:2.25.1-1ubuntu3.1 git-email - 1:2.25.1-1ubuntu3.1 No subscription required Medium CVE-2021-21300 Ubuntu 20.04 LTS It was discovered that the OpenSSH ssh-agent incorrectly handled memory. A remote attacker able to connect to the agent could use this issue to cause it to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4762-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-server-udeb - 1:8.2p1-4ubuntu0.2 openssh-client - 1:8.2p1-4ubuntu0.2 openssh-server - 1:8.2p1-4ubuntu0.2 ssh-askpass-gnome - 1:8.2p1-4ubuntu0.2 ssh - 1:8.2p1-4ubuntu0.2 openssh-tests - 1:8.2p1-4ubuntu0.2 openssh-client-udeb - 1:8.2p1-4ubuntu0.2 openssh-sftp-server - 1:8.2p1-4ubuntu0.2 No subscription required Medium CVE-2021-28041 Ubuntu 20.04 LTS It was discovered that Pillow incorrectly handled certain Tiff image files. If a user or automated system were tricked into opening a specially-crafted Tiff file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-25289, CVE-2021-25291) It was discovered that Pillow incorrectly handled certain Tiff image files. If a user or automated system were tricked into opening a specially-crafted Tiff file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-25290) It was discovered that Pillow incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially-crafted PDF file, a remote attacker could cause Pillow to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-25292) It was discovered that Pillow incorrectly handled certain SGI image files. If a user or automated system were tricked into opening a specially-crafted SGI file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-25293) Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan discovered that Pillow incorrectly handled certain BLP files. If a user or automated system were tricked into opening a specially-crafted BLP file, a remote attacker could possibly cause Pillow to consume resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-27921) Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan discovered that Pillow incorrectly handled certain ICNS files. If a user or automated system were tricked into opening a specially-crafted ICNS file, a remote attacker could possibly cause Pillow to consume resources, resulting in a denial of service. (CVE-2021-27922) Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan discovered that Pillow incorrectly handled certain ICO files. If a user or automated system were tricked into opening a specially-crafted ICO file, a remote attacker could possibly cause Pillow to consume resources, resulting in a denial of service. (CVE-2021-27922) Update Instructions: Run `sudo pro fix USN-4763-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.3 python-pil-doc - 7.0.0-4ubuntu0.3 python3-pil - 7.0.0-4ubuntu0.3 No subscription required Medium CVE-2021-25289 CVE-2021-25290 CVE-2021-25291 CVE-2021-25292 CVE-2021-25293 CVE-2021-27921 CVE-2021-27922 CVE-2021-27923 Ubuntu 20.04 LTS It was discovered that GLib incorrectly handled certain symlinks when replacing files. If a user or automated system were tricked into extracting a specially crafted file with File Roller, a remote attacker could possibly create files outside of the intended directory. Update Instructions: Run `sudo pro fix USN-4764-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libglib2.0-0 - 2.64.6-1~ubuntu20.04.3 libglib2.0-data - 2.64.6-1~ubuntu20.04.3 libglib2.0-udeb - 2.64.6-1~ubuntu20.04.3 libglib2.0-tests - 2.64.6-1~ubuntu20.04.3 libglib2.0-doc - 2.64.6-1~ubuntu20.04.3 libglib2.0-bin - 2.64.6-1~ubuntu20.04.3 libglib2.0-dev - 2.64.6-1~ubuntu20.04.3 libglib2.0-dev-bin - 2.64.6-1~ubuntu20.04.3 No subscription required Medium CVE-2021-28153 Ubuntu 20.04 LTS Fu Chuang discovered that Zabbix did not properly parse IPs. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2020-11800) It was discovered that Zabbix incorrectly handled certain requests. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2017-2824, CVE-2017-2825) It was discovered that Zabbix incorrectly handled certain XML files. A remote attacker could possibly use this issue to read arbitrary files or potentially execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. (CVE-2014-3005) It was discovered that Zabbix incorrectly handled certain inputs. A remote attacker could possibly use this issue to execute arbitrary SQL commands. This issue only affected Ubuntu 14.04 ESM. (CVE-2016-10134, CVE-2016-4338) It was discovered that Zabbix incorrectly handled the request parameter. A remote attacker could possibly use this issue to redirect requests to external links. This issue only affected Ubuntu 14.04 ESM and Ubuntu 18.04 ESM. (CVE-2016-10742) It was discovered that Zabbix incorrectly handled failed login attempts. A remote attacker could possibly use this issue to enumerate users. (CVE-2019-15132) It was discovered that Zabbix did not properly validate input. A remote attacker could exploit this to conduct cross-site scripting (XSS) attacks. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-15803) Update Instructions: Run `sudo pro fix USN-4767-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: zabbix-java-gateway - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-frontend-php - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-proxy-mysql - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-server-pgsql - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-server-mysql - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-proxy-pgsql - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-proxy-sqlite3 - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-agent - 1:4.0.17+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2014-3005 CVE-2016-10134 CVE-2016-10742 CVE-2016-4338 CVE-2017-2824 CVE-2017-2825 CVE-2019-15132 CVE-2020-11800 CVE-2020-15803 Ubuntu 20.04 LTS It was discovered that Slurm incorrectly handled certain messages between the daemon and the user. An attacker could possibly use this issue to assume control of an arbitrary file on the system. This issue only affected Ubuntu 16.04 ESM. (CVE-2016-10030) It was discovered that Slurm mishandled SPANK environment variables. An attacker could possibly use this issue to gain elevated privileges. This issue only affected Ubuntu 16.04 ESM. (CVE-2017-15566) It was discovered that Slurm mishandled certain SQL queries. A local attacker could use this issue to gain elevated privileges. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-7033) It was discovered that Slurm mishandled user names and group ids. A local attacker could use this issue to gain administrative privileges. This issue only affected Ubuntu 14.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-10995) It was discovered that Slurm mishandled 23-bit systems. A local attacker could use this to gain administrative privileges. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-6438) It was discovered that Slurm incorrectly handled certain inputs when Message Aggregation is enabled. An attacker could possibly use this issue to launch a process as an arbitrary user. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-12693) It was discovered that Slurm incorrectly handled certain RPC inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-27745) Jonas Stare discovered that Slurm exposes sensitive information related to the X protocol. An attacker could possibly use this issue to obtain a graphical session from an arbitrary user. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-27746) It was discovered that Slurm incorrectly handled environment parameters. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-31215) Update Instructions: Run `sudo pro fix USN-4781-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpmi0-dev - 19.05.5-1ubuntu0.1~esm1 slurmctld - 19.05.5-1ubuntu0.1~esm1 slurm-wlm-basic-plugins-dev - 19.05.5-1ubuntu0.1~esm1 libslurmdb-perl - 19.05.5-1ubuntu0.1~esm1 libpmi0 - 19.05.5-1ubuntu0.1~esm1 slurm-wlm - 19.05.5-1ubuntu0.1~esm1 libslurm-dev - 19.05.5-1ubuntu0.1~esm1 slurm-client - 19.05.5-1ubuntu0.1~esm1 libpam-slurm - 19.05.5-1ubuntu0.1~esm1 slurmd - 19.05.5-1ubuntu0.1~esm1 slurm-wlm-torque - 19.05.5-1ubuntu0.1~esm1 slurm-client-emulator - 19.05.5-1ubuntu0.1~esm1 libpam-slurm-adopt - 19.05.5-1ubuntu0.1~esm1 slurm-wlm-emulator - 19.05.5-1ubuntu0.1~esm1 libpmi2-0 - 19.05.5-1ubuntu0.1~esm1 slurmdbd - 19.05.5-1ubuntu0.1~esm1 slurm-wlm-doc - 19.05.5-1ubuntu0.1~esm1 libslurm34 - 19.05.5-1ubuntu0.1~esm1 libpmi2-0-dev - 19.05.5-1ubuntu0.1~esm1 libslurm-perl - 19.05.5-1ubuntu0.1~esm1 sview - 19.05.5-1ubuntu0.1~esm1 slurm-wlm-basic-plugins - 19.05.5-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2016-10030 CVE-2017-15566 CVE-2018-7033 CVE-2018-10995 CVE-2019-6438 CVE-2020-12693 CVE-2020-27745 CVE-2020-27746 CVE-2021-31215 Ubuntu 20.04 LTS It was discovered that Lynx incorrectly handled certain URLs. A remote attacker could possibly use this issue to obtain sensitive information or other unspecified impact. This issue only affected Ubuntu 16.04 ESM. (CVE-2016-9179) It was discovered that Lynx incorrectly handled certain HTML files. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 ESM. (CVE-2017-1000211) Thorsten Glaser discovered that Lynx mishandles the userinfo subcomponents of a URI. An attacker monitoring the network could discover cleartext credentials because they may appear in SNI data. (CVE-2021-38165) Update Instructions: Run `sudo pro fix USN-4800-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lynx-common - 2.9.0dev.5-1ubuntu0.1~esm1 lynx - 2.9.0dev.5-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2016-9179 CVE-2017-1000211 CVE-2021-38165 Ubuntu 20.04 LTS Javier Nieto and Andres Rojas discovered that phpMyAdmin incorrectly managed input in the form of passwords. An attacker could use this vulnerability to cause a denial-of-service (DoS). This issue only affected Ubuntu 14.04 ESM. (CVE-2014-9218) Emanuel Bronshtein discovered that phpMyAdmin failed to properly sanitize input in the form of database names in the PHP Array export feature. An authenticated attacker could use this vulnerability to run arbitrary PHP commands. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2016-6609) Emanuel Bronshtein discovered that phpMyAdmin failed to properly sanitize input. An attacker could use this vulnerability to execute SQL injection attacks. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2016-6619) Emanuel Bronshtein discovered that phpMyadmin failed to properly sanitize input. An authenticated attacker could use this vulnerability to cause a denial-of-service (DoS). This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2016-6630) Emanuel Bronshtein discovered that phpMyAdmin failed to properly sanitize input. An attacker could use this vulnerability to bypass AllowRoot restrictions and deny rules for usernames. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2016-9849) Emanuel Bronshtein discovered that phpMyAdmin would allow sensitive information to be leaked when the argument separator in a URL was not the default & value. An attacker could use this vulnerability to obtain the CSRF token of a user. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2016-9866) Isaac Bennetch discovered that phpMyAdmin was incorrectly restricting user access due to the behavior of the substr function on some PHP versions. An attacker could use this vulnerability to bypass login restrictions established for users that have no password set. This issue only affected Ubuntu 14.04 ESM. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2017-18264) Emanuel Bronshtein discovered that phpMyAdmin failed to properly sanitize input in the form of parameters sent during a table editing operation. An attacker could use this vulnerability to trigger an endless recursion and cause a denial-of-service (DoS). This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2017-1000014) Emanuel Bronshtein discovered that phpMyAdmin failed to properly sanitize input used to generate a web page. An authenticated attacker could use this vulnerability to execute CSS injection attacks. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2017-1000015) It was discovered that phpMyAdmin incorrectly handled certain input. An attacker could use this vulnerability to execute a cross-site scripting (XSS) attack via a crafted URL. This issue only affected Ubuntu 16.04 ESM. (CVE-2018-7260) It was discovered phpMyAdmin incorrectly handled database names. An attacker could possibly use this to trigger a cross-site scripting attack. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-12581) Daniel Le Gall discovered that phpMyAdmin would expose sensitive information to unauthorized actors due to an error in its transformation feature. An authenticated attacker could use this vulnerability to leak the contents of a local file. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2018-19968) It was discovered that phpMyAdmin incorrectly handled user input. An attacker could possibly use this to perform a cross-site scripting attack. This issue only affected Ubuntu 16.04 ESM. (CVE-2018-19970) It was discovered that phpMyAdmin failed to properly sanitize input. An attacker could use this vulnerability to execute an SQL injection attack via a specially crafted database name. This issue only affected Ubuntu 16.04 ESM. (CVE-2019-11768) It was discovered that phpMyAdmin incorrectly handled some requests. An attacker could possibly use this to perform a cross site request forgery attack. This issue only affected Ubuntu 16.04 ESM. (CVE-2019-12616) It was discovered that phpMyAdmin incorrectly handled some requests. An attacker could possibly use this to perform a cross site request forgery attack. This issue only affected Ubuntu 14.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-12922) It was discovered that phpMyAdmin failed to properly sanitize input. An attacker could use this vulnerability to execute an SQL injection attack via a specially crafted username. This issue only affected Ubuntu 16.04 ESM. (CVE-2019-6798) It was discovered that phpMyAdmin did not properly sanitize certain input. An attacker could use this vulnerability to possibly execute an HTML injection or a cross-site scripting (XSS) attack. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2019-19617) CSW Research Labs discovered that phpMyAdmin failed to properly sanitize input. An attacker could use this vulnerability to execute SQL injection attacks. This issue only affected Ubuntu 16.04 ESM. (CVE-2020-5504) Giwan Go and Yelang Lee discovered that phpMyAdmin was vulnerable to an XSS attack in the transformation feature. If a victim were to click on a crafted link, an attacker could run malicious JavaScript on the victim's system. This issue only affected Ubuntu 20.04 ESM. (CVE-2020-26934) Andre Sá discovered that phpMyAdmin incorrectly handled certain SQL statements in the search feature. A remote, authenticated attacker could use this to inject malicious SQL into a query. This issue only affected Ubuntu 20.04 ESM. (CVE-2020-26935) Update Instructions: Run `sudo pro fix USN-4843-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: phpmyadmin - 4:4.9.5+dfsg1-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2014-9218 CVE-2016-6609 CVE-2016-6619 CVE-2016-6630 CVE-2016-9849 CVE-2016-9866 CVE-2017-18264 CVE-2017-1000014 CVE-2017-1000015 CVE-2018-7260 CVE-2018-12581 CVE-2018-19968 CVE-2018-19970 CVE-2019-6798 CVE-2019-11768 CVE-2019-12616 CVE-2019-12922 CVE-2019-19617 CVE-2020-5504 CVE-2020-26934 CVE-2020-26935 Ubuntu 20.04 LTS It was discovered that targetcli-fb did not properly manage socket permissions. A local attacker could use this issue to modify the iSCSI configuration resulting in a denial of service, obtain sensitive information or execute arbitrary code. (CVE-2020-10699) It was discovered that targetcli-fb did not properly manage permissions for /etc/target and underneath backup directory/files. An attacker could use this issue to access sensitive information. (CVE-2020-13867) Update Instructions: Run `sudo pro fix USN-4871-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: targetcli-fb - 1:2.1.51-0ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2020-10699 CVE-2020-13867 Ubuntu 20.04 LTS It was discovered that Axel did not properly verify the certificates for hostnames. An attacker could use this vulnerability to impersonate another server and obtain sensitive information. Update Instructions: Run `sudo pro fix USN-4872-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: axel - 2.17.5-1ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-13614 Ubuntu 20.04 LTS It was discovered that Apache Ant created temporary files with insecure permissions. An attacker could use this vulnerability to read sensitive information leaked into /tmp, or potentially inject malicious code into a project that is built with Apache Ant. Update Instructions: Run `sudo pro fix USN-4874-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ant - 1.10.7-1ubuntu0.1~esm1 ant-doc - 1.10.7-1ubuntu0.1~esm1 ant-optional - 1.10.7-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-1945 Ubuntu 20.04 LTS It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-36158) Ryota Shiga discovered that the sockopt BPF hooks in the Linux kernel could allow a user space program to probe for valid kernel addresses. A local attacker could use this to ease exploitation of another kernel vulnerability. (CVE-2021-20239) It was discovered that the priority inheritance futex implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3347) 吴异 discovered that the NFS implementation in the Linux kernel did not properly prevent access outside of an NFS export that is a subdirectory of a file system. An attacker could possibly use this to bypass NFS access restrictions. (CVE-2021-3178) Update Instructions: Run `sudo pro fix USN-4878-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1011-gkeop - 5.4.0-1011.12 No subscription required linux-image-5.4.0-1030-raspi - 5.4.0-1030.33 No subscription required linux-image-5.4.0-1034-kvm - 5.4.0-1034.35 No subscription required linux-image-5.4.0-1038-gcp - 5.4.0-1038.41 No subscription required linux-image-5.4.0-1039-aws - 5.4.0-1039.41 No subscription required linux-image-5.4.0-1039-oracle - 5.4.0-1039.42 No subscription required linux-image-5.4.0-1041-azure - 5.4.0-1041.43 No subscription required linux-image-5.4.0-67-generic-lpae - 5.4.0-67.75 linux-image-5.4.0-67-generic - 5.4.0-67.75 linux-image-5.4.0-67-lowlatency - 5.4.0-67.75 No subscription required linux-image-gkeop-5.4 - 5.4.0.1011.14 linux-image-gkeop - 5.4.0.1011.14 No subscription required linux-image-raspi - 5.4.0.1030.65 linux-image-raspi2 - 5.4.0.1030.65 linux-image-raspi-hwe-18.04-edge - 5.4.0.1030.65 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1030.65 linux-image-raspi-hwe-18.04 - 5.4.0.1030.65 linux-image-raspi2-hwe-18.04 - 5.4.0.1030.65 No subscription required linux-image-kvm - 5.4.0.1034.32 No subscription required linux-image-gcp - 5.4.0.1038.47 No subscription required linux-image-oracle - 5.4.0.1039.36 No subscription required linux-image-aws - 5.4.0.1039.40 No subscription required linux-image-azure - 5.4.0.1041.39 No subscription required linux-image-oem-osp1 - 5.4.0.67.70 linux-image-generic-hwe-18.04 - 5.4.0.67.70 linux-image-generic-lpae-hwe-18.04 - 5.4.0.67.70 linux-image-virtual - 5.4.0.67.70 linux-image-generic - 5.4.0.67.70 linux-image-virtual-hwe-18.04 - 5.4.0.67.70 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.67.70 linux-image-oem - 5.4.0.67.70 linux-image-generic-hwe-18.04-edge - 5.4.0.67.70 linux-image-lowlatency-hwe-18.04 - 5.4.0.67.70 linux-image-generic-lpae - 5.4.0.67.70 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.67.70 linux-image-lowlatency - 5.4.0.67.70 linux-image-virtual-hwe-18.04-edge - 5.4.0.67.70 No subscription required Medium CVE-2020-36158 CVE-2021-20239 CVE-2021-3178 CVE-2021-3347 Ubuntu 20.04 LTS It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-36158) Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-20194) Update Instructions: Run `sudo pro fix USN-4879-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-45-generic-lpae - 5.8.0-45.51~20.04.1 linux-image-5.8.0-45-generic - 5.8.0-45.51~20.04.1 linux-image-5.8.0-45-generic-64k - 5.8.0-45.51~20.04.1 linux-image-5.8.0-45-lowlatency - 5.8.0-45.51~20.04.1 No subscription required linux-image-virtual-hwe-20.04-edge - 5.8.0.45.51~20.04.31 linux-image-virtual-hwe-20.04 - 5.8.0.45.51~20.04.31 linux-image-generic-lpae-hwe-20.04 - 5.8.0.45.51~20.04.31 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.45.51~20.04.31 linux-image-generic-64k-hwe-20.04 - 5.8.0.45.51~20.04.31 linux-image-generic-hwe-20.04-edge - 5.8.0.45.51~20.04.31 linux-image-lowlatency-hwe-20.04 - 5.8.0.45.51~20.04.31 linux-image-generic-64k-hwe-20.04-edge - 5.8.0.45.51~20.04.31 linux-image-generic-hwe-20.04 - 5.8.0.45.51~20.04.31 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.45.51~20.04.31 No subscription required Medium CVE-2020-36158 CVE-2021-20194 Ubuntu 20.04 LTS It was discovered that containerd incorrectly handled certain environment variables. Contrary to expectations, a container could receive environment variables defined for a different container, possibly containing sensitive information. Update Instructions: Run `sudo pro fix USN-4881-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.3.3-0ubuntu2.3 golang-github-docker-containerd-dev - 1.3.3-0ubuntu2.3 No subscription required Medium CVE-2021-21334 Ubuntu 20.04 LTS It was discovered that the Ruby JSON gem incorrectly handled certain JSON files. If a user or automated system were tricked into parsing a specially crafted JSON file, a remote attacker could use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-10663) It was discovered that Ruby incorrectly handled certain socket memory operations. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-10933) It was discovered that Ruby incorrectly handled certain transfer-encoding headers when using Webrick. A remote attacker could possibly use this issue to bypass a reverse proxy. (CVE-2020-25613) Update Instructions: Run `sudo pro fix USN-4882-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.3 ruby2.7-doc - 2.7.0-5ubuntu1.3 ruby2.7-dev - 2.7.0-5ubuntu1.3 libruby2.7 - 2.7.0-5ubuntu1.3 No subscription required Medium CVE-2020-10663 CVE-2020-10933 CVE-2020-25613 Ubuntu 20.04 LTS Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-20194) It was discovered that the priority inheritance futex implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3347) It was discovered that the network block device (nbd) driver in the Linux kernel contained a use-after-free vulnerability during device setup. A local attacker with access to the nbd device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3348) Update Instructions: Run `sudo pro fix USN-4884-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1017-oem - 5.10.0-1017.18 No subscription required linux-image-oem-20.04b - 5.10.0.1017.18 linux-image-oem-20.04-edge - 5.10.0.1017.18 No subscription required Medium CVE-2021-20194 CVE-2021-3347 CVE-2021-3348 Ubuntu 20.04 LTS It was discovered that Pygments incorrectly handled parsing SML files. If a user or automated system were tricked into parsing a specially crafted SML file, a remote attacker could cause Pygments to hang, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4885-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pygments-doc - 2.3.1+dfsg-1ubuntu2.1 python3-pygments - 2.3.1+dfsg-1ubuntu2.1 python-pygments - 2.3.1+dfsg-1ubuntu2.1 No subscription required Medium CVE-2021-20270 Ubuntu 20.04 LTS It was discovered that Privoxy incorrectly handled CGI requests. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. (CVE-2020-35502, CVE-2021-20209, CVE-2021-20210, CVE-2021-20213, CVE-2021-20215, CVE-2021-20216, CVE-2021-20217, CVE-2021-20272, CVE-2021-20273, CVE-2021-20275) It was discovered that Privoxy incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. (CVE-2021-20212, CVE-2021-20276) It was discovered that Privoxy incorrectly handled client tags. An attacker could possibly use this issue to cause Privoxy to consume resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-20211) It was discovered that Privoxy incorrectly handled client tags. An attacker could possibly use this issue to cause Privoxy to consume resources, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-20214) Update Instructions: Run `sudo pro fix USN-4886-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: privoxy - 3.0.28-2ubuntu0.1 No subscription required Medium CVE-2020-35502 CVE-2021-20209 CVE-2021-20210 CVE-2021-20211 CVE-2021-20212 CVE-2021-20213 CVE-2021-20214 CVE-2021-20215 CVE-2021-20216 CVE-2021-20217 CVE-2021-20272 CVE-2021-20273 CVE-2021-20275 CVE-2021-20276 Ubuntu 20.04 LTS De4dCr0w of 360 Alpha Lab discovered that the BPF verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker could use this to expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2021-3444) Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-27365) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27171) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27170) Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not properly restrict access to iSCSI transport handles. A local attacker could use this to cause a denial of service or expose sensitive information (kernel pointer addresses). (CVE-2021-27363) Adam Nichols discovered that an out-of-bounds read existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2021-27364) Update Instructions: Run `sudo pro fix USN-4887-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1019-oem - 5.10.0-1019.20 No subscription required linux-image-oem-20.04b - 5.10.0.1019.20 linux-image-oem-20.04-edge - 5.10.0.1019.20 No subscription required linux-image-5.4.0-1012-gkeop - 5.4.0-1012.13 No subscription required linux-image-5.4.0-1032-raspi - 5.4.0-1032.35 No subscription required linux-image-5.4.0-1036-kvm - 5.4.0-1036.37 No subscription required linux-image-5.4.0-1040-gcp - 5.4.0-1040.43 No subscription required linux-image-5.4.0-1041-aws - 5.4.0-1041.43 No subscription required linux-image-5.4.0-1041-oracle - 5.4.0-1041.44 No subscription required linux-image-5.4.0-1043-azure - 5.4.0-1043.45 No subscription required linux-image-5.4.0-70-generic-lpae - 5.4.0-70.78 linux-image-5.4.0-70-generic - 5.4.0-70.78 linux-image-5.4.0-70-lowlatency - 5.4.0-70.78 No subscription required linux-image-gkeop-5.4 - 5.4.0.1012.15 linux-image-gkeop - 5.4.0.1012.15 No subscription required linux-image-raspi - 5.4.0.1032.67 linux-image-raspi2 - 5.4.0.1032.67 linux-image-raspi-hwe-18.04-edge - 5.4.0.1032.67 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1032.67 linux-image-raspi-hwe-18.04 - 5.4.0.1032.67 linux-image-raspi2-hwe-18.04 - 5.4.0.1032.67 No subscription required linux-image-kvm - 5.4.0.1036.34 No subscription required linux-image-gcp - 5.4.0.1040.49 No subscription required linux-image-oracle - 5.4.0.1041.38 No subscription required linux-image-aws - 5.4.0.1041.42 No subscription required linux-image-azure - 5.4.0.1043.41 No subscription required linux-image-oem-osp1 - 5.4.0.70.73 linux-image-generic-hwe-18.04 - 5.4.0.70.73 linux-image-generic-lpae-hwe-18.04 - 5.4.0.70.73 linux-image-virtual - 5.4.0.70.73 linux-image-lowlatency-hwe-18.04 - 5.4.0.70.73 linux-image-generic - 5.4.0.70.73 linux-image-virtual-hwe-18.04 - 5.4.0.70.73 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.70.73 linux-image-generic-hwe-18.04-edge - 5.4.0.70.73 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.70.73 linux-image-oem - 5.4.0.70.73 linux-image-generic-lpae - 5.4.0.70.73 linux-image-lowlatency - 5.4.0.70.73 linux-image-virtual-hwe-18.04-edge - 5.4.0.70.73 No subscription required linux-image-5.6.0-1052-oem - 5.6.0-1052.56 No subscription required linux-image-oem-20.04 - 5.6.0.1052.48 No subscription required linux-image-5.8.0-48-lowlatency - 5.8.0-48.54~20.04.1 linux-image-5.8.0-48-generic - 5.8.0-48.54~20.04.1 linux-image-5.8.0-48-generic-64k - 5.8.0-48.54~20.04.1 linux-image-5.8.0-48-generic-lpae - 5.8.0-48.54~20.04.1 No subscription required linux-image-generic-64k-hwe-20.04-edge - 5.8.0.48.54~20.04.32 linux-image-generic-hwe-20.04 - 5.8.0.48.54~20.04.32 linux-image-virtual-hwe-20.04-edge - 5.8.0.48.54~20.04.32 linux-image-generic-lpae-hwe-20.04 - 5.8.0.48.54~20.04.32 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.48.54~20.04.32 linux-image-virtual-hwe-20.04 - 5.8.0.48.54~20.04.32 linux-image-generic-hwe-20.04-edge - 5.8.0.48.54~20.04.32 linux-image-generic-64k-hwe-20.04 - 5.8.0.48.54~20.04.32 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.48.54~20.04.32 linux-image-lowlatency-hwe-20.04 - 5.8.0.48.54~20.04.32 No subscription required High CVE-2020-27170 CVE-2020-27171 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 CVE-2021-3444 Ubuntu 20.04 LTS Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue to cause the LDAP server to crash, resulting in a denial of service. (CVE-2021-20277) Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain DN strings. A remote attacker could use this issue to cause the LDAP server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-27840) Update Instructions: Run `sudo pro fix USN-4888-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ldb-tools - 2:2.0.10-0ubuntu0.20.04.3 libldb2 - 2:2.0.10-0ubuntu0.20.04.3 python3-ldb - 2:2.0.10-0ubuntu0.20.04.3 libldb-dev - 2:2.0.10-0ubuntu0.20.04.3 python3-ldb-dev - 2:2.0.10-0ubuntu0.20.04.3 No subscription required High CVE-2020-27840 CVE-2021-20277 Ubuntu 20.04 LTS It was discovered that OpenSSL incorrectly handled certain renegotiation ClientHello messages. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4891-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcrypto1.1-udeb - 1.1.1f-1ubuntu2.3 libssl-dev - 1.1.1f-1ubuntu2.3 openssl - 1.1.1f-1ubuntu2.3 libssl-doc - 1.1.1f-1ubuntu2.3 libssl1.1-udeb - 1.1.1f-1ubuntu2.3 libssl1.1 - 1.1.1f-1ubuntu2.3 No subscription required High CVE-2021-3449 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly verified Jar signatures. An attacker could possibly use this issue to bypass intended security restrictions when using Jar files signed with a disabled algorithm. Update Instructions: Run `sudo pro fix USN-4892-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.11+9-0ubuntu2~20.04 openjdk-11-jre-zero - 11.0.11+9-0ubuntu2~20.04 openjdk-11-doc - 11.0.11+9-0ubuntu2~20.04 openjdk-11-jre-headless - 11.0.11+9-0ubuntu2~20.04 openjdk-11-jdk - 11.0.11+9-0ubuntu2~20.04 openjdk-11-jdk-headless - 11.0.11+9-0ubuntu2~20.04 openjdk-11-jre - 11.0.11+9-0ubuntu2~20.04 openjdk-11-demo - 11.0.11+9-0ubuntu2~20.04 No subscription required openjdk-8-source - 8u292-b10-0ubuntu1~20.04 openjdk-8-doc - 8u292-b10-0ubuntu1~20.04 openjdk-8-jdk - 8u292-b10-0ubuntu1~20.04 openjdk-8-jre-headless - 8u292-b10-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u292-b10-0ubuntu1~20.04 openjdk-8-jre - 8u292-b10-0ubuntu1~20.04 openjdk-8-jre-zero - 8u292-b10-0ubuntu1~20.04 openjdk-8-demo - 8u292-b10-0ubuntu1~20.04 No subscription required Medium CVE-2021-2163 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2021-23981, CVE-2021-23982, CVE-2021-23983, CVE-2021-23987, CVE-2021-23988) It was discovered that extensions could open popup windows with control of the window title in some circumstances. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to spook a website and trick the user into providing credentials. (CVE-2021-23984) It was discovered that the DevTools remote debugging feature could be enabled without an indication to the user. If a local attacker could modify the browser configuration, a remote attacker could potentially exploit this to obtain sensitive information. (CVE-2021-23985) It was discovered that extensions could read the response of cross origin requests in some circumstances. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to obtain sensitive information. (CVE-2021-23986) Update Instructions: Run `sudo pro fix USN-4893-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-nn - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ne - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-nb - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-fa - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-fi - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-fr - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-fy - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-or - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-kab - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-oc - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-cs - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ga - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-gd - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-gn - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-gl - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-gu - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-pa - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-pl - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-cy - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-pt - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-szl - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-hi - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-uk - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-he - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-hy - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-hr - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-hu - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-as - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ar - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ia - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-az - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-id - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-mai - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-af - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-is - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-it - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-an - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-bs - 87.0+build3-0ubuntu0.20.04.2 firefox - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ro - 87.0+build3-0ubuntu0.20.04.2 firefox-geckodriver - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ja - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ru - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-br - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-zh-hant - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-zh-hans - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-bn - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-be - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-bg - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-sl - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-sk - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-si - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-sw - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-sv - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-sr - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-sq - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ko - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-kn - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-km - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-kk - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ka - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-xh - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ca - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ku - 87.0+build3-0ubuntu0.20.04.2 firefox-mozsymbols - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-lv - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-lt - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-th - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-hsb - 87.0+build3-0ubuntu0.20.04.2 firefox-dev - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-te - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-cak - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ta - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-lg - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-csb - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-tr - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-nso - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-de - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-da - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ms - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-mr - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-my - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-uz - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ml - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-mn - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-mk - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ur - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-eu - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-et - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-es - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-vi - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-el - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-eo - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-en - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-zu - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ast - 87.0+build3-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-23981 CVE-2021-23982 CVE-2021-23983 CVE-2021-23984 CVE-2021-23985 CVE-2021-23986 CVE-2021-23987 CVE-2021-23988 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4894-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.30.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.30.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.30.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.30.6-0ubuntu0.20.04.1 webkit2gtk-driver - 2.30.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.30.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.30.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.30.6-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.30.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.30.6-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-27918 CVE-2020-29623 CVE-2021-1765 CVE-2021-1789 CVE-2021-1799 CVE-2021-1801 CVE-2021-1870 Ubuntu 20.04 LTS Alex Rousskov and Amit Klein discovered that Squid incorrectly handled certain Content-Length headers. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-15049) Jianjun Chen discovered that Squid incorrectly validated certain input. A remote attacker could use this issue to perform HTTP Request Smuggling and possibly access services forbidden by the security controls. (CVE-2020-25097) Update Instructions: Run `sudo pro fix USN-4895-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.3 squidclient - 4.10-1ubuntu1.3 squid-purge - 4.10-1ubuntu1.3 squid - 4.10-1ubuntu1.3 squid-cgi - 4.10-1ubuntu1.3 No subscription required Medium CVE-2020-15049 CVE-2020-25097 Ubuntu 20.04 LTS It was discovered that lxml incorrectly handled certain HTML attributes. A remote attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. Update Instructions: Run `sudo pro fix USN-4896-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-lxml - 4.5.0-1ubuntu0.3 python-lxml - 4.5.0-1ubuntu0.3 python-lxml-doc - 4.5.0-1ubuntu0.3 No subscription required Medium CVE-2021-28957 Ubuntu 20.04 LTS Ben Caller discovered that Pygments incorrectly handled parsing certain files. If a user or automated system were tricked into parsing a specially crafted file, a remote attacker could cause Pygments to hang or consume resources, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4897-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pygments-doc - 2.3.1+dfsg-1ubuntu2.2 python3-pygments - 2.3.1+dfsg-1ubuntu2.2 python-pygments - 2.3.1+dfsg-1ubuntu2.2 No subscription required Medium CVE-2021-27291 Ubuntu 20.04 LTS Viktor Szakats discovered that curl did not strip off user credentials from referrer header fields. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-22876) Mingtao Yang discovered that curl incorrectly handled session tickets when using an HTTPS proxy. A remote attacker in control of an HTTPS proxy could use this issue to bypass certificate checks and intercept communications. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-22890) Update Instructions: Run `sudo pro fix USN-4898-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.5 libcurl4-openssl-dev - 7.68.0-1ubuntu2.5 libcurl3-gnutls - 7.68.0-1ubuntu2.5 libcurl4-doc - 7.68.0-1ubuntu2.5 libcurl3-nss - 7.68.0-1ubuntu2.5 libcurl4-nss-dev - 7.68.0-1ubuntu2.5 libcurl4 - 7.68.0-1ubuntu2.5 curl - 7.68.0-1ubuntu2.5 No subscription required Medium CVE-2021-22876 CVE-2021-22890 Ubuntu 20.04 LTS Damian Lukowski discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially- crafted CF file, a remote attacker could possibly run arbitrary code. Update Instructions: Run `sudo pro fix USN-4899-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: spamassassin - 3.4.4-1ubuntu1.1 sa-compile - 3.4.4-1ubuntu1.1 spamc - 3.4.4-1ubuntu1.1 No subscription required Medium CVE-2020-1946 Ubuntu 20.04 LTS It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4900-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenexr-dev - 2.3.0-6ubuntu0.5 openexr - 2.3.0-6ubuntu0.5 libopenexr24 - 2.3.0-6ubuntu0.5 openexr-doc - 2.3.0-6ubuntu0.5 No subscription required Medium CVE-2021-3474 CVE-2021-3475 CVE-2021-3476 CVE-2021-3477 CVE-2021-3478 CVE-2021-3479 Ubuntu 20.04 LTS Dennis Brinkrolf discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories. Update Instructions: Run `sudo pro fix USN-4902-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.5 python-django-doc - 2:2.2.12-1ubuntu0.5 No subscription required Low CVE-2021-28658 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain lengths of XInput extension ChangeFeedbackControl requests. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4905-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.9-2ubuntu1.2~20.04.2 xwayland - 2:1.20.9-2ubuntu1.2~20.04.2 xorg-server-source - 2:1.20.9-2ubuntu1.2~20.04.2 xdmx - 2:1.20.9-2ubuntu1.2~20.04.2 xserver-xorg-dev - 2:1.20.9-2ubuntu1.2~20.04.2 xvfb - 2:1.20.9-2ubuntu1.2~20.04.2 xnest - 2:1.20.9-2ubuntu1.2~20.04.2 xserver-xorg-legacy - 2:1.20.9-2ubuntu1.2~20.04.2 xserver-common - 2:1.20.9-2ubuntu1.2~20.04.2 xserver-xephyr - 2:1.20.9-2ubuntu1.2~20.04.2 xserver-xorg-core-udeb - 2:1.20.9-2ubuntu1.2~20.04.2 xdmx-tools - 2:1.20.9-2ubuntu1.2~20.04.2 No subscription required Medium CVE-2021-3472 Ubuntu 20.04 LTS It was discovered that Nettle incorrectly handled signature verification. A remote attacker could use this issue to cause Nettle to crash, resulting in a denial of service, or possibly force invalid signatures. Update Instructions: Run `sudo pro fix USN-4906-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnettle7 - 3.5.1+really3.5.1-2ubuntu0.1 nettle-bin - 3.5.1+really3.5.1-2ubuntu0.1 libhogweed5 - 3.5.1+really3.5.1-2ubuntu0.1 nettle-dev - 3.5.1+really3.5.1-2ubuntu0.1 No subscription required Medium CVE-2021-20305 Ubuntu 20.04 LTS Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-20194) Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H. Schönherr discovered that the Xen paravirtualization backend in the Linux kernel did not properly propagate errors to frontend drivers in some situations. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-26930) Jan Beulich discovered that multiple Xen backends in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-26931) It was discovered that the network block device (nbd) driver in the Linux kernel contained a use-after-free vulnerability during device setup. A local attacker with access to the nbd device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3348) Update Instructions: Run `sudo pro fix USN-4909-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1013-gkeop - 5.4.0-1013.14 No subscription required linux-image-5.4.0-1033-raspi - 5.4.0-1033.36 No subscription required linux-image-5.4.0-1037-kvm - 5.4.0-1037.38 No subscription required linux-image-5.4.0-1041-gcp - 5.4.0-1041.44 No subscription required linux-image-5.4.0-1042-oracle - 5.4.0-1042.45 No subscription required linux-image-5.4.0-1043-aws - 5.4.0-1043.45 No subscription required linux-image-5.4.0-1044-azure - 5.4.0-1044.46 No subscription required linux-image-5.4.0-71-generic - 5.4.0-71.79 linux-image-5.4.0-71-lowlatency - 5.4.0-71.79 linux-image-5.4.0-71-generic-lpae - 5.4.0-71.79 No subscription required linux-image-gkeop-5.4 - 5.4.0.1013.16 linux-image-gkeop - 5.4.0.1013.16 No subscription required linux-image-raspi - 5.4.0.1033.68 linux-image-raspi2 - 5.4.0.1033.68 linux-image-raspi-hwe-18.04-edge - 5.4.0.1033.68 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1033.68 linux-image-raspi-hwe-18.04 - 5.4.0.1033.68 linux-image-raspi2-hwe-18.04 - 5.4.0.1033.68 No subscription required linux-image-kvm - 5.4.0.1037.35 No subscription required linux-image-gcp - 5.4.0.1041.50 No subscription required linux-image-oracle - 5.4.0.1042.39 No subscription required linux-image-aws - 5.4.0.1043.44 No subscription required linux-image-azure - 5.4.0.1044.42 No subscription required linux-image-oem-osp1 - 5.4.0.71.74 linux-image-generic-hwe-18.04 - 5.4.0.71.74 linux-image-generic-lpae-hwe-18.04 - 5.4.0.71.74 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.71.74 linux-image-virtual - 5.4.0.71.74 linux-image-lowlatency-hwe-18.04 - 5.4.0.71.74 linux-image-generic - 5.4.0.71.74 linux-image-virtual-hwe-18.04 - 5.4.0.71.74 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.71.74 linux-image-oem - 5.4.0.71.74 linux-image-generic-hwe-18.04-edge - 5.4.0.71.74 linux-image-generic-lpae - 5.4.0.71.74 linux-image-lowlatency - 5.4.0.71.74 linux-image-virtual-hwe-18.04-edge - 5.4.0.71.74 No subscription required Medium CVE-2021-20194 CVE-2021-26930 CVE-2021-26931 CVE-2021-3348 Ubuntu 20.04 LTS Ryota Shiga discovered that the sockopt BPF hooks in the Linux kernel could allow a user space program to probe for valid kernel addresses. A local attacker could use this to ease exploitation of another kernel vulnerability. (CVE-2021-20239) It was discovered that the BPF verifier in the Linux kernel did not properly handle signed add32 and sub integer overflows. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-20268) It was discovered that the priority inheritance futex implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3347) It was discovered that the network block device (nbd) driver in the Linux kernel contained a use-after-free vulnerability during device setup. A local attacker with access to the nbd device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3348) 吴异 discovered that the NFS implementation in the Linux kernel did not properly prevent access outside of an NFS export that is a subdirectory of a file system. An attacker could possibly use this to bypass NFS access restrictions. (CVE-2021-3178) Update Instructions: Run `sudo pro fix USN-4910-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-49-lowlatency - 5.8.0-49.55~20.04.1 linux-image-5.8.0-49-generic - 5.8.0-49.55~20.04.1 linux-image-5.8.0-49-generic-lpae - 5.8.0-49.55~20.04.1 linux-image-5.8.0-49-generic-64k - 5.8.0-49.55~20.04.1 No subscription required linux-image-virtual-hwe-20.04-edge - 5.8.0.49.55~20.04.33 linux-image-virtual-hwe-20.04 - 5.8.0.49.55~20.04.33 linux-image-generic-hwe-20.04-edge - 5.8.0.49.55~20.04.33 linux-image-generic-lpae-hwe-20.04 - 5.8.0.49.55~20.04.33 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.49.55~20.04.33 linux-image-generic-64k-hwe-20.04 - 5.8.0.49.55~20.04.33 linux-image-lowlatency-hwe-20.04 - 5.8.0.49.55~20.04.33 linux-image-generic-64k-hwe-20.04-edge - 5.8.0.49.55~20.04.33 linux-image-generic-hwe-20.04 - 5.8.0.49.55~20.04.33 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.49.55~20.04.33 No subscription required Medium CVE-2021-20239 CVE-2021-20268 CVE-2021-3178 CVE-2021-3347 CVE-2021-3348 Ubuntu 20.04 LTS It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25639) Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-28038) It was discovered that the fastrpc driver in the Linux kernel did not prevent user space applications from sending kernel RPC messages. A local attacker could possibly use this to gain elevated privileges. (CVE-2021-28375) It was discovered that the fuse user space file system implementation in the Linux kernel did not properly handle bad inodes in some situations. A local attacker could possibly use this to cause a denial of service. (CVE-2021-28950) Update Instructions: Run `sudo pro fix USN-4911-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1021-oem - 5.10.0-1021.22 No subscription required linux-image-oem-20.04b - 5.10.0.1021.22 linux-image-oem-20.04-edge - 5.10.0.1021.22 No subscription required Medium CVE-2020-25639 CVE-2021-28038 CVE-2021-28375 CVE-2021-28950 Ubuntu 20.04 LTS Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29154) It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-0423) It was discovered that the HID multitouch implementation within the Linux kernel did not properly validate input events in some situations. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-0465) It was discovered that the eventpoll (aka epoll) implementation in the Linux kernel contained a logic error that could lead to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-0466) It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An attacker with access to the perf subsystem could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14351) It was discovered that the frame buffer implementation in the Linux kernel did not properly handle some edge cases in software scrollback. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14390) It was discovered that a race condition existed in the hugetlb sysctl implementation in the Linux kernel. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2020-25285) It was discovered that the GENEVE tunnel implementation in the Linux kernel when combined with IPSec did not properly select IP routes in some situations. An attacker could use this to expose sensitive information (unencrypted network traffic). (CVE-2020-25645) Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-25669) Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in the Linux kernel did not correctly handle setting line discipline in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-27830) It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-36158) Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-20194) Adam Zabrocki discovered that the kprobes subsystem in the Linux kernel did not properly detect linker padding in some situations. A privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2021-3411) 吴异 discovered that the NFS implementation in the Linux kernel did not properly prevent access outside of an NFS export that is a subdirectory of a file system. An attacker could possibly use this to bypass NFS access restrictions. (CVE-2021-3178) Update Instructions: Run `sudo pro fix USN-4912-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1053-oem - 5.6.0-1053.57 No subscription required linux-image-oem-20.04 - 5.6.0.1053.49 No subscription required High CVE-2020-0423 CVE-2020-0465 CVE-2020-0466 CVE-2020-14351 CVE-2020-14390 CVE-2020-25285 CVE-2020-25645 CVE-2020-25669 CVE-2020-27830 CVE-2020-36158 CVE-2021-20194 CVE-2021-29154 CVE-2021-3178 CVE-2021-3411 Ubuntu 20.04 LTS It was discovered that Underscore incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary code. Update Instructions: Run `sudo pro fix USN-4913-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjs-underscore - 1.9.1~dfsg-1ubuntu0.20.04.1 node-underscore - 1.9.1~dfsg-1ubuntu0.20.04.1 No subscription required Medium CVE-2021-23358 Ubuntu 20.04 LTS It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. (CVE-2021-3493) Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user() when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service (memory exhaustion) or execute arbitrary code. (CVE-2021-3492) Update Instructions: Run `sudo pro fix USN-4915-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1054-oem - 5.6.0-1054.58 No subscription required linux-image-oem-20.04 - 5.6.0.1054.50 No subscription required High CVE-2021-3492 CVE-2021-3493 Ubuntu 20.04 LTS USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately, the fix for CVE-2021-3493 introduced a memory leak in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. (CVE-2021-3493) Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29154) Update Instructions: Run `sudo pro fix USN-4916-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1055-oem - 5.6.0-1055.59 No subscription required linux-image-oem-20.04 - 5.6.0.1055.51 No subscription required None https://launchpad.net/bugs/1924611 Ubuntu 20.04 LTS It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. (CVE-2021-3493) Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user() when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service (memory exhaustion) or execute arbitrary code. (CVE-2021-3492) Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29154) Update Instructions: Run `sudo pro fix USN-4917-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1022-oem - 5.10.0-1022.23 No subscription required linux-image-oem-20.04b - 5.10.0.1022.23 linux-image-oem-20.04-edge - 5.10.0.1022.23 No subscription required linux-image-5.4.0-1014-gkeop - 5.4.0-1014.15 No subscription required linux-image-5.4.0-1034-raspi - 5.4.0-1034.37 No subscription required linux-image-5.4.0-1038-kvm - 5.4.0-1038.39 No subscription required linux-image-5.4.0-1042-gcp - 5.4.0-1042.45 No subscription required linux-image-5.4.0-1043-oracle - 5.4.0-1043.46 No subscription required linux-image-5.4.0-1045-aws - 5.4.0-1045.47 No subscription required linux-image-5.4.0-1046-azure - 5.4.0-1046.48 No subscription required linux-image-5.4.0-72-generic - 5.4.0-72.80 linux-image-5.4.0-72-generic-lpae - 5.4.0-72.80 linux-image-5.4.0-72-lowlatency - 5.4.0-72.80 No subscription required linux-image-gkeop-5.4 - 5.4.0.1014.17 linux-image-gkeop - 5.4.0.1014.17 No subscription required linux-image-raspi - 5.4.0.1034.69 linux-image-raspi2 - 5.4.0.1034.69 linux-image-raspi-hwe-18.04-edge - 5.4.0.1034.69 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1034.69 linux-image-raspi-hwe-18.04 - 5.4.0.1034.69 linux-image-raspi2-hwe-18.04 - 5.4.0.1034.69 No subscription required linux-image-kvm - 5.4.0.1038.36 No subscription required linux-image-gcp - 5.4.0.1042.51 No subscription required linux-image-oracle - 5.4.0.1043.40 No subscription required linux-image-aws - 5.4.0.1045.46 No subscription required linux-image-azure - 5.4.0.1046.44 No subscription required linux-image-oem-osp1 - 5.4.0.72.75 linux-image-generic-hwe-18.04 - 5.4.0.72.75 linux-image-generic-lpae-hwe-18.04 - 5.4.0.72.75 linux-image-virtual - 5.4.0.72.75 linux-image-lowlatency-hwe-18.04 - 5.4.0.72.75 linux-image-generic - 5.4.0.72.75 linux-image-virtual-hwe-18.04 - 5.4.0.72.75 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.72.75 linux-image-oem - 5.4.0.72.75 linux-image-generic-hwe-18.04-edge - 5.4.0.72.75 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.72.75 linux-image-generic-lpae - 5.4.0.72.75 linux-image-lowlatency - 5.4.0.72.75 linux-image-virtual-hwe-18.04-edge - 5.4.0.72.75 No subscription required linux-image-5.8.0-50-generic-64k - 5.8.0-50.56~20.04.1 linux-image-5.8.0-50-generic - 5.8.0-50.56~20.04.1 linux-image-5.8.0-50-generic-lpae - 5.8.0-50.56~20.04.1 linux-image-5.8.0-50-lowlatency - 5.8.0-50.56~20.04.1 No subscription required linux-image-generic-64k-hwe-20.04-edge - 5.8.0.50.56~20.04.34 linux-image-generic-hwe-20.04 - 5.8.0.50.56~20.04.34 linux-image-virtual-hwe-20.04-edge - 5.8.0.50.56~20.04.34 linux-image-generic-lpae-hwe-20.04 - 5.8.0.50.56~20.04.34 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.50.56~20.04.34 linux-image-virtual-hwe-20.04 - 5.8.0.50.56~20.04.34 linux-image-generic-hwe-20.04-edge - 5.8.0.50.56~20.04.34 linux-image-generic-64k-hwe-20.04 - 5.8.0.50.56~20.04.34 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.50.56~20.04.34 linux-image-lowlatency-hwe-20.04 - 5.8.0.50.56~20.04.34 No subscription required High CVE-2021-29154 CVE-2021-3492 CVE-2021-3493 Ubuntu 20.04 LTS It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. (CVE-2021-1252) It was discovered that ClamAV incorrectly handled parsing PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2021-1404) It was discovered that ClamAV incorrectly handled parsing email. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2021-1405) Update Instructions: Run `sudo pro fix USN-4918-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav-base - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.103.2+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.103.2+dfsg-0ubuntu0.20.04.1 clamdscan - 0.103.2+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-1252 CVE-2021-1404 CVE-2021-1405 Ubuntu 20.04 LTS USN-4918-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan in some situations. This update fixes the problem. Original advisory details: It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. (CVE-2021-1252) It was discovered that ClamAV incorrectly handled parsing PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2021-1404) It was discovered that ClamAV incorrectly handled parsing email. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2021-1405) Update Instructions: Run `sudo pro fix USN-4918-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav-testfiles - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav-base - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav-daemon - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav-milter - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav-docs - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav-freshclam - 0.103.2+dfsg-0ubuntu0.20.04.2 libclamav9 - 0.103.2+dfsg-0ubuntu0.20.04.2 clamdscan - 0.103.2+dfsg-0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/1926300 Ubuntu 20.04 LTS It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code. (CVE-2019-13132) It was discovered that ZeroMQ mishandled certain network traffic. An unauthenticated attacker could use this vulnerability to cause a denial-of- service and prevent legitimate clients from communicating with ZeroMQ. (CVE-2020-15166) It was discovered that ZeroMQ did not properly manage memory under certain circumstances. If a user or automated system were tricked into connecting to one or multiple compromised servers, a remote attacker could use this issue to cause a denial of service. (CVE-2021-20234) It was discovered that ZeroMQ incorrectly handled memory when processing messages with arbitrarily large sizes under certain circumstances. A remote unauthenticated attacker could use this issue to cause a ZeroMQ server to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-20235) It was discovered that ZeroMQ did not properly manage memory under certain circumstances. A remote unauthenticated attacker could use this issue to cause a ZeroMQ server to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-20237) Update Instructions: Run `sudo pro fix USN-4920-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libzmq5 - 4.3.2-2ubuntu1.20.04.1~esm2 libzmq3-dev - 4.3.2-2ubuntu1.20.04.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2019-13132 CVE-2020-15166 CVE-2021-20234 CVE-2021-20235 CVE-2021-20237 Ubuntu 20.04 LTS It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4921-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: caca-utils - 0.99.beta19-2.1ubuntu1.20.04.1 libcaca-dev - 0.99.beta19-2.1ubuntu1.20.04.1 libcaca0 - 0.99.beta19-2.1ubuntu1.20.04.1 No subscription required Medium CVE-2021-3410 Ubuntu 20.04 LTS Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack. Update Instructions: Run `sudo pro fix USN-4922-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.4 ruby2.7-doc - 2.7.0-5ubuntu1.4 libruby2.7 - 2.7.0-5ubuntu1.4 ruby2.7-dev - 2.7.0-5ubuntu1.4 No subscription required Medium CVE-2021-28965 Ubuntu 20.04 LTS Laszlo Ersek discovered that EDK II incorrectly handled recursion. A remote attacker could possibly use this issue to cause EDK II to consume resources, leading to a denial of service. (CVE-2021-28210) Satoshi Tanda discovered that EDK II incorrectly handled decompressing certain images. A remote attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-28211) Update Instructions: Run `sudo pro fix USN-4923-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-efi-arm - 0~20191122.bd85bf54-2ubuntu3.2 qemu-efi - 0~20191122.bd85bf54-2ubuntu3.2 qemu-efi-aarch64 - 0~20191122.bd85bf54-2ubuntu3.2 ovmf - 0~20191122.bd85bf54-2ubuntu3.2 No subscription required Medium CVE-2021-28210 CVE-2021-28211 Ubuntu 20.04 LTS Toni Huttunen and Fraktal Oy discovered that the Shibboleth Service provider allowed content injection due to allowing attacker-controlled parameters in error or other status pages. An attacker could use this to inject malicious content. Update Instructions: Run `sudo pro fix USN-4925-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: shibboleth-sp2-common - 3.0.4+dfsg1-1ubuntu0.1 shibboleth-sp2-utils - 3.0.4+dfsg1-1ubuntu0.1 libapache2-mod-shib2 - 3.0.4+dfsg1-1ubuntu0.1 libshibsp-plugins - 3.0.4+dfsg1-1ubuntu0.1 libshibsp8 - 3.0.4+dfsg1-1ubuntu0.1 shibboleth-sp-utils - 3.0.4+dfsg1-1ubuntu0.1 libshibsp-doc - 3.0.4+dfsg1-1ubuntu0.1 libapache2-mod-shib - 3.0.4+dfsg1-1ubuntu0.1 libshibsp-dev - 3.0.4+dfsg1-1ubuntu0.1 shibboleth-sp-common - 3.0.4+dfsg1-1ubuntu0.1 No subscription required Medium CVE-2021-28963 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, trick the user into disclosing confidential information, or execute arbitrary code. (CVE-2021-23994, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-29945, CVE-2021-29946, CVE-2021-29947) A use-after-free was discovered when Responsive Design Mode was enabled. If a user were tricked into opening a specially crafted website with Responsive Design Mode enabled, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2021-23995) It was discovered that Firefox mishandled ftp URLs with encoded newline characters. If a user were tricked into clicking on a specially crafted link, an attacker could potentially exploit this to send arbitrary FTP commands. (CVE-2021-24002) Update Instructions: Run `sudo pro fix USN-4926-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 88.0+build2-0ubuntu0.20.04.1 firefox - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 88.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 88.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 88.0+build2-0ubuntu0.20.04.1 firefox-dev - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 88.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-23994 CVE-2021-23995 CVE-2021-23996 CVE-2021-23997 CVE-2021-23998 CVE-2021-23999 CVE-2021-24000 CVE-2021-24001 CVE-2021-24002 CVE-2021-29945 CVE-2021-29946 CVE-2021-29947 Ubuntu 20.04 LTS It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4927-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: file-roller - 3.36.3-0ubuntu1.1 No subscription required Medium CVE-2020-36314 Ubuntu 20.04 LTS It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause access sensitive information or cause a crash. (CVE-2021-3497) It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code or cause a crash. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-3498) Update Instructions: Run `sudo pro fix USN-4928-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gstreamer1.0-gtk3 - 1.16.2-1ubuntu2.1 gstreamer1.0-pulseaudio - 1.16.2-1ubuntu2.1 gstreamer1.0-plugins-good-doc - 1.16.2-1ubuntu2.1 libgstreamer-plugins-good1.0-dev - 1.16.2-1ubuntu2.1 libgstreamer-plugins-good1.0-0 - 1.16.2-1ubuntu2.1 gstreamer1.0-plugins-good - 1.16.2-1ubuntu2.1 gstreamer1.0-qt5 - 1.16.2-1ubuntu2.1 No subscription required Medium CVE-2021-3497 CVE-2021-3498 Ubuntu 20.04 LTS Greg Kuechle discovered that Bind incorrectly handled certain incremental zone updates. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2021-25214) Siva Kakarla discovered that Bind incorrectly handled certain DNAME records. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2021-25215) It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-25216) Update Instructions: Run `sudo pro fix USN-4929-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.8 bind9-libs - 1:9.16.1-0ubuntu2.8 bind9utils - 1:9.16.1-0ubuntu2.8 bind9-doc - 1:9.16.1-0ubuntu2.8 bind9-utils - 1:9.16.1-0ubuntu2.8 bind9 - 1:9.16.1-0ubuntu2.8 bind9-dnsutils - 1:9.16.1-0ubuntu2.8 bind9-host - 1:9.16.1-0ubuntu2.8 No subscription required Medium CVE-2021-25214 CVE-2021-25215 CVE-2021-25216 Ubuntu 20.04 LTS Peter Eriksson discovered that Samba incorrectly handled certain negative idmap cache entries. This issue could result in certain users gaining unauthorized access to files, contrary to expected behaviour. Update Instructions: Run `sudo pro fix USN-4930-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.11.6+dfsg-0ubuntu1.8 samba - 2:4.11.6+dfsg-0ubuntu1.8 libnss-winbind - 2:4.11.6+dfsg-0ubuntu1.8 libpam-winbind - 2:4.11.6+dfsg-0ubuntu1.8 libsmbclient - 2:4.11.6+dfsg-0ubuntu1.8 smbclient - 2:4.11.6+dfsg-0ubuntu1.8 winbind - 2:4.11.6+dfsg-0ubuntu1.8 samba-testsuite - 2:4.11.6+dfsg-0ubuntu1.8 python3-samba - 2:4.11.6+dfsg-0ubuntu1.8 samba-common-bin - 2:4.11.6+dfsg-0ubuntu1.8 libwbclient0 - 2:4.11.6+dfsg-0ubuntu1.8 samba-dsdb-modules - 2:4.11.6+dfsg-0ubuntu1.8 samba-dev - 2:4.11.6+dfsg-0ubuntu1.8 libsmbclient-dev - 2:4.11.6+dfsg-0ubuntu1.8 samba-vfs-modules - 2:4.11.6+dfsg-0ubuntu1.8 samba-common - 2:4.11.6+dfsg-0ubuntu1.8 registry-tools - 2:4.11.6+dfsg-0ubuntu1.8 samba-libs - 2:4.11.6+dfsg-0ubuntu1.8 ctdb - 2:4.11.6+dfsg-0ubuntu1.8 No subscription required Medium CVE-2021-20254 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories. Update Instructions: Run `sudo pro fix USN-4932-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.6 python-django-doc - 2:2.2.12-1ubuntu0.6 No subscription required Medium CVE-2021-31542 Ubuntu 20.04 LTS It was discovered that OpenVPN incorrectly handled certain data channel v2 packets. A remote attacker could possibly use this issue to inject packets using a victim's peer-id. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-11810) It was discovered that OpenVPN incorrectly handled deferred authentication. When a server is configured to use deferred authentication, a remote attacker could possibly use this issue to bypass authentication and access control channel data. (CVE-2020-15078) Update Instructions: Run `sudo pro fix USN-4933-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvpn - 2.4.7-1ubuntu2.20.04.2 No subscription required Medium CVE-2020-11810 CVE-2020-15078 Ubuntu 20.04 LTS It was discovered that Exim contained multiple security issues. An attacker could use these issues to cause a denial of service, execute arbitrary code remotely, obtain sensitive information, or escalate local privileges. Update Instructions: Run `sudo pro fix USN-4934-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4-dev - 4.93-13ubuntu1.5 eximon4 - 4.93-13ubuntu1.5 exim4 - 4.93-13ubuntu1.5 exim4-daemon-light - 4.93-13ubuntu1.5 exim4-config - 4.93-13ubuntu1.5 exim4-daemon-heavy - 4.93-13ubuntu1.5 exim4-base - 4.93-13ubuntu1.5 No subscription required Medium CVE-2020-28007 CVE-2020-28008 CVE-2020-28009 CVE-2020-28010 CVE-2020-28011 CVE-2020-28012 CVE-2020-28013 CVE-2020-28014 CVE-2020-28015 CVE-2020-28016 CVE-2020-28017 CVE-2020-28018 CVE-2020-28019 CVE-2020-28020 CVE-2020-28021 CVE-2020-28022 CVE-2020-28023 CVE-2020-28024 CVE-2020-28025 CVE-2020-28026 CVE-2021-27216 Ubuntu 20.04 LTS It was discovered that the NVIDIA GPU display driver for the Linux kernel incorrectly performed access control. A local attacker could use this issue to cause a denial of service, expose sensitive information, or escalate privileges. (CVE-2021-1076) It was discovered that the NVIDIA GPU display driver for the Linux kernel incorrectly performed reference counting. A local attacker could use this issue to cause a denial of service. (CVE-2021-1077) Update Instructions: Run `sudo pro fix USN-4935-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nvidia-compute-utils-390 - 390.143-0ubuntu0.20.04.1 libnvidia-ifr1-390 - 390.143-0ubuntu0.20.04.1 nvidia-kernel-common-390 - 390.143-0ubuntu0.20.04.1 libnvidia-decode-390 - 390.143-0ubuntu0.20.04.1 nvidia-utils-390 - 390.143-0ubuntu0.20.04.1 libnvidia-gl-390 - 390.143-0ubuntu0.20.04.1 libnvidia-compute-390 - 390.143-0ubuntu0.20.04.1 nvidia-driver-390 - 390.143-0ubuntu0.20.04.1 nvidia-384-dev - 390.143-0ubuntu0.20.04.1 nvidia-headless-no-dkms-390 - 390.143-0ubuntu0.20.04.1 libcuda1-384 - 390.143-0ubuntu0.20.04.1 libnvidia-cfg1-390 - 390.143-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-390 - 390.143-0ubuntu0.20.04.1 libnvidia-encode-390 - 390.143-0ubuntu0.20.04.1 nvidia-opencl-icd-384 - 390.143-0ubuntu0.20.04.1 nvidia-dkms-390 - 390.143-0ubuntu0.20.04.1 nvidia-headless-390 - 390.143-0ubuntu0.20.04.1 libnvidia-common-390 - 390.143-0ubuntu0.20.04.1 nvidia-libopencl1-384 - 390.143-0ubuntu0.20.04.1 libnvidia-fbc1-390 - 390.143-0ubuntu0.20.04.1 nvidia-kernel-source-390 - 390.143-0ubuntu0.20.04.1 nvidia-384 - 390.143-0ubuntu0.20.04.1 No subscription required xserver-xorg-video-nvidia-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-kernel-common-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-decode-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-ifr1-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-compute-utils-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-gl-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-fbc1-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-driver-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-utils-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-common-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-compute-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-headless-no-dkms-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-headless-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-encode-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-kernel-source-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-cfg1-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-dkms-418-server - 418.197.02-0ubuntu0.20.04.1 No subscription required libnvidia-compute-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-ifr1-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-encode-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-driver-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-fbc1-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-compute-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-decode-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-gl-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-common-440-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-common-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-common-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-encode-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-extra-450-server - 450.119.03-0ubuntu0.20.04.1 nvidia-utils-450-server - 450.119.03-0ubuntu0.20.04.1 nvidia-utils-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-440-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-cfg1-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-common-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-cfg1-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-common-440-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-encode-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-dkms-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-utils-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-source-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-encode-450-server - 450.119.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-driver-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-driver-440-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-cfg1-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-compute-utils-440-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-cfg1-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-compute-utils-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-fbc1-440-server - 450.119.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-common-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-decode-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-driver-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-source-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-common-450-server - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-compute-utils-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-common-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-decode-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-ifr1-440 - 450.119.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-dkms-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-ifr1-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-source-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-source-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-fbc1-450-server - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-ifr1-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-utils-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-dkms-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-extra-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-gl-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-compute-utils-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-compute-440-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-decode-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-extra-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-dkms-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-fbc1-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-gl-440-server - 450.119.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-compute-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-extra-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-gl-440 - 450.119.03-0ubuntu0.20.04.1 No subscription required libnvidia-common-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-gl-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-utils-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-encode-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-fbc1-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-headless-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-compute-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-gl-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-common-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-cfg1-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-gl-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-compute-utils-460 - 460.73.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460 - 460.73.01-0ubuntu0.20.04.1 nvidia-kernel-common-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-cfg1-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-utils-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-decode-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-compute-460 - 460.73.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-ifr1-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-driver-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-fbc1-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-kernel-source-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-encode-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-kernel-common-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-common-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-dkms-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-extra-460 - 460.73.01-0ubuntu0.20.04.1 nvidia-compute-utils-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-kernel-common-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-dkms-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-extra-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-driver-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-fbc1-460 - 460.73.01-0ubuntu0.20.04.1 nvidia-kernel-source-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-compute-utils-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-ifr1-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-decode-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-encode-460 - 460.73.01-0ubuntu0.20.04.1 nvidia-utils-455 - 460.73.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-headless-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-kernel-source-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-cfg1-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-decode-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-ifr1-460 - 460.73.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-dkms-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-headless-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-extra-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-compute-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-driver-460-server - 460.73.01-0ubuntu0.20.04.1 No subscription required High CVE-2021-1076 CVE-2021-1077 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978) It was discovered that Thunderbird may keep key material in memory in some circumstances. A local attacker could potentially exploit this to obtain private keys. (CVE-2021-29950) Update Instructions: Run `sudo pro fix USN-4936-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:78.8.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:78.8.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:78.8.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:78.8.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-23968 CVE-2021-23969 CVE-2021-23973 CVE-2021-23978 CVE-2021-29950 Ubuntu 20.04 LTS Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution. Update Instructions: Run `sudo pro fix USN-4937-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgnome-autoar-0-dev - 0.2.3-2ubuntu0.3 libgnome-autoar-gtk-0-0 - 0.2.3-2ubuntu0.3 gir1.2-gnomeautoar-0.1 - 0.2.3-2ubuntu0.3 libgnome-autoar-gtk-0-dev - 0.2.3-2ubuntu0.3 gir1.2-gnomeautoargtk-0.1 - 0.2.3-2ubuntu0.3 libgnome-autoar-doc - 0.2.3-2ubuntu0.3 libgnome-autoar-0-0 - 0.2.3-2ubuntu0.3 No subscription required Medium CVE-2021-28650 Ubuntu 20.04 LTS USN-4937-1 fixed a vulnerability in GNOME Autoar. The update caused a regression when extracting certain archives. This update fixes the problem. Original advisory details: Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution. Update Instructions: Run `sudo pro fix USN-4937-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgnome-autoar-0-dev - 0.2.3-2ubuntu0.4 libgnome-autoar-gtk-0-0 - 0.2.3-2ubuntu0.4 gir1.2-gnomeautoar-0.1 - 0.2.3-2ubuntu0.4 libgnome-autoar-gtk-0-dev - 0.2.3-2ubuntu0.4 gir1.2-gnomeautoargtk-0.1 - 0.2.3-2ubuntu0.4 libgnome-autoar-doc - 0.2.3-2ubuntu0.4 libgnome-autoar-0-0 - 0.2.3-2ubuntu0.4 No subscription required None https://launchpad.net/bugs/1929304 Ubuntu 20.04 LTS It was discovered that Unbound contained multiple security issues. A remote attacker could possibly use these issues to cause a denial of service, inject arbitrary commands, execute arbitrary code, and overwrite local files. Update Instructions: Run `sudo pro fix USN-4938-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: unbound - 1.9.4-2ubuntu1.2 python3-unbound - 1.9.4-2ubuntu1.2 libunbound8 - 1.9.4-2ubuntu1.2 python-unbound - 1.9.4-2ubuntu1.2 unbound-anchor - 1.9.4-2ubuntu1.2 unbound-host - 1.9.4-2ubuntu1.2 libunbound-dev - 1.9.4-2ubuntu1.2 No subscription required Medium CVE-2019-25031 CVE-2019-25032 CVE-2019-25033 CVE-2019-25034 CVE-2019-25035 CVE-2019-25036 CVE-2019-25037 CVE-2019-25038 CVE-2019-25039 CVE-2019-25040 CVE-2019-25041 CVE-2019-25042 CVE-2020-28935 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4939-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.32.0-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.32.0-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.32.0-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.32.0-0ubuntu0.20.04.1 webkit2gtk-driver - 2.32.0-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.32.0-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.32.0-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.32.0-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.32.0-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.32.0-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-1788 CVE-2021-1844 CVE-2021-1871 Ubuntu 20.04 LTS It was discovered that PyYAML incorrectly handled untrusted YAML files with the FullLoader loader. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4940-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-yaml - 5.3.1-1ubuntu0.1 python3-yaml - 5.3.1-1ubuntu0.1 No subscription required Medium CVE-2020-14343 Ubuntu 20.04 LTS It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2021-29457) It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-29458, CVE-2021-29470) It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2021-3482) Update Instructions: Run `sudo pro fix USN-4941-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exiv2 - 0.27.2-8ubuntu2.2 libexiv2-27 - 0.27.2-8ubuntu2.2 libexiv2-doc - 0.27.2-8ubuntu2.2 libexiv2-dev - 0.27.2-8ubuntu2.2 No subscription required Medium CVE-2021-29457 CVE-2021-29458 CVE-2021-29470 CVE-2021-3482 Ubuntu 20.04 LTS A race condition was discovered in Web Render Components. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4942-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-nn - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ne - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-nb - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fa - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fi - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fr - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fy - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-or - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-kab - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-oc - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-cs - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ga - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gd - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gn - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gl - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gu - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-pa - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-pl - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-cy - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-pt - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-szl - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hi - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-uk - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-he - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hy - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hr - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hu - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-as - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ar - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ia - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-az - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-id - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mai - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-af - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-is - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-it - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-an - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-bs - 88.0.1+build1-0ubuntu0.20.04.2 firefox - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ro - 88.0.1+build1-0ubuntu0.20.04.2 firefox-geckodriver - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ja - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ru - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-br - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-zh-hant - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-zh-hans - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-bn - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-be - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-bg - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sl - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sk - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-si - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sw - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sv - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sr - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sq - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ko - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-kn - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-km - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-kk - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ka - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-xh - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ca - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ku - 88.0.1+build1-0ubuntu0.20.04.2 firefox-mozsymbols - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-lv - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-lt - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-th - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hsb - 88.0.1+build1-0ubuntu0.20.04.2 firefox-dev - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-te - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-cak - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ta - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-lg - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-tr - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-nso - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-de - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-da - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ms - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mr - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-my - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-uz - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ml - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mn - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mk - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ur - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-vi - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-eu - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-et - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-es - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-csb - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-el - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-eo - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-en - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-zu - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ast - 88.0.1+build1-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-29952 Ubuntu 20.04 LTS Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. This issue affected only affected Ubuntu 20.10. (CVE-2020-26217) It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream. This issue only affected Ubuntu 20.10. (CVE-2020-26258) It was discovered that XStream was vulnerable to arbitrary file deletion on the local host. A remote attacker could use this to delete arbitrary known files on the host as long as the executing process had sufficient rights only by manipulating the processed input stream. This issue only affected Ubuntu 20.10. (CVE-2020-26259) It was discovered that XStream was vulnerable to denial of service, arbitrary code execution, arbitrary file deletion and server-side forgery attacks. A remote attacker could cause any of those issues by manipulating the processed input stream. (CVE-2021-21341, CVE-2021-21342, CVE-2021-21343 CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351) Update Instructions: Run `sudo pro fix USN-4943-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxstream-java - 1.4.11.1-1ubuntu0.2 No subscription required Medium CVE-2020-26217 CVE-2020-26258 CVE-2020-26259 CVE-2021-21341 CVE-2021-21342 CVE-2021-21343 CVE-2021-21344 CVE-2021-21345 CVE-2021-21346 CVE-2021-21347 CVE-2021-21348 CVE-2021-21349 CVE-2021-21350 CVE-2021-21351 Ubuntu 20.04 LTS This update fixed multiple vulnerabilities in MariaDB. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.48. Ubuntu 20.04 LTS has been updated to MariaDB 10.3.29. Ubuntu 20.10 has been updated to MariaDB 10.3.29. Ubuntu 21.04 has been updated to MariaDB 10.5.10. Update Instructions: Run `sudo pro fix USN-4944-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.29-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.29-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.29-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.29-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.29-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.29-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.29-0ubuntu0.20.04.1 mariadb-client - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.29-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.29-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.29-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.29-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.29-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.29-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.29-0ubuntu0.20.04.1 mariadb-server - 1:10.3.29-0ubuntu0.20.04.1 mariadb-common - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.29-0ubuntu0.20.04.1 mariadb-test - 1:10.3.29-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1926926 Ubuntu 20.04 LTS USN-4944-1 fixed vulnerabilities in MariaDB. It caused a regression. This update fixes the problem. Original advisory details: Ubuntu 20.04 has been updated to MariaDB 10.3.30. Update Instructions: Run `sudo pro fix USN-4944-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.30-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.30-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.30-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.30-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.30-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.30-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.30-0ubuntu0.20.04.1 mariadb-client - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.30-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.30-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.30-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.30-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.30-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.30-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.30-0ubuntu0.20.04.1 mariadb-server - 1:10.3.30-0ubuntu0.20.04.1 mariadb-common - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.30-0ubuntu0.20.04.1 mariadb-test - 1:10.3.30-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1913676 Ubuntu 20.04 LTS It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25639) Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-28038) It was discovered that the fastrpc driver in the Linux kernel did not prevent user space applications from sending kernel RPC messages. A local attacker could possibly use this to gain elevated privileges. (CVE-2021-28375) It was discovered that the Realtek RTL8188EU Wireless device driver in the Linux kernel did not properly validate ssid lengths in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-28660) It was discovered that the USB/IP driver in the Linux kernel contained race conditions during the update of local and shared status. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29265) It was discovered that a race condition existed in the netfilter subsystem of the Linux kernel when replacing tables. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650) Arnd Bergmann discovered that the video4linux subsystem in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-30002) Update Instructions: Run `sudo pro fix USN-4945-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1015-gkeop - 5.4.0-1015.16 No subscription required linux-image-5.4.0-1039-kvm - 5.4.0-1039.40 No subscription required linux-image-5.4.0-1043-gke - 5.4.0-1043.45 No subscription required linux-image-5.4.0-1043-gcp - 5.4.0-1043.46 No subscription required linux-image-5.4.0-1045-oracle - 5.4.0-1045.49+1 No subscription required linux-image-5.4.0-1047-azure - 5.4.0-1047.49 No subscription required linux-image-5.4.0-1048-aws - 5.4.0-1048.50 No subscription required linux-image-5.4.0-73-lowlatency - 5.4.0-73.82 linux-image-5.4.0-73-generic-lpae - 5.4.0-73.82 linux-image-5.4.0-73-generic - 5.4.0-73.82 No subscription required linux-image-gkeop-5.4 - 5.4.0.1015.18 linux-image-gkeop - 5.4.0.1015.18 No subscription required linux-image-kvm - 5.4.0.1039.37 No subscription required linux-image-gke - 5.4.0.1043.52 linux-image-gke-5.4 - 5.4.0.1043.52 linux-image-gcp - 5.4.0.1043.52 No subscription required linux-image-oracle - 5.4.0.1045.44 No subscription required linux-image-azure - 5.4.0.1047.45 No subscription required linux-image-aws - 5.4.0.1048.49 No subscription required linux-image-oem-osp1 - 5.4.0.73.76 linux-image-generic-hwe-18.04 - 5.4.0.73.76 linux-image-generic-lpae-hwe-18.04 - 5.4.0.73.76 linux-image-virtual - 5.4.0.73.76 linux-image-lowlatency-hwe-18.04 - 5.4.0.73.76 linux-image-generic - 5.4.0.73.76 linux-image-virtual-hwe-18.04 - 5.4.0.73.76 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.73.76 linux-image-generic-hwe-18.04-edge - 5.4.0.73.76 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.73.76 linux-image-oem - 5.4.0.73.76 linux-image-generic-lpae - 5.4.0.73.76 linux-image-lowlatency - 5.4.0.73.76 linux-image-virtual-hwe-18.04-edge - 5.4.0.73.76 No subscription required Medium CVE-2020-25639 CVE-2021-28038 CVE-2021-28375 CVE-2021-28660 CVE-2021-29265 CVE-2021-29650 CVE-2021-30002 Ubuntu 20.04 LTS USN-4945-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. This update provides the corresponding Linux kernel updates targeted specifically for Raspberry Pi devices in those same Ubuntu Releases. Original advisory details: It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25639) Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-28038) It was discovered that the fastrpc driver in the Linux kernel did not prevent user space applications from sending kernel RPC messages. A local attacker could possibly use this to gain elevated privileges. (CVE-2021-28375) It was discovered that the Realtek RTL8188EU Wireless device driver in the Linux kernel did not properly validate ssid lengths in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-28660) It was discovered that the USB/IP driver in the Linux kernel contained race conditions during the update of local and shared status. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29265) It was discovered that a race condition existed in the netfilter subsystem of the Linux kernel when replacing tables. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650) Arnd Bergmann discovered that the video4linux subsystem in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-30002) Update Instructions: Run `sudo pro fix USN-4945-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1035-raspi - 5.4.0-1035.38 No subscription required linux-image-raspi-hwe-18.04-edge - 5.4.0.1035.70 linux-image-raspi-hwe-18.04 - 5.4.0.1035.70 linux-image-raspi - 5.4.0.1035.70 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1035.70 linux-image-raspi2 - 5.4.0.1035.70 linux-image-raspi2-hwe-18.04 - 5.4.0.1035.70 No subscription required Medium CVE-2020-25639 CVE-2021-28038 CVE-2021-28375 CVE-2021-28660 CVE-2021-29265 CVE-2021-29650 CVE-2021-30002 Ubuntu 20.04 LTS Kiyin (尹亮) discovered that the x25 implementation in the Linux kernel contained overflows when handling addresses from user space. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-35519) It was discovered that the fastrpc driver in the Linux kernel did not prevent user space applications from sending kernel RPC messages. A local attacker could possibly use this to gain elevated privileges. (CVE-2021-28375) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly validate passed encryption key sizes. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29646) It was discovered that a race condition existed in the netfilter subsystem of the Linux kernel when replacing tables. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650) Arnd Bergmann discovered that the video4linux subsystem in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-30002) Update Instructions: Run `sudo pro fix USN-4947-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1056-oem - 5.6.0-1056.60 No subscription required linux-image-oem-20.04 - 5.6.0.1056.52 No subscription required Medium CVE-2020-35519 CVE-2021-28375 CVE-2021-29646 CVE-2021-29650 CVE-2021-30002 Ubuntu 20.04 LTS Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3489) Manfred Paul discovered that the eBPF implementation in the Linux kernel did not properly track bounds on bitwise operations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3490) Billy Jheng Bing-Jhong discovered that the io_uring implementation of the Linux kernel did not properly enforce the MAX_RW_COUNT limit in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3491) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25670) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-25671, CVE-2020-25672) It was discovered that the Xen paravirtualization backend in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-28688) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition leading to a deadlock condition. A local attacker could use this to cause a denial of service. (CVE-2021-28951) John Stultz discovered that the audio driver for Qualcomm SDM845 systems in the Linux kernel did not properly validate port ID numbers. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-28952) Zygo Blaxell discovered that the btrfs file system implementation in the Linux kernel contained a race condition during certain cloning operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-28964) Vince Weaver discovered that the perf subsystem in the Linux kernel did not properly handle certain PEBS records properly for some Intel Haswell processors. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-28971) It was discovered that the RPA PCI Hotplug driver implementation in the Linux kernel did not properly handle device name writes via sysfs, leading to a buffer overflow. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-28972) It was discovered that the Freescale Gianfar Ethernet driver for the Linux kernel did not properly handle receive queue overrun when jumbo frames were enabled in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29264) It was discovered that the vDPA backend virtio driver in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29266) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly validate passed encryption key sizes. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29646) It was discovered that the Qualcomm IPC router implementation in the Linux kernel did not properly initialize memory passed to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-29647) It was discovered that the BPF user mode driver implementation in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-29649) It was discovered that a race condition existed in the netfilter subsystem of the Linux kernel when replacing tables. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650) Felix Wilhelm discovered that the KVM implementation in the Linux kernel for AMD processors contained race conditions on nested VMCB controls. A local attacker in a guest vm could possibly use this to gain elevated privileges. (CVE-2021-29657) Dan Carpenter discovered that the block device manager (dm) implementation in the Linux kernel contained a buffer overflow in the ioctl for listing devices. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2021-31916) 马哲宇 discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3483) Update Instructions: Run `sudo pro fix USN-4948-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1026-oem - 5.10.0-1026.27 No subscription required linux-image-oem-20.04b - 5.10.0.1026.27 linux-image-oem-20.04-edge - 5.10.0.1026.27 No subscription required High CVE-2020-25670 CVE-2020-25671 CVE-2020-25672 CVE-2021-28688 CVE-2021-28951 CVE-2021-28952 CVE-2021-28964 CVE-2021-28971 CVE-2021-28972 CVE-2021-29264 CVE-2021-29266 CVE-2021-29646 CVE-2021-29647 CVE-2021-29649 CVE-2021-29650 CVE-2021-29657 CVE-2021-31916 CVE-2021-3483 CVE-2021-3489 CVE-2021-3490 CVE-2021-3491 Ubuntu 20.04 LTS Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3489) Manfred Paul discovered that the eBPF implementation in the Linux kernel did not properly track bounds on bitwise operations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3490) Billy Jheng Bing-Jhong discovered that the io_uring implementation of the Linux kernel did not properly enforce the MAX_RW_COUNT limit in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3491) It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25639) Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H. Schönherr discovered that the Xen paravirtualization backend in the Linux kernel did not properly propagate errors to frontend drivers in some situations. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-26930) Jan Beulich discovered that multiple Xen backends in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-26931) It was discovered that the fastrpc driver in the Linux kernel did not prevent user space applications from sending kernel RPC messages. A local attacker could possibly use this to gain elevated privileges. (CVE-2021-28375) It was discovered that the Freescale Gianfar Ethernet driver for the Linux kernel did not properly handle receive queue overrun when jumbo frames were enabled in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29264) It was discovered that the USB/IP driver in the Linux kernel contained race conditions during the update of local and shared status. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29265) It was discovered that the vDPA backend virtio driver in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29266) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly validate passed encryption key sizes. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29646) It was discovered that a race condition existed in the netfilter subsystem of the Linux kernel when replacing tables. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650) Update Instructions: Run `sudo pro fix USN-4949-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-53-lowlatency - 5.8.0-53.60~20.04.1 linux-image-5.8.0-53-generic-lpae - 5.8.0-53.60~20.04.1 linux-image-5.8.0-53-generic-64k - 5.8.0-53.60~20.04.1 linux-image-5.8.0-53-generic - 5.8.0-53.60~20.04.1 No subscription required linux-image-virtual-hwe-20.04-edge - 5.8.0.53.60~20.04.37 linux-image-generic-hwe-20.04-edge - 5.8.0.53.60~20.04.37 linux-image-generic-lpae-hwe-20.04 - 5.8.0.53.60~20.04.37 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.53.60~20.04.37 linux-image-generic-64k-hwe-20.04 - 5.8.0.53.60~20.04.37 linux-image-generic-64k-hwe-20.04-edge - 5.8.0.53.60~20.04.37 linux-image-virtual-hwe-20.04 - 5.8.0.53.60~20.04.37 linux-image-generic-hwe-20.04 - 5.8.0.53.60~20.04.37 linux-image-lowlatency-hwe-20.04 - 5.8.0.53.60~20.04.37 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.53.60~20.04.37 No subscription required High CVE-2020-25639 CVE-2021-26930 CVE-2021-26931 CVE-2021-28375 CVE-2021-29264 CVE-2021-29265 CVE-2021-29266 CVE-2021-29646 CVE-2021-29650 CVE-2021-3489 CVE-2021-3490 CVE-2021-3491 Ubuntu 20.04 LTS Anton Lydike discovered that Flatpak did not properly handle special tokens in desktop files. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement. Update Instructions: Run `sudo pro fix USN-4951-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libflatpak0 - 1.6.5-0ubuntu0.3 libflatpak-dev - 1.6.5-0ubuntu0.3 gir1.2-flatpak-1.0 - 1.6.5-0ubuntu0.3 libflatpak-doc - 1.6.5-0ubuntu0.3 flatpak - 1.6.5-0ubuntu0.3 flatpak-tests - 1.6.5-0ubuntu0.3 No subscription required Medium CVE-2021-21381 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.25 in Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.34. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-34.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-24.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-25.html https://www.oracle.com/security-alerts/cpuapr2021.html Update Instructions: Run `sudo pro fix USN-4952-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.25-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.25-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.25-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.25-0ubuntu0.20.04.1 mysql-router - 8.0.25-0ubuntu0.20.04.1 mysql-server - 8.0.25-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.25-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.25-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.25-0ubuntu0.20.04.1 mysql-testsuite - 8.0.25-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.25-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.25-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-2146 CVE-2021-2154 CVE-2021-2162 CVE-2021-2164 CVE-2021-2166 CVE-2021-2169 CVE-2021-2170 CVE-2021-2171 CVE-2021-2172 CVE-2021-2179 CVE-2021-2180 CVE-2021-2193 CVE-2021-2194 CVE-2021-2196 CVE-2021-2201 CVE-2021-2203 CVE-2021-2208 CVE-2021-2212 CVE-2021-2215 CVE-2021-2217 CVE-2021-2226 CVE-2021-2230 CVE-2021-2232 CVE-2021-2278 CVE-2021-2293 CVE-2021-2298 CVE-2021-2299 CVE-2021-2300 CVE-2021-2301 CVE-2021-2304 CVE-2021-2305 CVE-2021-2307 CVE-2021-2308 Ubuntu 20.04 LTS Sean Boran discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2020-29600) It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to access sensitive information. (CVE-2020-35176) Update Instructions: Run `sudo pro fix USN-4953-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: awstats - 7.6+dfsg-2ubuntu0.20.04.1 No subscription required Medium CVE-2017-1000501 CVE-2020-29600 CVE-2020-35176 Ubuntu 20.04 LTS It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-4956-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-eventlet-doc - 0.25.1-2ubuntu1.1 python3-eventlet - 0.25.1-2ubuntu1.1 No subscription required Medium CVE-2021-21419 Ubuntu 20.04 LTS It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, a remote attacker could cause applications to hang or crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4957-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libdjvulibre21 - 3.5.27.1-14ubuntu0.1 libdjvulibre-text - 3.5.27.1-14ubuntu0.1 djvulibre-desktop - 3.5.27.1-14ubuntu0.1 djview3 - 3.5.27.1-14ubuntu0.1 djvuserve - 3.5.27.1-14ubuntu0.1 libdjvulibre-dev - 3.5.27.1-14ubuntu0.1 djview - 3.5.27.1-14ubuntu0.1 djvulibre-bin - 3.5.27.1-14ubuntu0.1 No subscription required Medium CVE-2021-32490 CVE-2021-32491 CVE-2021-32492 CVE-2021-32493 CVE-2021-3500 Ubuntu 20.04 LTS It was discovered that the Caribou onscreen keyboard could be made to crash when given certain input values. An attacker could use this to bypass screen-locking applications that support using Caribou as an input mechanism. Update Instructions: Run `sudo pro fix USN-4958-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcaribou-gtk3-module - 0.4.21-7ubuntu0.20.04.1 libcaribou0 - 0.4.21-7ubuntu0.20.04.1 libcaribou-dev - 0.4.21-7ubuntu0.20.04.1 gir1.2-caribou-1.0 - 0.4.21-7ubuntu0.20.04.1 libcaribou-gtk-module - 0.4.21-7ubuntu0.20.04.1 caribou-antler - 0.4.21-7ubuntu0.20.04.1 libcaribou-common - 0.4.21-7ubuntu0.20.04.1 caribou - 0.4.21-7ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1912060 Ubuntu 20.04 LTS It was discovered that GStreamer Base Plugins incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4959-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gstreamer1.0-plugins-base - 1.16.2-4ubuntu0.1 libgstreamer-plugins-base1.0-0 - 1.16.2-4ubuntu0.1 gstreamer1.0-x - 1.16.2-4ubuntu0.1 gstreamer1.0-plugins-base-doc - 1.16.2-4ubuntu0.1 libgstreamer-gl1.0-0 - 1.16.2-4ubuntu0.1 gstreamer1.0-gl - 1.16.2-4ubuntu0.1 libgstreamer-plugins-base1.0-dev - 1.16.2-4ubuntu0.1 gir1.2-gst-plugins-base-1.0 - 1.16.2-4ubuntu0.1 gstreamer1.0-alsa - 1.16.2-4ubuntu0.1 gstreamer1.0-plugins-base-apps - 1.16.2-4ubuntu0.1 No subscription required Medium CVE-2021-3522 Ubuntu 20.04 LTS Etienne Champetier discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount the host filesystem into the container and escalate privileges. Update Instructions: Run `sudo pro fix USN-4960-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-opencontainers-runc-dev - 1.0.0~rc93-0ubuntu1~20.04.2 runc - 1.0.0~rc93-0ubuntu1~20.04.2 No subscription required High CVE-2021-30465 Ubuntu 20.04 LTS It was discovered that pip incorrectly handled unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. Update Instructions: Run `sudo pro fix USN-4961-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pip-whl - 20.0.2-5ubuntu1.5 python3-pip - 20.0.2-5ubuntu1.5 No subscription required None https://launchpad.net/bugs/1926957 Ubuntu 20.04 LTS It was discovered that Babel incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4962-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-babel-localedata - 2.6.0+dfsg.1-1ubuntu2.2 python-babel-doc - 2.6.0+dfsg.1-1ubuntu2.2 python-babel - 2.6.0+dfsg.1-1ubuntu2.2 python3-babel - 2.6.0+dfsg.1-1ubuntu2.2 No subscription required None Ubuntu 20.04 LTS It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash or hand, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4963-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.4 python-pil-doc - 7.0.0-4ubuntu0.4 python3-pil - 7.0.0-4ubuntu0.4 No subscription required Medium CVE-2021-25287 CVE-2021-25288 CVE-2021-28675 CVE-2021-28676 CVE-2021-28677 CVE-2021-28678 Ubuntu 20.04 LTS It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04. (CVE-2021-29463) It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04. (CVE-2021-29464) It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-29473, CVE-2021-32617) It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04. (CVE-2021-29623) Update Instructions: Run `sudo pro fix USN-4964-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exiv2 - 0.27.2-8ubuntu2.4 libexiv2-27 - 0.27.2-8ubuntu2.4 libexiv2-doc - 0.27.2-8ubuntu2.4 libexiv2-dev - 0.27.2-8ubuntu2.4 No subscription required Medium CVE-2021-29463 CVE-2021-29464 CVE-2021-29473 CVE-2021-29623 CVE-2021-32617 Ubuntu 20.04 LTS Maik Münch discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use these issues to read and write arbitrary files as an administrator, and possibly escalate privileges. Update Instructions: Run `sudo pro fix USN-4965-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.18 apport-kde - 2.20.11-0ubuntu27.18 apport-retrace - 2.20.11-0ubuntu27.18 apport-valgrind - 2.20.11-0ubuntu27.18 python3-apport - 2.20.11-0ubuntu27.18 dh-apport - 2.20.11-0ubuntu27.18 apport-gtk - 2.20.11-0ubuntu27.18 apport - 2.20.11-0ubuntu27.18 apport-noui - 2.20.11-0ubuntu27.18 No subscription required Medium CVE-2021-32547 CVE-2021-32548 CVE-2021-32549 CVE-2021-32550 CVE-2021-32551 CVE-2021-32552 CVE-2021-32553 CVE-2021-32554 CVE-2021-32555 CVE-2021-32556 CVE-2021-32557 Ubuntu 20.04 LTS It was discovered that libx11 incorrectly validated certain parameter lengths. A remote attacker could possibly use this issue to trick libx11 into emitting extra X protocol requests. Update Instructions: Run `sudo pro fix USN-4966-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libx11-6 - 2:1.6.9-2ubuntu1.2 libx11-data - 2:1.6.9-2ubuntu1.2 libx11-xcb-dev - 2:1.6.9-2ubuntu1.2 libx11-xcb1 - 2:1.6.9-2ubuntu1.2 libx11-doc - 2:1.6.9-2ubuntu1.2 libx11-6-udeb - 2:1.6.9-2ubuntu1.2 libx11-dev - 2:1.6.9-2ubuntu1.2 No subscription required Medium CVE-2021-31535 Ubuntu 20.04 LTS Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx incorrectly handled responses to the DNS resolver. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4967-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnginx-mod-stream - 1.18.0-0ubuntu1.2 libnginx-mod-http-subs-filter - 1.18.0-0ubuntu1.2 nginx-doc - 1.18.0-0ubuntu1.2 libnginx-mod-mail - 1.18.0-0ubuntu1.2 libnginx-mod-http-image-filter - 1.18.0-0ubuntu1.2 libnginx-mod-http-echo - 1.18.0-0ubuntu1.2 libnginx-mod-rtmp - 1.18.0-0ubuntu1.2 libnginx-mod-nchan - 1.18.0-0ubuntu1.2 nginx-common - 1.18.0-0ubuntu1.2 libnginx-mod-http-fancyindex - 1.18.0-0ubuntu1.2 libnginx-mod-http-auth-pam - 1.18.0-0ubuntu1.2 nginx-light - 1.18.0-0ubuntu1.2 libnginx-mod-http-headers-more-filter - 1.18.0-0ubuntu1.2 nginx-extras - 1.18.0-0ubuntu1.2 libnginx-mod-http-upstream-fair - 1.18.0-0ubuntu1.2 libnginx-mod-http-xslt-filter - 1.18.0-0ubuntu1.2 libnginx-mod-http-lua - 1.18.0-0ubuntu1.2 libnginx-mod-http-perl - 1.18.0-0ubuntu1.2 nginx-core - 1.18.0-0ubuntu1.2 libnginx-mod-http-dav-ext - 1.18.0-0ubuntu1.2 nginx - 1.18.0-0ubuntu1.2 libnginx-mod-http-ndk - 1.18.0-0ubuntu1.2 libnginx-mod-http-uploadprogress - 1.18.0-0ubuntu1.2 libnginx-mod-http-cache-purge - 1.18.0-0ubuntu1.2 nginx-full - 1.18.0-0ubuntu1.2 libnginx-mod-http-geoip2 - 1.18.0-0ubuntu1.2 libnginx-mod-http-geoip - 1.18.0-0ubuntu1.2 No subscription required Medium CVE-2021-23017 Ubuntu 20.04 LTS It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a specially- crafted LZ4 file, a remote attacker could use this issue to cause LZ4 to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4968-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblz4-tool - 1.9.2-2ubuntu0.20.04.1 lz4 - 1.9.2-2ubuntu0.20.04.1 liblz4-dev - 1.9.2-2ubuntu0.20.04.1 liblz4-1 - 1.9.2-2ubuntu0.20.04.1 No subscription required Medium CVE-2021-3520 Ubuntu 20.04 LTS Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue to cause DHCP to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4969-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: isc-dhcp-relay - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-client-ddns - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-dev - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-client - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-common - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-server - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-client-udeb - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-server-ldap - 4.4.1-2.1ubuntu5.20.04.2 No subscription required Medium CVE-2021-25217 Ubuntu 20.04 LTS It was discovered that GUPnP incorrectly filtered local requests. If a user were tricked into visiting a malicious website, a remote attacker could possibly use this issue to perform actions against local UPnP services such as obtaining or altering sensitive information. Update Instructions: Run `sudo pro fix USN-4970-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gupnp-1.2 - 1.2.3-0ubuntu0.20.04.2 libgupnp-doc - 1.2.3-0ubuntu0.20.04.2 libgupnp-1.2-dev - 1.2.3-0ubuntu0.20.04.2 libgupnp-1.2-0 - 1.2.3-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-33516 Ubuntu 20.04 LTS It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4971-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: webp - 0.6.1-2ubuntu0.20.04.1 libwebp6 - 0.6.1-2ubuntu0.20.04.1 libwebpmux3 - 0.6.1-2ubuntu0.20.04.1 libwebp-dev - 0.6.1-2ubuntu0.20.04.1 libwebpdemux2 - 0.6.1-2ubuntu0.20.04.1 No subscription required Medium CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012 CVE-2018-25013 CVE-2018-25014 CVE-2020-36328 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 CVE-2020-36332 Ubuntu 20.04 LTS Tom Lane discovered that PostgreSQL incorrect handled certain array subscripting calculations. An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges. (CVE-2021-32027) Andres Freund discovered that PostgreSQL incorrect handled certain INSERT ... ON CONFLICT ... DO UPDATE commands. A remote attacker could possibly use this issue to read server memory and obtain sensitive information. (CVE-2021-32028) Tom Lane discovered that PostgreSQL incorrect handled certain UPDATE ... RETURNING commands. A remote attacker could possibly use this issue to read server memory and obtain sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-32029) Update Instructions: Run `sudo pro fix USN-4972-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.7-0ubuntu0.20.04.1 libecpg-dev - 12.7-0ubuntu0.20.04.1 libecpg6 - 12.7-0ubuntu0.20.04.1 libpq-dev - 12.7-0ubuntu0.20.04.1 libpgtypes3 - 12.7-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.7-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.7-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.7-0ubuntu0.20.04.1 libpq5 - 12.7-0ubuntu0.20.04.1 postgresql-doc-12 - 12.7-0ubuntu0.20.04.1 postgresql-12 - 12.7-0ubuntu0.20.04.1 postgresql-client-12 - 12.7-0ubuntu0.20.04.1 libecpg-compat3 - 12.7-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-32027 CVE-2021-32028 CVE-2021-32029 Ubuntu 20.04 LTS It was discovered that the Python stdlib ipaddress API incorrectly handled octal strings. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions. Update Instructions: Run `sudo pro fix USN-4973-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.5-1~20.04.3 python3.8-examples - 3.8.5-1~20.04.3 python3.8-dev - 3.8.5-1~20.04.3 libpython3.8-minimal - 3.8.5-1~20.04.3 libpython3.8-dev - 3.8.5-1~20.04.3 python3.8-venv - 3.8.5-1~20.04.3 libpython3.8 - 3.8.5-1~20.04.3 idle-python3.8 - 3.8.5-1~20.04.3 libpython3.8-testsuite - 3.8.5-1~20.04.3 libpython3.8-stdlib - 3.8.5-1~20.04.3 python3.8 - 3.8.5-1~20.04.3 python3.8-doc - 3.8.5-1~20.04.3 No subscription required Medium CVE-2021-29921 Ubuntu 20.04 LTS USN-4973-1 fixed this vulnerability previously, but it was re-introduced in python3.8 in focal because of the SRU in LP: #1928057. This update fixes the problem. Original advisory details: It was discovered that the Python stdlib ipaddress API incorrectly handled octal strings. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions. Update Instructions: Run `sudo pro fix USN-4973-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.10-0ubuntu1~20.04.1 python3.8-full - 3.8.10-0ubuntu1~20.04.1 python3.8-examples - 3.8.10-0ubuntu1~20.04.1 python3.8-dev - 3.8.10-0ubuntu1~20.04.1 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.1 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.1 python3.8-venv - 3.8.10-0ubuntu1~20.04.1 libpython3.8 - 3.8.10-0ubuntu1~20.04.1 idle-python3.8 - 3.8.10-0ubuntu1~20.04.1 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.1 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.1 python3.8 - 3.8.10-0ubuntu1~20.04.1 python3.8-doc - 3.8.10-0ubuntu1~20.04.1 No subscription required Medium CVE-2021-29921 https://launchpad.net/bugs/1945240 Ubuntu 20.04 LTS It was discovered that Lasso did not properly verify that all assertions in a SAML response were properly signed. An attacker could possibly use this to impersonate users or otherwise bypass access controls. Update Instructions: Run `sudo pro fix USN-4974-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblasso-perl - 2.6.0-7ubuntu1.2 liblasso3 - 2.6.0-7ubuntu1.2 python3-lasso - 2.6.0-7ubuntu1.2 liblasso3-dev - 2.6.0-7ubuntu1.2 No subscription required Medium CVE-2021-28091 Ubuntu 20.04 LTS It was discovered that the Django URLValidator function incorrectly handled newlines and tabs. A remote attacker could possibly use this issue to perform a header injection attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-32052) Rasmus Lerchedahl Petersen and Rasmus Wriedt Larsen discovered that Django incorrectly handled path sanitation in admindocs. A remote attacker could possibly use this issue to determine the existence of arbitrary files and in certain configurations obtain their contents. (CVE-2021-33203) It was discovered that Django incorrectly handled IPv4 addresses with leading zeros. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions. (CVE-2021-33571) Update Instructions: Run `sudo pro fix USN-4975-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.7 python-django-doc - 2:2.2.12-1ubuntu0.7 No subscription required Medium CVE-2021-32052 CVE-2021-33203 CVE-2021-33571 Ubuntu 20.04 LTS Petr Mensik discovered that Dnsmasq incorrectly randomized source ports in certain configurations. A remote attacker could possibly use this issue to facilitate DNS cache poisoning attacks. Update Instructions: Run `sudo pro fix USN-4976-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsmasq - 2.80-1.1ubuntu1.4 dnsmasq-base-lua - 2.80-1.1ubuntu1.4 dnsmasq-utils - 2.80-1.1ubuntu1.4 dnsmasq-base - 2.80-1.1ubuntu1.4 No subscription required Low CVE-2021-3448 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, re-enable camera devices without an additional permission prompt, spoof the browser UI, or execute arbitrary code. (CVE-2021-29959, CVE-2021-29961, CVE-2021-29966, CVE-2021-29967) It was discovered that filenames printed from private browsing mode were incorrectly retained in preferences. A local attacker could potentially exploit this to obtain sensitive information. (CVE-2021-29960) Update Instructions: Run `sudo pro fix USN-4978-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-nn - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ne - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-nb - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-fa - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-fi - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-fr - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-fy - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-or - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-kab - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-oc - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-cs - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ga - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-gd - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-gn - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-gl - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-gu - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-pa - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-pl - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-cy - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-pt - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-szl - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-hi - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-uk - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-he - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-hy - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-hr - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-hu - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-as - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ar - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ia - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-az - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-id - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-mai - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-af - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-is - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-it - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-an - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-bs - 89.0+build2-0ubuntu0.20.04.2 firefox - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ro - 89.0+build2-0ubuntu0.20.04.2 firefox-geckodriver - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ja - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ru - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-br - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-zh-hant - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-zh-hans - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-bn - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-be - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-bg - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-sl - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-sk - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-si - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-sw - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-sv - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-sr - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-sq - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ko - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-kn - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-km - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-kk - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ka - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-xh - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ca - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ku - 89.0+build2-0ubuntu0.20.04.2 firefox-mozsymbols - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-lv - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-lt - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-th - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-hsb - 89.0+build2-0ubuntu0.20.04.2 firefox-dev - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-te - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-cak - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ta - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-lg - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-tr - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-nso - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-de - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-da - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ms - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-mr - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-my - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-uz - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ml - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-mn - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-mk - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ur - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-vi - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-eu - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-et - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-es - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-csb - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-el - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-eo - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-en - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-zu - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ast - 89.0+build2-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-29959 CVE-2021-29960 CVE-2021-29961 CVE-2021-29966 CVE-2021-29967 Ubuntu 20.04 LTS Kevin Backhouse discovered that polkit incorrectly handled errors in the polkit_system_bus_name_get_creds_sync function. A local attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-4980-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: policykit-1-doc - 0.105-26ubuntu1.1 libpolkit-gobject-1-dev - 0.105-26ubuntu1.1 libpolkit-agent-1-0 - 0.105-26ubuntu1.1 libpolkit-agent-1-dev - 0.105-26ubuntu1.1 policykit-1 - 0.105-26ubuntu1.1 gir1.2-polkit-1.0 - 0.105-26ubuntu1.1 libpolkit-gobject-1-0 - 0.105-26ubuntu1.1 No subscription required High CVE-2021-3560 Ubuntu 20.04 LTS Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cause Squid to consume resources, leading to a denial of service. (CVE-2021-28651) Joshua Rogers discovered that Squid incorrectly handled requests to the Cache Manager API. A remote attacker with access privileges could possibly use this issue to cause Squid to consume resources, leading to a denial of service. This issue was only addressed in Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-28652) Joshua Rogers discovered that Squid incorrectly handled certain response headers. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue was only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-28662) Joshua Rogers discovered that Squid incorrectly handled range request processing. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2021-31806, CVE-2021-31807, CVE-2021-31808) Joshua Rogers discovered that Squid incorrectly handled certain HTTP responses. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2021-33620) Update Instructions: Run `sudo pro fix USN-4981-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.4 squidclient - 4.10-1ubuntu1.4 squid-purge - 4.10-1ubuntu1.4 squid - 4.10-1ubuntu1.4 squid-cgi - 4.10-1ubuntu1.4 No subscription required Medium CVE-2021-28651 CVE-2021-28652 CVE-2021-28662 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-33620 Ubuntu 20.04 LTS Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25670) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-25671, CVE-2020-25672) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly handle error conditions in some situations, leading to an infinite loop. A local attacker could use this to cause a denial of service. (CVE-2020-25673) It was discovered that the Xen paravirtualization backend in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-28688) It was discovered that the fuse user space file system implementation in the Linux kernel did not properly handle bad inodes in some situations. A local attacker could possibly use this to cause a denial of service. (CVE-2021-28950) Zygo Blaxell discovered that the btrfs file system implementation in the Linux kernel contained a race condition during certain cloning operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-28964) Vince Weaver discovered that the perf subsystem in the Linux kernel did not properly handle certain PEBS records properly for some Intel Haswell processors. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-28971) It was discovered that the RPA PCI Hotplug driver implementation in the Linux kernel did not properly handle device name writes via sysfs, leading to a buffer overflow. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-28972) It was discovered that the Freescale Gianfar Ethernet driver for the Linux kernel did not properly handle receive queue overrun when jumbo frames were enabled in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29264) It was discovered that the Qualcomm IPC router implementation in the Linux kernel did not properly initialize memory passed to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-29647) Dan Carpenter discovered that the block device manager (dm) implementation in the Linux kernel contained a buffer overflow in the ioctl for listing devices. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2021-31916) 马哲宇 discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3483) Update Instructions: Run `sudo pro fix USN-4982-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1016-gkeop - 5.4.0-1016.17 No subscription required linux-image-5.4.0-1036-raspi - 5.4.0-1036.39 No subscription required linux-image-5.4.0-1040-kvm - 5.4.0-1040.41 No subscription required linux-image-5.4.0-1044-gke - 5.4.0-1044.46 No subscription required linux-image-5.4.0-1044-gcp - 5.4.0-1044.47 No subscription required linux-image-5.4.0-1046-oracle - 5.4.0-1046.50 No subscription required linux-image-5.4.0-1048-azure - 5.4.0-1048.50 No subscription required linux-image-5.4.0-1049-aws - 5.4.0-1049.51 No subscription required linux-image-5.4.0-74-lowlatency - 5.4.0-74.83 linux-image-5.4.0-74-generic-lpae - 5.4.0-74.83 linux-image-5.4.0-74-generic - 5.4.0-74.83 No subscription required linux-image-gkeop-5.4 - 5.4.0.1016.19 linux-image-gkeop - 5.4.0.1016.19 No subscription required linux-image-raspi - 5.4.0.1036.71 linux-image-raspi2 - 5.4.0.1036.71 linux-image-raspi-hwe-18.04-edge - 5.4.0.1036.71 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1036.71 linux-image-raspi-hwe-18.04 - 5.4.0.1036.71 linux-image-raspi2-hwe-18.04 - 5.4.0.1036.71 No subscription required linux-image-kvm - 5.4.0.1040.38 No subscription required linux-image-gke - 5.4.0.1044.53 linux-image-gke-5.4 - 5.4.0.1044.53 linux-image-gcp - 5.4.0.1044.53 No subscription required linux-image-oracle - 5.4.0.1046.45 No subscription required linux-image-azure - 5.4.0.1048.46 No subscription required linux-image-aws - 5.4.0.1049.50 No subscription required linux-image-oem-osp1 - 5.4.0.74.77 linux-image-generic-hwe-18.04 - 5.4.0.74.77 linux-image-generic-lpae-hwe-18.04 - 5.4.0.74.77 linux-image-virtual - 5.4.0.74.77 linux-image-lowlatency-hwe-18.04 - 5.4.0.74.77 linux-image-generic - 5.4.0.74.77 linux-image-virtual-hwe-18.04 - 5.4.0.74.77 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.74.77 linux-image-oem - 5.4.0.74.77 linux-image-generic-hwe-18.04-edge - 5.4.0.74.77 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.74.77 linux-image-generic-lpae - 5.4.0.74.77 linux-image-lowlatency - 5.4.0.74.77 linux-image-virtual-hwe-18.04-edge - 5.4.0.74.77 No subscription required Medium CVE-2020-25670 CVE-2020-25671 CVE-2020-25672 CVE-2020-25673 CVE-2021-28688 CVE-2021-28950 CVE-2021-28964 CVE-2021-28971 CVE-2021-28972 CVE-2021-29264 CVE-2021-29647 CVE-2021-31916 CVE-2021-3483 Ubuntu 20.04 LTS Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33200) Piotr Krysiuk and Benedict Schlueter discovered that the eBPF implementation in the Linux kernel performed out of bounds speculation on pointer arithmetic. A local attacker could use this to expose sensitive information. (CVE-2021-29155) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly prevent speculative loads in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-31829) Reiji Watanabe discovered that the KVM VMX implementation in the Linux kernel did not properly prevent user space from tampering with an array index value, leading to a potential out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3501) Update Instructions: Run `sudo pro fix USN-4983-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1029-oem - 5.10.0-1029.30 No subscription required linux-image-oem-20.04b - 5.10.0.1029.30 linux-image-oem-20.04 - 5.10.0.1029.30 linux-image-oem-20.04-edge - 5.10.0.1029.30 No subscription required High CVE-2021-29155 CVE-2021-31829 CVE-2021-33200 CVE-2021-3501 Ubuntu 20.04 LTS Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-28038) It was discovered that the Realtek RTL8188EU Wireless device driver in the Linux kernel did not properly validate ssid lengths in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-28660) It was discovered that the Xen paravirtualization backend in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-28688) It was discovered that the fuse user space file system implementation in the Linux kernel did not properly handle bad inodes in some situations. A local attacker could possibly use this to cause a denial of service. (CVE-2021-28950) John Stultz discovered that the audio driver for Qualcomm SDM845 systems in the Linux kernel did not properly validate port ID numbers. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-28952) Zygo Blaxell discovered that the btrfs file system implementation in the Linux kernel contained a race condition during certain cloning operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-28964) Vince Weaver discovered that the perf subsystem in the Linux kernel did not properly handle certain PEBS records properly for some Intel Haswell processors. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-28971) It was discovered that the RPA PCI Hotplug driver implementation in the Linux kernel did not properly handle device name writes via sysfs, leading to a buffer overflow. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-28972) It was discovered that the Qualcomm IPC router implementation in the Linux kernel did not properly initialize memory passed to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-29647) Arnd Bergmann discovered that the video4linux subsystem in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-30002) Dan Carpenter discovered that the block device manager (dm) implementation in the Linux kernel contained a buffer overflow in the ioctl for listing devices. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2021-31916) It was discovered that the CIPSO implementation in the Linux kernel did not properly perform reference counting in some situations, leading to use- after-free vulnerabilities. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33033) 马哲宇 discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3483) Update Instructions: Run `sudo pro fix USN-4984-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-55-generic - 5.8.0-55.62~20.04.1 linux-image-5.8.0-55-generic-64k - 5.8.0-55.62~20.04.1 linux-image-5.8.0-55-generic-lpae - 5.8.0-55.62~20.04.1 linux-image-5.8.0-55-lowlatency - 5.8.0-55.62~20.04.1 No subscription required linux-image-virtual-hwe-20.04-edge - 5.8.0.55.62~20.04.39 linux-image-virtual-hwe-20.04 - 5.8.0.55.62~20.04.39 linux-image-generic-hwe-20.04-edge - 5.8.0.55.62~20.04.39 linux-image-generic-lpae-hwe-20.04 - 5.8.0.55.62~20.04.39 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.55.62~20.04.39 linux-image-generic-64k-hwe-20.04 - 5.8.0.55.62~20.04.39 linux-image-generic-64k-hwe-20.04-edge - 5.8.0.55.62~20.04.39 linux-image-generic-hwe-20.04 - 5.8.0.55.62~20.04.39 linux-image-lowlatency-hwe-20.04 - 5.8.0.55.62~20.04.39 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.55.62~20.04.39 No subscription required Medium CVE-2021-28038 CVE-2021-28660 CVE-2021-28688 CVE-2021-28950 CVE-2021-28952 CVE-2021-28964 CVE-2021-28971 CVE-2021-28972 CVE-2021-29647 CVE-2021-30002 CVE-2021-31916 CVE-2021-33033 CVE-2021-3483 Ubuntu 20.04 LTS It was discovered that some Intel processors may not properly invalidate cache entries used by Intel Virtualization Technology for Directed I/O (VT-d). This may allow a local user to perform a privilege escalation attack. (CVE-2020-24489) Joseph Nuzman discovered that some Intel processors may not properly apply EIBRS mitigations (originally developed for CVE-2017-5715) and hence may allow unauthorized memory reads via sidechannel attacks. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2020-24511) Travis Downs discovered that some Intel processors did not properly flush cache-lines for trivial-data values. This may allow an unauthorized user to infer the presence of these trivial-data-cache-lines via timing sidechannel attacks. A local attacker could use this to expose sensitive information. (CVE-2020-24512) It was discovered that certain Intel Atom processors could expose memory contents stored in microarchitectural buffers. A local attacker could use this to expose sensitive information. (CVE-2020-24513) Update Instructions: Run `sudo pro fix USN-4985-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20210608.0ubuntu0.20.04.1 No subscription required High CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 CVE-2020-24489 Ubuntu 20.04 LTS It was discovered that ExifTool did not properly sanitize user data for the DjVu file format. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4987-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libimage-exiftool-perl - 11.88-1ubuntu0.1 No subscription required High CVE-2021-22204 Ubuntu 20.04 LTS It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. Update Instructions: Run `sudo pro fix USN-4988-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 No subscription required Medium CVE-2017-14528 CVE-2020-19667 CVE-2020-25665 CVE-2020-25666 CVE-2020-25674 CVE-2020-25675 CVE-2020-25676 CVE-2020-27750 CVE-2020-27751 CVE-2020-27753 CVE-2020-27754 CVE-2020-27755 CVE-2020-27756 CVE-2020-27757 CVE-2020-27758 CVE-2020-27759 CVE-2020-27760 CVE-2020-27761 CVE-2020-27762 CVE-2020-27763 CVE-2020-27764 CVE-2020-27765 CVE-2020-27766 CVE-2020-27767 CVE-2020-27768 CVE-2020-27769 CVE-2020-27770 CVE-2020-27771 CVE-2020-27772 CVE-2020-27773 CVE-2020-27774 CVE-2020-27775 CVE-2020-27776 CVE-2021-20176 Ubuntu 20.04 LTS It was discovered that BlueZ incorrectly checked certain permissions when pairing. A local attacker could possibly use this issue to impersonate devices. (CVE-2020-26558) Jay LV discovered that BlueZ incorrectly handled redundant disconnect MGMT events. A local attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-27153) Ziming Zhang discovered that BlueZ incorrectly handled certain array indexes. A local attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-3588) Update Instructions: Run `sudo pro fix USN-4989-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbluetooth3 - 5.53-0ubuntu3.2 bluez-tests - 5.53-0ubuntu3.2 bluez-obexd - 5.53-0ubuntu3.2 bluetooth - 5.53-0ubuntu3.2 bluez - 5.53-0ubuntu3.2 bluez-hcidump - 5.53-0ubuntu3.2 bluez-cups - 5.53-0ubuntu3.2 libbluetooth-dev - 5.53-0ubuntu3.2 No subscription required Medium CVE-2020-26558 CVE-2020-27153 CVE-2021-3588 Ubuntu 20.04 LTS It was discovered that Nettle incorrectly handled RSA decryption. A remote attacker could possibly use this issue to cause Nettle to crash, resulting in a denial of service. (CVE-2021-3580) It was discovered that Nettle incorrectly handled certain padding oracles. A remote attacker could possibly use this issue to perform a variant of the Bleichenbacher attack. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-16869) Update Instructions: Run `sudo pro fix USN-4990-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnettle7 - 3.5.1+really3.5.1-2ubuntu0.2 nettle-bin - 3.5.1+really3.5.1-2ubuntu0.2 libhogweed5 - 3.5.1+really3.5.1-2ubuntu0.2 nettle-dev - 3.5.1+really3.5.1-2ubuntu0.2 No subscription required Medium CVE-2018-16869 CVE-2021-3580 Ubuntu 20.04 LTS Yunho Kim discovered that libxml2 incorrectly handled certain error conditions. A remote attacker could exploit this with a crafted XML file to cause a denial of service, or possibly cause libxml2 to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. (CVE-2017-8872) Zhipeng Xie discovered that libxml2 incorrectly handled certain XML schemas. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2019-20388) It was discovered that libxml2 incorrectly handled invalid UTF-8 input. A remote attacker could possibly exploit this with a crafted XML file to cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2020-24977) It was discovered that libxml2 incorrectly handled invalid UTF-8 input. A remote attacker could possibly exploit this with a crafted XML file to cause libxml2 to crash, resulting in a denial of service. (CVE-2021-3517) It was discovered that libxml2 did not properly handle certain crafted XML files. A local attacker could exploit this with a crafted input to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3516, CVE-2021-3518) It was discovered that libxml2 incorrectly handled error states. A remote attacker could exploit this with a crafted XML file to cause libxml2 to crash, resulting in a denial of service. (CVE-2021-3537) Sebastian Pipping discovered that libxml2 did not properly handle certain crafted XML files. A remote attacker could exploit this with a crafted XML file to cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-3541) Update Instructions: Run `sudo pro fix USN-4991-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.1 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.1 libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.1 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.1 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.1 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.1 No subscription required Medium CVE-2017-8872 CVE-2019-20388 CVE-2020-24977 CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3537 CVE-2021-3541 Ubuntu 20.04 LTS Máté Kukri discovered that the acpi command in GRUB 2 allowed privileged users to load crafted ACPI tables when secure boot is enabled. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-14372) Chris Coulson discovered that the rmmod command in GRUB 2 contained a use- after-free vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-25632) Chris Coulson discovered that a buffer overflow existed in the command line parser in GRUB 2. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-27749) It was discovered that the cutmem command in GRUB 2 did not honor secure boot locking. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-27779) It was discovered that the option parser in GRUB 2 contained a heap overflow vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2021-20225) It was discovered that the menu rendering implementation in GRUB 2 did not properly calculate the amount of memory needed in some situations, leading to out-of-bounds writes. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2021-20233) Update Instructions: Run `sudo pro fix USN-4992-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: grub-efi-arm64-signed - 1.167.2+2.04-1ubuntu44.2 grub-efi-amd64-signed - 1.167.2+2.04-1ubuntu44.2 No subscription required grub-efi-arm64-bin - 2.04-1ubuntu44.2 grub-efi-amd64 - 2.04-1ubuntu44.2 grub-efi-amd64-bin - 2.04-1ubuntu44.2 grub-efi-arm64 - 2.04-1ubuntu44.2 No subscription required Medium CVE-2020-14372 CVE-2020-25632 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass2021 Ubuntu 20.04 LTS Kirin discovered that Dovecot incorrectly escaped kid and azp fields in JWT tokens. A local attacker could possibly use this issue to validate tokens using arbitrary keys. This issue only affected Ubuntu 20.10 and Ubuntu 21.04. (CVE-2021-29157) Fabian Ising and Damian Poddebniak discovered that Dovecot incorrectly handled STARTTLS when using the SMTP submission service. A remote attacker could possibly use this issue to inject plaintext commands before STARTTLS negotiation. (CVE-2021-33515) Update Instructions: Run `sudo pro fix USN-4993-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dovecot-auth-lua - 1:2.3.7.2-1ubuntu3.4 dovecot-pgsql - 1:2.3.7.2-1ubuntu3.4 dovecot-mysql - 1:2.3.7.2-1ubuntu3.4 dovecot-core - 1:2.3.7.2-1ubuntu3.4 dovecot-sieve - 1:2.3.7.2-1ubuntu3.4 dovecot-ldap - 1:2.3.7.2-1ubuntu3.4 dovecot-sqlite - 1:2.3.7.2-1ubuntu3.4 dovecot-dev - 1:2.3.7.2-1ubuntu3.4 dovecot-pop3d - 1:2.3.7.2-1ubuntu3.4 dovecot-imapd - 1:2.3.7.2-1ubuntu3.4 dovecot-managesieved - 1:2.3.7.2-1ubuntu3.4 dovecot-lucene - 1:2.3.7.2-1ubuntu3.4 mail-stack-delivery - 1:2.3.7.2-1ubuntu3.4 dovecot-gssapi - 1:2.3.7.2-1ubuntu3.4 dovecot-lmtpd - 1:2.3.7.2-1ubuntu3.4 dovecot-submissiond - 1:2.3.7.2-1ubuntu3.4 dovecot-solr - 1:2.3.7.2-1ubuntu3.4 No subscription required Medium CVE-2021-29157 CVE-2021-33515 Ubuntu 20.04 LTS Marc Stern discovered that the Apache mod_proxy_http module incorrectly handled certain requests. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2020-13950) Antonio Morales discovered that the Apache mod_auth_digest module incorrectly handled certain Digest nonces. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. (CVE-2020-35452) Antonio Morales discovered that the Apache mod_session module incorrectly handled certain Cookie headers. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. (CVE-2021-26690) Christophe Jaillet discovered that the Apache mod_session module incorrectly handled certain SessionHeader values. A remote attacker could use this issue to cause Apache to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-26691) Christoph Anton Mitterer discovered that the new MergeSlashes configuration option resulted in unexpected behaviour in certain situations. (CVE-2021-30641) Update Instructions: Run `sudo pro fix USN-4994-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.3 libapache2-mod-md - 2.4.41-4ubuntu3.3 apache2-utils - 2.4.41-4ubuntu3.3 apache2-dev - 2.4.41-4ubuntu3.3 apache2-suexec-pristine - 2.4.41-4ubuntu3.3 apache2-suexec-custom - 2.4.41-4ubuntu3.3 apache2 - 2.4.41-4ubuntu3.3 apache2-doc - 2.4.41-4ubuntu3.3 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.3 apache2-ssl-dev - 2.4.41-4ubuntu3.3 apache2-bin - 2.4.41-4ubuntu3.3 No subscription required Medium CVE-2020-13950 CVE-2020-35452 CVE-2021-26690 CVE-2021-26691 CVE-2021-30641 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass security restrictions, or execute arbitrary code. (CVE-2021-23961, CVE-2021-23981, CVE-2021-23982, CVE-2021-23987, CVE-2021-23994, CVE-2021-23998, CVE-2021-23999, CVE-2021-29945, CVE-2021-29946, CVE-2021-29967) It was discovered that extensions could open popup windows with control of the window title in some circumstances. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to spoof a website and trick the user into providing credentials. (CVE-2021-23984) Multiple security issues were discovered in Thunderbird's OpenPGP integration. If a user were tricked into importing a specially crafted key in some circumstances, an attacker could potentially exploit this to cause a denial of service (inability to send encrypted email) or confuse the user. (CVE-2021-23991, CVE-2021-23992, CVE-2021-23993) A use-after-free was discovered when Responsive Design Mode was enabled. If a user were tricked into opening a specially crafted website with Responsive Design Mode enabled, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2021-23995) It was discovered that Thunderbird mishandled ftp URLs with encoded newline characters. If a user were tricked into clicking on a specially crafted link, an attacker could potentially exploit this to send arbitrary FTP commands. (CVE-2021-24002) It was discovered that Thunderbird wrote signatures to disk and read them back during verification. A local attacker could potentially exploit this to replace the data with another signature file. (CVE-2021-29948) It was discovered that Thunderbird might load an alternative OTR library. If a user were tricked into copying a specially crafted library to one of Thunderbird's search paths, an attacker could potentially exploit this to execute arbitrary code. (CVE-2021-29949) It was discovered that secret keys imported into Thunderbird were stored unencrypted. A local attacker could potentially exploit this to obtain private keys. (CVE-2021-29956) It was discovered that Thunderbird did not indicate when an inline signed or encrypted message contained additional unprotected parts. (CVE-2021-29957) Update Instructions: Run `sudo pro fix USN-4995-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-br - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bn - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-be - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bg - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ja - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sl - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sk - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-si - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-gnome-support - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sv - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sr - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sq - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hsb - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cy - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cs - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ca - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt-br - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pa - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ka - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ko - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-kk - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-kab - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pl - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-tw - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nn-no - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nb-no - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bn-bd - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-lt - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en-gb - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-uz - 1:78.11.0+build1-0ubuntu0.20.04.2 xul-ext-calendar-timezones - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-de - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-da - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-uk - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-dev - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-el - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en-us - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-rm - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ms - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ro - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-eu - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-et - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-hant - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-hans - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ru - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-mk - 1:78.11.0+build1-0ubuntu0.20.04.2 xul-ext-gdata-provider - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fr - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-es-es - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ta-lk - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fy - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fa - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fi - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ast - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nl - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nn - 1:78.11.0+build1-0ubuntu0.20.04.2 xul-ext-lightning - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ga-ie - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fy-nl - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nb - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-mozsymbols - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-cn - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-gl - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ga - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-tr - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-gd - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-th - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ta - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-dsb - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-it - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hy - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sv-se - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hr - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hu - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pa-in - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-he - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ar - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-af - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt-pt - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cak - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-is - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-vi - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-es - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-id - 1:78.11.0+build1-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-23961 CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 CVE-2021-23991 CVE-2021-23992 CVE-2021-23993 CVE-2021-23994 CVE-2021-23995 CVE-2021-23998 CVE-2021-23999 CVE-2021-24002 CVE-2021-29945 CVE-2021-29946 CVE-2021-29948 CVE-2021-29949 CVE-2021-29956 CVE-2021-29957 CVE-2021-29967 Ubuntu 20.04 LTS It was discovered that in some situations Ceph logged passwords from the mgr module in clear text. An attacker could use this to expose sensitive information. (CVE-2020-25678) Goutham Pacha Ravi, Jahson Babel, and John Garbutt discovered that user credentials in Ceph could be manipulated in certain environments. An attacker could use this to gain unintended access. (CVE-2020-27781) It was discovered that the Ceph dashboard was susceptible to a cross-site scripting attack. An attacker could use this to expose sensitive information or gain unintended access. (CVE-2020-27839) It was discovered that Ceph contained an authentication flaw, leading to key reuse. An attacker could use this to cause a denial of service or possibly impersonate another user. (CVE-2021-20288) Sergey Bobrov discovered that the Ceph dashboard was susceptible to a cross-site scripting attack. An attacker could use this to expose sensitive information or gain unintended access. (CVE-2021-3509) Sergey Bobrov discovered that Ceph's RadosGW (Ceph Object Gateway) allowed the injection of HTTP headers in responses to CORS requests. An attacker could use this to violate system integrity. (CVE-2021-3524) It was discovered that Ceph's RadosGW (Ceph Object Gateway) did not properly handle GET requests for swift URLs in some situations, leading to an application crash. An attacker could use this to cause a denial of service. (CVE-2021-3531) Update Instructions: Run `sudo pro fix USN-4998-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-rbd - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-modules-core - 15.2.12-0ubuntu0.20.04.1 ceph-mgr - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-cephadm - 15.2.12-0ubuntu0.20.04.1 ceph - 15.2.12-0ubuntu0.20.04.1 rbd-mirror - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-dashboard - 15.2.12-0ubuntu0.20.04.1 librbd-dev - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-rook - 15.2.12-0ubuntu0.20.04.1 rbd-fuse - 15.2.12-0ubuntu0.20.04.1 libradospp-dev - 15.2.12-0ubuntu0.20.04.1 librados-dev - 15.2.12-0ubuntu0.20.04.1 librbd1 - 15.2.12-0ubuntu0.20.04.1 python3-ceph - 15.2.12-0ubuntu0.20.04.1 cephadm - 15.2.12-0ubuntu0.20.04.1 libradosstriper-dev - 15.2.12-0ubuntu0.20.04.1 librados2 - 15.2.12-0ubuntu0.20.04.1 ceph-mon - 15.2.12-0ubuntu0.20.04.1 libcephfs2 - 15.2.12-0ubuntu0.20.04.1 ceph-immutable-object-cache - 15.2.12-0ubuntu0.20.04.1 librgw2 - 15.2.12-0ubuntu0.20.04.1 ceph-mds - 15.2.12-0ubuntu0.20.04.1 radosgw - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-diskprediction-local - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-diskprediction-cloud - 15.2.12-0ubuntu0.20.04.1 python3-rgw - 15.2.12-0ubuntu0.20.04.1 rbd-nbd - 15.2.12-0ubuntu0.20.04.1 libcephfs-dev - 15.2.12-0ubuntu0.20.04.1 rados-objclass-dev - 15.2.12-0ubuntu0.20.04.1 libradosstriper1 - 15.2.12-0ubuntu0.20.04.1 ceph-osd - 15.2.12-0ubuntu0.20.04.1 python3-ceph-argparse - 15.2.12-0ubuntu0.20.04.1 python3-ceph-common - 15.2.12-0ubuntu0.20.04.1 librgw-dev - 15.2.12-0ubuntu0.20.04.1 python3-rados - 15.2.12-0ubuntu0.20.04.1 ceph-base - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-k8sevents - 15.2.12-0ubuntu0.20.04.1 python3-cephfs - 15.2.12-0ubuntu0.20.04.1 ceph-fuse - 15.2.12-0ubuntu0.20.04.1 cephfs-shell - 15.2.12-0ubuntu0.20.04.1 ceph-common - 15.2.12-0ubuntu0.20.04.1 libcephfs-java - 15.2.12-0ubuntu0.20.04.1 ceph-resource-agents - 15.2.12-0ubuntu0.20.04.1 libcephfs-jni - 15.2.12-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-25678 CVE-2020-27781 CVE-2020-27839 CVE-2021-20288 CVE-2021-3509 CVE-2021-3524 CVE-2021-3531 Ubuntu 20.04 LTS Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33200) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in some situations. A physically proximate attacker could possibly use this issue to inject packets or expose sensitive information. (CVE-2020-24586) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled encrypted fragments. A physically proximate attacker could possibly use this issue to decrypt fragments. (CVE-2020-24587) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled certain malformed frames. If a user were tricked into connecting to a malicious server, a physically proximate attacker could use this issue to inject packets. (CVE-2020-24588) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25670) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-25671, CVE-2020-25672) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly handle error conditions in some situations, leading to an infinite loop. A local attacker could use this to cause a denial of service. (CVE-2020-25673) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled EAPOL frames from unauthenticated senders. A physically proximate attacker could inject malicious packets to cause a denial of service (system crash). (CVE-2020-26139) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. (CVE-2020-26141) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation accepted plaintext fragments in certain situations. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. (CVE-2020-26147) Or Cohen discovered that the SCTP implementation in the Linux kernel contained a race condition in some situations, leading to a use-after-free condition. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23133) Piotr Krysiuk and Benedict Schlueter discovered that the eBPF implementation in the Linux kernel performed out of bounds speculation on pointer arithmetic. A local attacker could use this to expose sensitive information. (CVE-2021-29155) Manfred Paul discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel contained an out-of-bounds vulnerability. A local attacker could use this issue to execute arbitrary code. (CVE-2021-31440) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly prevent speculative loads in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-31829) Update Instructions: Run `sudo pro fix USN-4999-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-1033-oracle - 5.8.0-1033.34~20.04.1 No subscription required linux-image-5.8.0-1035-gcp - 5.8.0-1035.37~20.04.1 No subscription required linux-image-5.8.0-1036-azure - 5.8.0-1036.38~20.04.1 No subscription required linux-image-5.8.0-1038-aws - 5.8.0-1038.40~20.04.1 No subscription required linux-image-5.8.0-59-lowlatency - 5.8.0-59.66~20.04.1 linux-image-5.8.0-59-generic - 5.8.0-59.66~20.04.1 linux-image-5.8.0-59-generic-64k - 5.8.0-59.66~20.04.1 linux-image-5.8.0-59-generic-lpae - 5.8.0-59.66~20.04.1 No subscription required linux-image-oracle-edge - 5.8.0.1033.34~20.04.9 linux-image-oracle - 5.8.0.1033.34~20.04.9 No subscription required linux-image-gcp - 5.8.0.1035.37~20.04.9 linux-image-gcp-edge - 5.8.0.1035.37~20.04.9 No subscription required linux-image-azure-edge - 5.8.0.1036.38~20.04.8 linux-image-azure - 5.8.0.1036.38~20.04.8 No subscription required linux-image-aws - 5.8.0.1038.40~20.04.11 No subscription required linux-image-virtual-hwe-20.04 - 5.8.0.59.66~20.04.42 linux-image-generic-lpae-hwe-20.04 - 5.8.0.59.66~20.04.42 linux-image-generic-64k-hwe-20.04 - 5.8.0.59.66~20.04.42 linux-image-lowlatency-hwe-20.04 - 5.8.0.59.66~20.04.42 linux-image-generic-hwe-20.04 - 5.8.0.59.66~20.04.42 No subscription required High CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-25670 CVE-2020-25671 CVE-2020-25672 CVE-2020-25673 CVE-2020-26139 CVE-2020-26141 CVE-2020-26145 CVE-2020-26147 CVE-2021-23133 CVE-2021-29155 CVE-2021-31440 CVE-2021-31829 CVE-2021-33200 CVE-2021-3609 Ubuntu 20.04 LTS Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33200) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in some situations. A physically proximate attacker could possibly use this issue to inject packets or expose sensitive information. (CVE-2020-24586) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled encrypted fragments. A physically proximate attacker could possibly use this issue to decrypt fragments. (CVE-2020-24587) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled certain malformed frames. If a user were tricked into connecting to a malicious server, a physically proximate attacker could use this issue to inject packets. (CVE-2020-24588) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled EAPOL frames from unauthenticated senders. A physically proximate attacker could inject malicious packets to cause a denial of service (system crash). (CVE-2020-26139) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. (CVE-2020-26141) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation accepted plaintext fragments in certain situations. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. (CVE-2020-26147) Or Cohen discovered that the SCTP implementation in the Linux kernel contained a race condition in some situations, leading to a use-after-free condition. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23133) Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23134) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly prevent speculative loads in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-31829) It was discovered that a race condition in the kernel Bluetooth subsystem could lead to use-after-free of slab objects. An attacker could use this issue to possibly execute arbitrary code. (CVE-2021-32399) It was discovered that a use-after-free existed in the Bluetooth HCI driver of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33034) It was discovered that an out-of-bounds (OOB) memory access flaw existed in the f2fs module of the Linux kernel. A local attacker could use this issue to cause a denial of service (system crash). (CVE-2021-3506) Update Instructions: Run `sudo pro fix USN-5000-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1018-gkeop - 5.4.0-1018.19 No subscription required linux-image-5.4.0-1038-raspi - 5.4.0-1038.41 No subscription required linux-image-5.4.0-1046-gke - 5.4.0-1046.48 No subscription required linux-image-5.4.0-1046-gcp - 5.4.0-1046.49 No subscription required linux-image-5.4.0-1048-oracle - 5.4.0-1048.52 No subscription required linux-image-5.4.0-1051-aws - 5.4.0-1051.53 linux-image-5.4.0-1051-azure - 5.4.0-1051.53 No subscription required linux-image-5.4.0-77-lowlatency - 5.4.0-77.86 linux-image-5.4.0-77-generic - 5.4.0-77.86 linux-image-5.4.0-77-generic-lpae - 5.4.0-77.86 No subscription required linux-image-gkeop-5.4 - 5.4.0.1018.21 linux-image-gkeop - 5.4.0.1018.21 No subscription required linux-image-raspi - 5.4.0.1038.73 linux-image-raspi2 - 5.4.0.1038.73 linux-image-raspi-hwe-18.04-edge - 5.4.0.1038.73 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1038.73 linux-image-raspi-hwe-18.04 - 5.4.0.1038.73 linux-image-raspi2-hwe-18.04 - 5.4.0.1038.73 No subscription required linux-image-gke - 5.4.0.1046.55 linux-image-gcp-lts-20.04 - 5.4.0.1046.55 linux-image-gke-5.4 - 5.4.0.1046.55 No subscription required linux-image-oracle-lts-20.04 - 5.4.0.1048.48 No subscription required linux-image-azure-lts-20.04 - 5.4.0.1051.49 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1051.53 No subscription required linux-image-virtual-hwe-18.04-edge - 5.4.0.77.80 linux-image-oem-osp1 - 5.4.0.77.80 linux-image-generic-hwe-18.04 - 5.4.0.77.80 linux-image-generic-lpae-hwe-18.04 - 5.4.0.77.80 linux-image-virtual - 5.4.0.77.80 linux-image-lowlatency-hwe-18.04 - 5.4.0.77.80 linux-image-generic - 5.4.0.77.80 linux-image-virtual-hwe-18.04 - 5.4.0.77.80 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.77.80 linux-image-oem - 5.4.0.77.80 linux-image-generic-hwe-18.04-edge - 5.4.0.77.80 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.77.80 linux-image-generic-lpae - 5.4.0.77.80 linux-image-lowlatency - 5.4.0.77.80 No subscription required High CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26141 CVE-2020-26145 CVE-2020-26147 CVE-2021-23133 CVE-2021-23134 CVE-2021-31829 CVE-2021-32399 CVE-2021-33034 CVE-2021-33200 CVE-2021-3506 CVE-2021-3609 Ubuntu 20.04 LTS USN-5000-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS and the Linux HWE kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux KVM kernel for Ubuntu 20.04 LTS. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33200) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in some situations. A physically proximate attacker could possibly use this issue to inject packets or expose sensitive information. (CVE-2020-24586) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled encrypted fragments. A physically proximate attacker could possibly use this issue to decrypt fragments. (CVE-2020-24587) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled certain malformed frames. If a user were tricked into connecting to a malicious server, a physically proximate attacker could use this issue to inject packets. (CVE-2020-24588) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled EAPOL frames from unauthenticated senders. A physically proximate attacker could inject malicious packets to cause a denial of service (system crash). (CVE-2020-26139) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. (CVE-2020-26141) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation accepted plaintext fragments in certain situations. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. (CVE-2020-26147) Or Cohen discovered that the SCTP implementation in the Linux kernel contained a race condition in some situations, leading to a use-after-free condition. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23133) Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23134) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly prevent speculative loads in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-31829) It was discovered that a race condition in the kernel Bluetooth subsystem could lead to use-after-free of slab objects. An attacker could use this issue to possibly execute arbitrary code. (CVE-2021-32399) It was discovered that a use-after-free existed in the Bluetooth HCI driver of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33034) It was discovered that an out-of-bounds (OOB) memory access flaw existed in the f2fs module of the Linux kernel. A local attacker could use this issue to cause a denial of service (system crash). (CVE-2021-3506) Update Instructions: Run `sudo pro fix USN-5000-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1041-kvm - 5.4.0-1041.42 linux-headers-5.4.0-1041-kvm - 5.4.0-1041.42 linux-kvm-headers-5.4.0-1041 - 5.4.0-1041.42 linux-buildinfo-5.4.0-1041-kvm - 5.4.0-1041.42 linux-kvm-tools-5.4.0-1041 - 5.4.0-1041.42 linux-image-unsigned-5.4.0-1041-kvm - 5.4.0-1041.42 linux-tools-5.4.0-1041-kvm - 5.4.0-1041.42 linux-modules-5.4.0-1041-kvm - 5.4.0-1041.42 No subscription required linux-tools-kvm - 5.4.0.1041.39 linux-kvm - 5.4.0.1041.39 linux-headers-kvm - 5.4.0.1041.39 linux-image-kvm - 5.4.0.1041.39 No subscription required High CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26141 CVE-2020-26145 CVE-2020-26147 CVE-2021-23133 CVE-2021-23134 CVE-2021-31829 CVE-2021-32399 CVE-2021-33034 CVE-2021-33200 CVE-2021-3506 CVE-2021-3609 Ubuntu 20.04 LTS Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in some situations. A physically proximate attacker could possibly use this issue to inject packets or expose sensitive information. (CVE-2020-24586) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled encrypted fragments. A physically proximate attacker could possibly use this issue to decrypt fragments. (CVE-2020-24587) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled certain malformed frames. If a user were tricked into connecting to a malicious server, a physically proximate attacker could use this issue to inject packets. (CVE-2020-24588) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled EAPOL frames from unauthenticated senders. A physically proximate attacker could inject malicious packets to cause a denial of service (system crash). (CVE-2020-26139) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. (CVE-2020-26141) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation accepted plaintext fragments in certain situations. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. (CVE-2020-26147) Or Cohen discovered that the SCTP implementation in the Linux kernel contained a race condition in some situations, leading to a use-after-free condition. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23133) Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23134) Manfred Paul discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel contained an out-of-bounds vulnerability. A local attacker could use this issue to execute arbitrary code. (CVE-2021-31440) It was discovered that a race condition in the kernel Bluetooth subsystem could lead to use-after-free of slab objects. An attacker could use this issue to possibly execute arbitrary code. (CVE-2021-32399) It was discovered that a use-after-free existed in the Bluetooth HCI driver of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33034) It was discovered that an out-of-bounds (OOB) memory access flaw existed in the f2fs module of the Linux kernel. A local attacker could use this issue to cause a denial of service (system crash). (CVE-2021-3506) Mathias Krause discovered that a null pointer dereference existed in the Nitro Enclaves kernel driver of the Linux kernel. A local attacker could use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3543) Update Instructions: Run `sudo pro fix USN-5001-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1033-oem - 5.10.0-1033.34 No subscription required linux-image-oem-20.04b - 5.10.0.1033.34 linux-image-oem-20.04 - 5.10.0.1033.34 linux-image-oem-20.04-edge - 5.10.0.1033.34 No subscription required High CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26141 CVE-2020-26145 CVE-2020-26147 CVE-2021-23133 CVE-2021-23134 CVE-2021-31440 CVE-2021-32399 CVE-2021-33034 CVE-2021-3506 CVE-2021-3543 CVE-2021-3609 Ubuntu 20.04 LTS It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2019-11287) Jonathan Knudsen discovered RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-22116) Update Instructions: Run `sudo pro fix USN-5004-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rabbitmq-server - 3.8.2-0ubuntu1.3 No subscription required Medium CVE-2019-11287 CVE-2021-22116 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-7068) It was discovered that PHP incorrectly handled parsing URLs with passwords. A remote attacker could possibly use this issue to cause PHP to mis-parse the URL and produce wrong data. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-7071) It was discovered that PHP incorrectly handled certain malformed XML data when being parsed by the SOAP extension. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-21702) It was discovered that PHP incorrectly handled the pdo_firebase module. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2021-21704) It was discovered that PHP incorrectly handled the FILTER_VALIDATE_URL check. A remote attacker could possibly use this issue to perform a server- side request forgery attack. (CVE-2021-21705) Update Instructions: Run `sudo pro fix USN-5006-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.5 php7.4-readline - 7.4.3-4ubuntu2.5 php7.4-dba - 7.4.3-4ubuntu2.5 php7.4-common - 7.4.3-4ubuntu2.5 php7.4-xmlrpc - 7.4.3-4ubuntu2.5 php7.4-intl - 7.4.3-4ubuntu2.5 php7.4-phpdbg - 7.4.3-4ubuntu2.5 php7.4-ldap - 7.4.3-4ubuntu2.5 php7.4-soap - 7.4.3-4ubuntu2.5 php7.4-xsl - 7.4.3-4ubuntu2.5 php7.4-pgsql - 7.4.3-4ubuntu2.5 php7.4-pspell - 7.4.3-4ubuntu2.5 php7.4-zip - 7.4.3-4ubuntu2.5 php7.4-curl - 7.4.3-4ubuntu2.5 php7.4-odbc - 7.4.3-4ubuntu2.5 php7.4-json - 7.4.3-4ubuntu2.5 php7.4-mbstring - 7.4.3-4ubuntu2.5 php7.4-imap - 7.4.3-4ubuntu2.5 php7.4-bz2 - 7.4.3-4ubuntu2.5 php7.4-cgi - 7.4.3-4ubuntu2.5 php7.4 - 7.4.3-4ubuntu2.5 php7.4-bcmath - 7.4.3-4ubuntu2.5 php7.4-dev - 7.4.3-4ubuntu2.5 php7.4-interbase - 7.4.3-4ubuntu2.5 php7.4-tidy - 7.4.3-4ubuntu2.5 php7.4-gmp - 7.4.3-4ubuntu2.5 php7.4-sqlite3 - 7.4.3-4ubuntu2.5 php7.4-enchant - 7.4.3-4ubuntu2.5 php7.4-fpm - 7.4.3-4ubuntu2.5 php7.4-sybase - 7.4.3-4ubuntu2.5 php7.4-cli - 7.4.3-4ubuntu2.5 libphp7.4-embed - 7.4.3-4ubuntu2.5 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.5 php7.4-mysql - 7.4.3-4ubuntu2.5 php7.4-snmp - 7.4.3-4ubuntu2.5 php7.4-xml - 7.4.3-4ubuntu2.5 php7.4-opcache - 7.4.3-4ubuntu2.5 No subscription required Medium CVE-2020-7068 CVE-2020-7071 CVE-2021-21702 CVE-2021-21704 CVE-2021-21705 Ubuntu 20.04 LTS Eric Sesterhenn discovered that libuv incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information or cause a crash. Update Instructions: Run `sudo pro fix USN-5007-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libuv1-dev - 1.34.2-1ubuntu1.3 libuv1 - 1.34.2-1ubuntu1.3 No subscription required Medium CVE-2021-22918 Ubuntu 20.04 LTS Thomas Kremer discovered that Avahi incorrectly handled termination signals on the Unix socket. A local attacker could possibly use this issue to cause Avahi to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-3468) It was discovered that Avahi incorrectly handled certain hostnames. A local attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service. This issue only affected Ubuntu 20.10 and Ubuntu 21.04. (CVE-2021-3502) Update Instructions: Run `sudo pro fix USN-5008-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavahi-compat-libdnssd-dev - 0.7-4ubuntu7.1 libavahi-ui-gtk3-0 - 0.7-4ubuntu7.1 libavahi-core7-udeb - 0.7-4ubuntu7.1 libavahi-core7 - 0.7-4ubuntu7.1 libavahi-client3 - 0.7-4ubuntu7.1 libavahi-core-dev - 0.7-4ubuntu7.1 libavahi-client-dev - 0.7-4ubuntu7.1 avahi-ui-utils - 0.7-4ubuntu7.1 libavahi-gobject-dev - 0.7-4ubuntu7.1 avahi-dnsconfd - 0.7-4ubuntu7.1 libavahi-compat-libdnssd1 - 0.7-4ubuntu7.1 libavahi-common3 - 0.7-4ubuntu7.1 avahi-daemon - 0.7-4ubuntu7.1 avahi-discover - 0.7-4ubuntu7.1 libavahi-common-dev - 0.7-4ubuntu7.1 libavahi-common-data - 0.7-4ubuntu7.1 avahi-utils - 0.7-4ubuntu7.1 libavahi-common3-udeb - 0.7-4ubuntu7.1 libavahi-ui-gtk3-dev - 0.7-4ubuntu7.1 libavahi-glib-dev - 0.7-4ubuntu7.1 libavahi-gobject0 - 0.7-4ubuntu7.1 gir1.2-avahi-0.6 - 0.7-4ubuntu7.1 avahi-autoipd - 0.7-4ubuntu7.1 python-avahi - 0.7-4ubuntu7.1 libavahi-glib1 - 0.7-4ubuntu7.1 No subscription required Medium CVE-2021-3468 CVE-2021-3502 Ubuntu 20.04 LTS Qiuhao Li discovered that libslirp incorrectly handled certain header data lengths. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2020-29129, CVE-2020-29130) It was discovered that libslirp incorrectly handled certain udp packets. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. (CVE-2021-3592, CVE-2021-3593, CVE-2021-3594, CVE-2021-3595) Update Instructions: Run `sudo pro fix USN-5009-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libslirp0 - 4.1.0-2ubuntu2.2 libslirp-dev - 4.1.0-2ubuntu2.2 No subscription required Medium CVE-2020-29129 CVE-2020-29130 CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595 Ubuntu 20.04 LTS Lei Sun discovered that QEMU incorrectly handled certain MMIO operations. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-15469) Wenxiang Qian discovered that QEMU incorrectly handled certain ATAPI commands. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 21.04. (CVE-2020-29443) Cheolwoo Myung discovered that QEMU incorrectly handled SCSI device emulation. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-35504, CVE-2020-35505, CVE-2021-3392) Alex Xu discovered that QEMU incorrectly handled the virtio-fs shared file system daemon. An attacker inside the guest could possibly use this issue to read and write to host devices. This issue only affected Ubuntu 20.10. (CVE-2020-35517) It was discovered that QEMU incorrectly handled ARM Generic Interrupt Controller emulation. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-20221) Alexander Bulekov, Cheolwoo Myung, Sergej Schumilo, Cornelius Aschermann, and Simon Werner discovered that QEMU incorrectly handled e1000 device emulation. An attacker inside the guest could possibly use this issue to cause QEMU to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-20257) It was discovered that QEMU incorrectly handled SDHCI controller emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, when QEMU is used in combination with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2021-3409) It was discovered that QEMU incorrectly handled certain NIC emulation devices. An attacker inside the guest could possibly use this issue to cause QEMU to hang or crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-3416) Remy Noel discovered that QEMU incorrectly handled the USB redirector device. An attacker inside the guest could possibly use this issue to cause QEMU to consume resources, resulting in a denial of service. (CVE-2021-3527) It was discovered that QEMU incorrectly handled the virtio vhost-user GPU device. An attacker inside the guest could possibly use this issue to cause QEMU to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-3544) It was discovered that QEMU incorrectly handled the virtio vhost-user GPU device. An attacker inside the guest could possibly use this issue to obtain sensitive host information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-3545) It was discovered that QEMU incorrectly handled the virtio vhost-user GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, when QEMU is used in combination with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-3546) It was discovered that QEMU incorrectly handled the PVRDMA device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, when QEMU is used in combination with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-3582, CVE-2021-3607, CVE-2021-3608) It was discovered that QEMU SLiRP networking incorrectly handled certain udp packets. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. (CVE-2021-3592, CVE-2021-3593, CVE-2021-3594, CVE-2021-3595) Update Instructions: Run `sudo pro fix USN-5010-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.17 qemu-system-common - 1:4.2-3ubuntu6.17 qemu-user-static - 1:4.2-3ubuntu6.17 qemu-system-misc - 1:4.2-3ubuntu6.17 qemu-block-extra - 1:4.2-3ubuntu6.17 qemu-system-s390x - 1:4.2-3ubuntu6.17 qemu-user - 1:4.2-3ubuntu6.17 qemu-system-sparc - 1:4.2-3ubuntu6.17 qemu-guest-agent - 1:4.2-3ubuntu6.17 qemu-system - 1:4.2-3ubuntu6.17 qemu-utils - 1:4.2-3ubuntu6.17 qemu-system-data - 1:4.2-3ubuntu6.17 qemu-kvm - 1:4.2-3ubuntu6.17 qemu-user-binfmt - 1:4.2-3ubuntu6.17 qemu-system-x86 - 1:4.2-3ubuntu6.17 qemu-system-arm - 1:4.2-3ubuntu6.17 qemu-system-gui - 1:4.2-3ubuntu6.17 qemu - 1:4.2-3ubuntu6.17 qemu-system-ppc - 1:4.2-3ubuntu6.17 qemu-system-mips - 1:4.2-3ubuntu6.17 qemu-system-x86-xen - 1:4.2-3ubuntu6.17 No subscription required Medium CVE-2020-15469 CVE-2020-29443 CVE-2020-35504 CVE-2020-35505 CVE-2020-35517 CVE-2021-20221 CVE-2021-20257 CVE-2021-3392 CVE-2021-3409 CVE-2021-3416 CVE-2021-3527 CVE-2021-3544 CVE-2021-3545 CVE-2021-3546 CVE-2021-3582 CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595 CVE-2021-3607 CVE-2021-3608 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, overlay text over another domain, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5011-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 90.0+build1-0ubuntu0.20.04.1 firefox - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 90.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 90.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 90.0+build1-0ubuntu0.20.04.1 firefox-dev - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 90.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-29970 CVE-2021-29972 CVE-2021-29974 CVE-2021-29975 CVE-2021-29976 CVE-2021-29977 CVE-2021-30547 Ubuntu 20.04 LTS It was discovered that containerd incorrectly handled file permission changes. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could change permissions on files on the host filesystem and possibly escalate privileges. Update Instructions: Run `sudo pro fix USN-5012-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.5.2-0ubuntu1~20.04.2 golang-github-docker-containerd-dev - 1.5.2-0ubuntu1~20.04.2 golang-github-containerd-containerd-dev - 1.5.2-0ubuntu1~20.04.2 No subscription required High CVE-2021-32760 Ubuntu 20.04 LTS It was discovered that systemd incorrectly handled certain mount paths. A local attacker could possibly use this issue to cause systemd to crash, resulting in a denial of service. (CVE-2021-33910) Mitchell Frank discovered that systemd incorrectly handled DHCP FORCERENEW packets. A remote attacker could possibly use this issue to reconfigure servers. (CVE-2020-13529) Update Instructions: Run `sudo pro fix USN-5013-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: systemd-tests - 245.4-4ubuntu3.10 systemd-coredump - 245.4-4ubuntu3.10 systemd - 245.4-4ubuntu3.10 udev-udeb - 245.4-4ubuntu3.10 libsystemd0 - 245.4-4ubuntu3.10 systemd-container - 245.4-4ubuntu3.10 libnss-myhostname - 245.4-4ubuntu3.10 libudev1-udeb - 245.4-4ubuntu3.10 libudev1 - 245.4-4ubuntu3.10 systemd-timesyncd - 245.4-4ubuntu3.10 libsystemd-dev - 245.4-4ubuntu3.10 libnss-systemd - 245.4-4ubuntu3.10 systemd-journal-remote - 245.4-4ubuntu3.10 libpam-systemd - 245.4-4ubuntu3.10 libnss-mymachines - 245.4-4ubuntu3.10 libnss-resolve - 245.4-4ubuntu3.10 systemd-sysv - 245.4-4ubuntu3.10 udev - 245.4-4ubuntu3.10 libudev-dev - 245.4-4ubuntu3.10 No subscription required High CVE-2020-13529 CVE-2021-33910 Ubuntu 20.04 LTS It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-33909) Michael Brown discovered that the Xen netback driver in the Linux kernel did not properly handle malformed packets from a network PV frontend, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-28691) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3564) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device detach events, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3573) It was discovered that the NFC implementation in the Linux kernel did not properly handle failed connect events leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2021-3587) Update Instructions: Run `sudo pro fix USN-5015-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.10-tools-host - 5.10.0-1038.40 linux-oem-5.10-tools-5.10.0-1038 - 5.10.0-1038.40 linux-buildinfo-5.10.0-1038-oem - 5.10.0-1038.40 linux-modules-5.10.0-1038-oem - 5.10.0-1038.40 linux-image-unsigned-5.10.0-1038-oem - 5.10.0-1038.40 linux-headers-5.10.0-1038-oem - 5.10.0-1038.40 linux-tools-5.10.0-1038-oem - 5.10.0-1038.40 linux-oem-5.10-headers-5.10.0-1038 - 5.10.0-1038.40 linux-image-5.10.0-1038-oem - 5.10.0-1038.40 No subscription required linux-oem-20.04 - 5.10.0.1038.40 linux-oem-20.04-edge - 5.10.0.1038.40 linux-headers-oem-20.04b - 5.10.0.1038.40 linux-image-oem-20.04b - 5.10.0.1038.40 linux-image-oem-20.04 - 5.10.0.1038.40 linux-tools-oem-20.04-edge - 5.10.0.1038.40 linux-headers-oem-20.04-edge - 5.10.0.1038.40 linux-headers-oem-20.04 - 5.10.0.1038.40 linux-tools-oem-20.04b - 5.10.0.1038.40 linux-tools-oem-20.04 - 5.10.0.1038.40 linux-image-oem-20.04-edge - 5.10.0.1038.40 linux-oem-20.04b - 5.10.0.1038.40 No subscription required High CVE-2021-28691 CVE-2021-33909 CVE-2021-3564 CVE-2021-3573 Ubuntu 20.04 LTS It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-33909) Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23134) It was discovered that a race condition in the kernel Bluetooth subsystem could lead to use-after-free of slab objects. An attacker could use this issue to possibly execute arbitrary code. (CVE-2021-32399) It was discovered that a use-after-free existed in the Bluetooth HCI driver of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33034) It was discovered that an out-of-bounds (OOB) memory access flaw existed in the f2fs module of the Linux kernel. A local attacker could use this issue to cause a denial of service (system crash). (CVE-2021-3506) Update Instructions: Run `sudo pro fix USN-5016-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 linux-oracle-5.8-tools-5.8.0-1037 - 5.8.0-1037.38~20.04.1 linux-oracle-5.8-headers-5.8.0-1037 - 5.8.0-1037.38~20.04.1 linux-headers-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 linux-buildinfo-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 linux-modules-extra-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 linux-image-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 linux-image-unsigned-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 linux-tools-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 No subscription required linux-image-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-tools-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-modules-extra-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-gcp-5.8-tools-5.8.0-1038 - 5.8.0-1038.40~20.04.1 linux-headers-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-buildinfo-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-modules-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-image-unsigned-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-gcp-5.8-headers-5.8.0-1038 - 5.8.0-1038.40~20.04.1 No subscription required linux-azure-5.8-cloud-tools-5.8.0-1039 - 5.8.0-1039.42~20.04.1 linux-modules-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-azure-5.8-headers-5.8.0-1039 - 5.8.0-1039.42~20.04.1 linux-cloud-tools-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-buildinfo-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-azure-5.8-tools-5.8.0-1039 - 5.8.0-1039.42~20.04.1 linux-image-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-image-unsigned-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-headers-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-modules-extra-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-tools-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 No subscription required linux-headers-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-modules-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-tools-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-aws-5.8-cloud-tools-5.8.0-1041 - 5.8.0-1041.43~20.04.1 linux-aws-5.8-tools-5.8.0-1041 - 5.8.0-1041.43~20.04.1 linux-modules-extra-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-cloud-tools-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-buildinfo-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-image-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-aws-5.8-headers-5.8.0-1041 - 5.8.0-1041.43~20.04.1 No subscription required kernel-signed-image-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 md-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 parport-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 linux-headers-5.8.0-63-generic-lpae - 5.8.0-63.71~20.04.1 linux-headers-5.8.0-63-generic-64k - 5.8.0-63.71~20.04.1 nic-shared-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-image-unsigned-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 virtio-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 input-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 block-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 block-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 ppp-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 linux-modules-5.8.0-63-generic - 5.8.0-63.71~20.04.1 linux-hwe-5.8-cloud-tools-5.8.0-63 - 5.8.0-63.71~20.04.1 linux-hwe-5.8-source-5.8.0 - 5.8.0-63.71~20.04.1 linux-tools-5.8.0-63-generic-lpae - 5.8.0-63.71~20.04.1 linux-tools-5.8.0-63-generic-64k - 5.8.0-63.71~20.04.1 sata-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 nic-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-buildinfo-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-generic-64k - 5.8.0-63.71~20.04.1 multipath-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 nfs-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 nic-usb-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-tools-host - 5.8.0-63.71~20.04.1 pcmcia-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 input-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 vlan-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 message-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-modules-5.8.0-63-generic-lpae - 5.8.0-63.71~20.04.1 vlan-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 floppy-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 vlan-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 multipath-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 nic-usb-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-headers-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 linux-cloud-tools-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 multipath-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-tools-5.8.0-63-generic - 5.8.0-63.71~20.04.1 crypto-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 virtio-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 fs-core-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-image-unsigned-5.8.0-63-generic-64k - 5.8.0-63.71~20.04.1 scsi-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-tools-common - 5.8.0-63.71~20.04.1 nic-pcmcia-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-buildinfo-5.8.0-63-generic - 5.8.0-63.71~20.04.1 ipmi-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-udebs-generic-lpae - 5.8.0-63.71~20.04.1 fat-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 fs-core-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 fs-core-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 ppp-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 crypto-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-cloud-tools-common - 5.8.0-63.71~20.04.1 parport-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 fs-secondary-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 usb-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 fs-secondary-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 mouse-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 ppp-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 fat-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 ipmi-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-headers-5.8.0-63 - 5.8.0-63.71~20.04.1 nic-shared-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 storage-core-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 plip-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 block-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 message-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-headers-5.8.0-63-generic - 5.8.0-63.71~20.04.1 pcmcia-storage-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-modules-extra-5.8.0-63-generic - 5.8.0-63.71~20.04.1 crypto-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 nic-usb-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 usb-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-udebs-generic - 5.8.0-63.71~20.04.1 fat-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 ipmi-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 nic-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-tools-5.8.0-63 - 5.8.0-63.71~20.04.1 kernel-image-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 storage-core-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 plip-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-modules-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 linux-buildinfo-5.8.0-63-generic-lpae - 5.8.0-63.71~20.04.1 input-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-tools-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 nfs-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-generic - 5.8.0-63.71~20.04.1 linux-hwe-5.8-udebs-generic-64k - 5.8.0-63.71~20.04.1 mouse-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-generic-lpae - 5.8.0-63.71~20.04.1 parport-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 sata-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 nfs-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 nic-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 fs-secondary-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 sata-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 scsi-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-cloud-tools-5.8.0-63-generic - 5.8.0-63.71~20.04.1 nic-shared-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 linux-buildinfo-5.8.0-63-generic-64k - 5.8.0-63.71~20.04.1 dasd-extra-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 dasd-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 scsi-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 md-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 plip-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 kernel-image-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 usb-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 pata-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 fb-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 mouse-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 storage-core-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 firewire-core-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-image-unsigned-5.8.0-63-generic - 5.8.0-63.71~20.04.1 linux-modules-5.8.0-63-generic-64k - 5.8.0-63.71~20.04.1 serial-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 md-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 kernel-image-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 No subscription required linux-headers-oracle - 5.8.0.1037.38~20.04.13 linux-tools-oracle - 5.8.0.1037.38~20.04.13 linux-image-oracle - 5.8.0.1037.38~20.04.13 linux-oracle - 5.8.0.1037.38~20.04.13 No subscription required linux-gcp - 5.8.0.1038.40~20.04.13 linux-headers-gcp - 5.8.0.1038.40~20.04.13 linux-image-gcp - 5.8.0.1038.40~20.04.13 linux-modules-extra-gcp - 5.8.0.1038.40~20.04.13 linux-tools-gcp - 5.8.0.1038.40~20.04.13 No subscription required linux-cloud-tools-azure - 5.8.0.1039.42~20.04.11 linux-tools-azure - 5.8.0.1039.42~20.04.11 linux-azure - 5.8.0.1039.42~20.04.11 linux-modules-extra-azure - 5.8.0.1039.42~20.04.11 linux-image-azure - 5.8.0.1039.42~20.04.11 linux-headers-azure - 5.8.0.1039.42~20.04.11 No subscription required linux-headers-aws - 5.8.0.1041.43~20.04.13 linux-image-aws - 5.8.0.1041.43~20.04.13 linux-aws - 5.8.0.1041.43~20.04.13 linux-modules-extra-aws - 5.8.0.1041.43~20.04.13 linux-tools-aws - 5.8.0.1041.43~20.04.13 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-tools-generic-lpae-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-cloud-tools-generic-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-headers-generic-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-tools-lowlatency-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-headers-lowlatency-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-image-extra-virtual-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-image-lowlatency-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-virtual-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-headers-generic-64k-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-generic-lpae-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-generic-64k-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-headers-generic-lpae-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-generic-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-cloud-tools-virtual-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-image-generic-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-image-virtual-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-tools-generic-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-image-generic-64k-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-image-generic-lpae-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-tools-virtual-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-tools-generic-64k-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-lowlatency-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-headers-virtual-hwe-20.04 - 5.8.0.63.71~20.04.45 No subscription required High CVE-2021-23134 CVE-2021-32399 CVE-2021-33034 CVE-2021-33909 CVE-2021-3506 Ubuntu 20.04 LTS It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-33909) It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129) Update Instructions: Run `sudo pro fix USN-5017-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-tools-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-gkeop-cloud-tools-5.4.0-1021 - 5.4.0-1021.22 linux-image-unsigned-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-gkeop-source-5.4.0 - 5.4.0-1021.22 linux-headers-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-gkeop-headers-5.4.0-1021 - 5.4.0-1021.22 linux-buildinfo-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-modules-extra-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-gkeop-tools-5.4.0-1021 - 5.4.0-1021.22 linux-image-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-modules-5.4.0-1021-gkeop - 5.4.0-1021.22 No subscription required linux-buildinfo-5.4.0-1041-raspi - 5.4.0-1041.45 linux-modules-5.4.0-1041-raspi - 5.4.0-1041.45 linux-raspi-tools-5.4.0-1041 - 5.4.0-1041.45 linux-tools-5.4.0-1041-raspi - 5.4.0-1041.45 linux-raspi-headers-5.4.0-1041 - 5.4.0-1041.45 linux-headers-5.4.0-1041-raspi - 5.4.0-1041.45 linux-image-5.4.0-1041-raspi - 5.4.0-1041.45 No subscription required linux-image-unsigned-5.4.0-1044-kvm - 5.4.0-1044.46 linux-tools-5.4.0-1044-kvm - 5.4.0-1044.46 linux-kvm-tools-5.4.0-1044 - 5.4.0-1044.46 linux-headers-5.4.0-1044-kvm - 5.4.0-1044.46 linux-buildinfo-5.4.0-1044-kvm - 5.4.0-1044.46 linux-modules-5.4.0-1044-kvm - 5.4.0-1044.46 linux-image-5.4.0-1044-kvm - 5.4.0-1044.46 linux-kvm-headers-5.4.0-1044 - 5.4.0-1044.46 No subscription required linux-modules-5.4.0-1049-gke - 5.4.0-1049.52 linux-image-5.4.0-1049-gke - 5.4.0-1049.52 linux-buildinfo-5.4.0-1049-gke - 5.4.0-1049.52 linux-modules-extra-5.4.0-1049-gke - 5.4.0-1049.52 linux-gke-tools-5.4.0-1049 - 5.4.0-1049.52 linux-headers-5.4.0-1049-gke - 5.4.0-1049.52 linux-tools-5.4.0-1049-gke - 5.4.0-1049.52 linux-image-unsigned-5.4.0-1049-gke - 5.4.0-1049.52 linux-gke-headers-5.4.0-1049 - 5.4.0-1049.52 No subscription required linux-gcp-headers-5.4.0-1049 - 5.4.0-1049.53 linux-image-unsigned-5.4.0-1049-gcp - 5.4.0-1049.53 linux-buildinfo-5.4.0-1049-gcp - 5.4.0-1049.53 linux-image-5.4.0-1049-gcp - 5.4.0-1049.53 linux-tools-5.4.0-1049-gcp - 5.4.0-1049.53 linux-modules-extra-5.4.0-1049-gcp - 5.4.0-1049.53 linux-headers-5.4.0-1049-gcp - 5.4.0-1049.53 linux-gcp-tools-5.4.0-1049 - 5.4.0-1049.53 linux-modules-5.4.0-1049-gcp - 5.4.0-1049.53 No subscription required linux-image-5.4.0-1052-oracle - 5.4.0-1052.56 linux-buildinfo-5.4.0-1052-oracle - 5.4.0-1052.56 linux-oracle-headers-5.4.0-1052 - 5.4.0-1052.56 linux-modules-5.4.0-1052-oracle - 5.4.0-1052.56 linux-oracle-tools-5.4.0-1052 - 5.4.0-1052.56 linux-headers-5.4.0-1052-oracle - 5.4.0-1052.56 linux-image-unsigned-5.4.0-1052-oracle - 5.4.0-1052.56 linux-modules-extra-5.4.0-1052-oracle - 5.4.0-1052.56 linux-tools-5.4.0-1052-oracle - 5.4.0-1052.56 No subscription required linux-buildinfo-5.4.0-1054-aws - 5.4.0-1054.57 linux-image-5.4.0-1054-aws - 5.4.0-1054.57 linux-headers-5.4.0-1054-aws - 5.4.0-1054.57 linux-aws-headers-5.4.0-1054 - 5.4.0-1054.57 linux-cloud-tools-5.4.0-1054-aws - 5.4.0-1054.57 linux-tools-5.4.0-1054-aws - 5.4.0-1054.57 linux-aws-cloud-tools-5.4.0-1054 - 5.4.0-1054.57 linux-aws-tools-5.4.0-1054 - 5.4.0-1054.57 linux-modules-5.4.0-1054-aws - 5.4.0-1054.57 linux-modules-extra-5.4.0-1054-aws - 5.4.0-1054.57 No subscription required linux-headers-5.4.0-1055-azure - 5.4.0-1055.57 linux-modules-5.4.0-1055-azure - 5.4.0-1055.57 linux-azure-cloud-tools-5.4.0-1055 - 5.4.0-1055.57 linux-azure-tools-5.4.0-1055 - 5.4.0-1055.57 linux-modules-extra-5.4.0-1055-azure - 5.4.0-1055.57 linux-cloud-tools-5.4.0-1055-azure - 5.4.0-1055.57 linux-azure-headers-5.4.0-1055 - 5.4.0-1055.57 linux-tools-5.4.0-1055-azure - 5.4.0-1055.57 linux-image-unsigned-5.4.0-1055-azure - 5.4.0-1055.57 linux-buildinfo-5.4.0-1055-azure - 5.4.0-1055.57 linux-image-5.4.0-1055-azure - 5.4.0-1055.57 No subscription required parport-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-headers-5.4.0-80-generic-lpae - 5.4.0-80.90 linux-udebs-generic-lpae - 5.4.0-80.90 nic-modules-5.4.0-80-generic-di - 5.4.0-80.90 parport-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 mouse-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 storage-core-modules-5.4.0-80-generic-di - 5.4.0-80.90 crypto-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 linux-tools-5.4.0-80 - 5.4.0-80.90 linux-tools-host - 5.4.0-80.90 linux-image-5.4.0-80-generic-lpae - 5.4.0-80.90 linux-tools-common - 5.4.0-80.90 pcmcia-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-headers-5.4.0-80 - 5.4.0-80.90 linux-doc - 5.4.0-80.90 scsi-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 dasd-extra-modules-5.4.0-80-generic-di - 5.4.0-80.90 fs-secondary-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 input-modules-5.4.0-80-generic-di - 5.4.0-80.90 nic-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 linux-image-unsigned-5.4.0-80-lowlatency - 5.4.0-80.90 virtio-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-cloud-tools-5.4.0-80 - 5.4.0-80.90 linux-cloud-tools-5.4.0-80-generic - 5.4.0-80.90 fb-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-libc-dev - 5.4.0-80.90 linux-source-5.4.0 - 5.4.0-80.90 fat-modules-5.4.0-80-generic-di - 5.4.0-80.90 ipmi-modules-5.4.0-80-generic-di - 5.4.0-80.90 md-modules-5.4.0-80-generic-di - 5.4.0-80.90 pata-modules-5.4.0-80-generic-di - 5.4.0-80.90 nfs-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 block-modules-5.4.0-80-generic-di - 5.4.0-80.90 vlan-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-tools-5.4.0-80-lowlatency - 5.4.0-80.90 fs-core-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-cloud-tools-5.4.0-80-lowlatency - 5.4.0-80.90 linux-modules-5.4.0-80-generic - 5.4.0-80.90 fat-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 fs-core-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 dasd-modules-5.4.0-80-generic-di - 5.4.0-80.90 usb-modules-5.4.0-80-generic-di - 5.4.0-80.90 kernel-image-5.4.0-80-generic-di - 5.4.0-80.90 kernel-image-5.4.0-80-generic-lpae-di - 5.4.0-80.90 usb-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 serial-modules-5.4.0-80-generic-di - 5.4.0-80.90 nic-pcmcia-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-buildinfo-5.4.0-80-generic - 5.4.0-80.90 ipmi-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 nfs-modules-5.4.0-80-generic-di - 5.4.0-80.90 md-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 nic-shared-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 message-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-image-5.4.0-80-generic - 5.4.0-80.90 scsi-modules-5.4.0-80-generic-di - 5.4.0-80.90 floppy-modules-5.4.0-80-generic-di - 5.4.0-80.90 kernel-signed-image-5.4.0-80-generic-di - 5.4.0-80.90 mouse-modules-5.4.0-80-generic-di - 5.4.0-80.90 sata-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-modules-5.4.0-80-generic-lpae - 5.4.0-80.90 linux-modules-5.4.0-80-lowlatency - 5.4.0-80.90 multipath-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-tools-5.4.0-80-generic-lpae - 5.4.0-80.90 linux-cloud-tools-common - 5.4.0-80.90 linux-image-5.4.0-80-lowlatency - 5.4.0-80.90 linux-udebs-generic - 5.4.0-80.90 linux-buildinfo-5.4.0-80-lowlatency - 5.4.0-80.90 linux-modules-extra-5.4.0-80-generic - 5.4.0-80.90 linux-buildinfo-5.4.0-80-generic-lpae - 5.4.0-80.90 crypto-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-tools-5.4.0-80-generic - 5.4.0-80.90 ppp-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 nic-shared-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-headers-5.4.0-80-generic - 5.4.0-80.90 plip-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 sata-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 pcmcia-storage-modules-5.4.0-80-generic-di - 5.4.0-80.90 block-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 input-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 vlan-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 fs-secondary-modules-5.4.0-80-generic-di - 5.4.0-80.90 ppp-modules-5.4.0-80-generic-di - 5.4.0-80.90 plip-modules-5.4.0-80-generic-di - 5.4.0-80.90 firewire-core-modules-5.4.0-80-generic-di - 5.4.0-80.90 nic-usb-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 multipath-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 nic-usb-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-headers-5.4.0-80-lowlatency - 5.4.0-80.90 linux-image-unsigned-5.4.0-80-generic - 5.4.0-80.90 storage-core-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 No subscription required linux-headers-gkeop - 5.4.0.1021.24 linux-cloud-tools-gkeop-5.4 - 5.4.0.1021.24 linux-image-gkeop - 5.4.0.1021.24 linux-image-gkeop-5.4 - 5.4.0.1021.24 linux-gkeop - 5.4.0.1021.24 linux-cloud-tools-gkeop - 5.4.0.1021.24 linux-modules-extra-gkeop-5.4 - 5.4.0.1021.24 linux-headers-gkeop-5.4 - 5.4.0.1021.24 linux-modules-extra-gkeop - 5.4.0.1021.24 linux-tools-gkeop - 5.4.0.1021.24 linux-tools-gkeop-5.4 - 5.4.0.1021.24 linux-gkeop-5.4 - 5.4.0.1021.24 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1041.76 linux-headers-raspi - 5.4.0.1041.76 linux-raspi2 - 5.4.0.1041.76 linux-headers-raspi2 - 5.4.0.1041.76 linux-image-raspi-hwe-18.04 - 5.4.0.1041.76 linux-image-raspi2-hwe-18.04 - 5.4.0.1041.76 linux-tools-raspi - 5.4.0.1041.76 linux-headers-raspi2-hwe-18.04 - 5.4.0.1041.76 linux-headers-raspi-hwe-18.04 - 5.4.0.1041.76 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1041.76 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1041.76 linux-raspi2-hwe-18.04-edge - 5.4.0.1041.76 linux-raspi-hwe-18.04 - 5.4.0.1041.76 linux-tools-raspi2-hwe-18.04 - 5.4.0.1041.76 linux-raspi2-hwe-18.04 - 5.4.0.1041.76 linux-image-raspi-hwe-18.04-edge - 5.4.0.1041.76 linux-image-raspi2 - 5.4.0.1041.76 linux-tools-raspi-hwe-18.04 - 5.4.0.1041.76 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1041.76 linux-raspi-hwe-18.04-edge - 5.4.0.1041.76 linux-raspi - 5.4.0.1041.76 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1041.76 linux-image-raspi - 5.4.0.1041.76 linux-tools-raspi2 - 5.4.0.1041.76 No subscription required linux-tools-kvm - 5.4.0.1044.43 linux-headers-kvm - 5.4.0.1044.43 linux-kvm - 5.4.0.1044.43 linux-image-kvm - 5.4.0.1044.43 No subscription required linux-modules-extra-gke - 5.4.0.1049.59 linux-headers-gke - 5.4.0.1049.59 linux-headers-gke-5.4 - 5.4.0.1049.59 linux-modules-extra-gke-5.4 - 5.4.0.1049.59 linux-gcp-lts-20.04 - 5.4.0.1049.59 linux-gke-5.4 - 5.4.0.1049.59 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1049.59 linux-headers-gcp-lts-20.04 - 5.4.0.1049.59 linux-tools-gke - 5.4.0.1049.59 linux-tools-gcp-lts-20.04 - 5.4.0.1049.59 linux-image-gke - 5.4.0.1049.59 linux-image-gcp-lts-20.04 - 5.4.0.1049.59 linux-gke - 5.4.0.1049.59 linux-image-gke-5.4 - 5.4.0.1049.59 linux-tools-gke-5.4 - 5.4.0.1049.59 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1052.52 linux-headers-oracle-lts-20.04 - 5.4.0.1052.52 linux-image-oracle-lts-20.04 - 5.4.0.1052.52 linux-oracle-lts-20.04 - 5.4.0.1052.52 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1054.57 linux-tools-aws-lts-20.04 - 5.4.0.1054.57 linux-modules-extra-aws-lts-20.04 - 5.4.0.1054.57 linux-headers-aws-lts-20.04 - 5.4.0.1054.57 linux-aws-lts-20.04 - 5.4.0.1054.57 No subscription required linux-azure-lts-20.04 - 5.4.0.1055.53 linux-image-azure-lts-20.04 - 5.4.0.1055.53 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1055.53 linux-modules-extra-azure-lts-20.04 - 5.4.0.1055.53 linux-tools-azure-lts-20.04 - 5.4.0.1055.53 linux-headers-azure-lts-20.04 - 5.4.0.1055.53 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.80.84 linux-image-generic-hwe-18.04 - 5.4.0.80.84 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.80.84 linux-headers-generic-lpae - 5.4.0.80.84 linux-generic-hwe-18.04-edge - 5.4.0.80.84 linux-image-virtual - 5.4.0.80.84 linux-cloud-tools-lowlatency - 5.4.0.80.84 linux-image-generic - 5.4.0.80.84 linux-tools-lowlatency - 5.4.0.80.84 linux-image-oem - 5.4.0.80.84 linux-image-lowlatency-hwe-18.04 - 5.4.0.80.84 linux-headers-lowlatency-hwe-18.04 - 5.4.0.80.84 linux-cloud-tools-virtual - 5.4.0.80.84 linux-lowlatency-hwe-18.04-edge - 5.4.0.80.84 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.80.84 linux-image-oem-osp1 - 5.4.0.80.84 linux-headers-oem - 5.4.0.80.84 linux-image-generic-lpae-hwe-18.04 - 5.4.0.80.84 linux-crashdump - 5.4.0.80.84 linux-generic-lpae-hwe-18.04-edge - 5.4.0.80.84 linux-tools-lowlatency-hwe-18.04 - 5.4.0.80.84 linux-headers-generic-hwe-18.04 - 5.4.0.80.84 linux-headers-virtual-hwe-18.04-edge - 5.4.0.80.84 linux-source - 5.4.0.80.84 linux-lowlatency - 5.4.0.80.84 linux-tools-virtual-hwe-18.04-edge - 5.4.0.80.84 linux-tools-generic-lpae - 5.4.0.80.84 linux-virtual - 5.4.0.80.84 linux-headers-virtual-hwe-18.04 - 5.4.0.80.84 linux-generic - 5.4.0.80.84 linux-virtual-hwe-18.04 - 5.4.0.80.84 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.80.84 linux-headers-virtual - 5.4.0.80.84 linux-cloud-tools-generic - 5.4.0.80.84 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.80.84 linux-generic-lpae - 5.4.0.80.84 linux-image-extra-virtual-hwe-18.04 - 5.4.0.80.84 linux-tools-oem-osp1 - 5.4.0.80.84 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.80.84 linux-tools-generic-hwe-18.04-edge - 5.4.0.80.84 linux-image-lowlatency - 5.4.0.80.84 linux-image-virtual-hwe-18.04 - 5.4.0.80.84 linux-oem-tools-host - 5.4.0.80.84 linux-headers-lowlatency - 5.4.0.80.84 linux-image-generic-hwe-18.04-edge - 5.4.0.80.84 linux-generic-hwe-18.04 - 5.4.0.80.84 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.80.84 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.80.84 linux-oem - 5.4.0.80.84 linux-tools-generic - 5.4.0.80.84 linux-image-extra-virtual - 5.4.0.80.84 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.80.84 linux-oem-osp1-tools-host - 5.4.0.80.84 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.80.84 linux-tools-oem - 5.4.0.80.84 linux-headers-oem-osp1 - 5.4.0.80.84 linux-generic-lpae-hwe-18.04 - 5.4.0.80.84 linux-headers-generic-hwe-18.04-edge - 5.4.0.80.84 linux-headers-generic - 5.4.0.80.84 linux-oem-osp1 - 5.4.0.80.84 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.80.84 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.80.84 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.80.84 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.80.84 linux-virtual-hwe-18.04-edge - 5.4.0.80.84 linux-tools-virtual-hwe-18.04 - 5.4.0.80.84 linux-lowlatency-hwe-18.04 - 5.4.0.80.84 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.80.84 linux-image-generic-lpae - 5.4.0.80.84 linux-tools-virtual - 5.4.0.80.84 linux-tools-generic-hwe-18.04 - 5.4.0.80.84 linux-image-virtual-hwe-18.04-edge - 5.4.0.80.84 No subscription required High CVE-2020-26558 CVE-2021-0129 CVE-2021-33909 Ubuntu 20.04 LTS It was discovered that an assert() could be triggered in the NVIDIA graphics drivers. A local attacker could use this to cause a denial of service. (CVE-2021-1093) It was discovered that the NVIDIA graphics drivers permitted an out-of-bounds array access. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1094) It was discovered that the NVIDIA graphics drivers contained a vulnerability in the kernel mode layer where they did not properly control calls with embedded parameters in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1095) Update Instructions: Run `sudo pro fix USN-5019-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nvidia-compute-utils-390 - 390.144-0ubuntu0.20.04.1 libnvidia-ifr1-390 - 390.144-0ubuntu0.20.04.1 nvidia-kernel-common-390 - 390.144-0ubuntu0.20.04.1 libnvidia-decode-390 - 390.144-0ubuntu0.20.04.1 nvidia-utils-390 - 390.144-0ubuntu0.20.04.1 libnvidia-gl-390 - 390.144-0ubuntu0.20.04.1 libnvidia-compute-390 - 390.144-0ubuntu0.20.04.1 nvidia-driver-390 - 390.144-0ubuntu0.20.04.1 nvidia-384-dev - 390.144-0ubuntu0.20.04.1 nvidia-headless-no-dkms-390 - 390.144-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-390 - 390.144-0ubuntu0.20.04.1 nvidia-384 - 390.144-0ubuntu0.20.04.1 libnvidia-fbc1-390 - 390.144-0ubuntu0.20.04.1 libnvidia-encode-390 - 390.144-0ubuntu0.20.04.1 nvidia-opencl-icd-384 - 390.144-0ubuntu0.20.04.1 nvidia-headless-390 - 390.144-0ubuntu0.20.04.1 libnvidia-common-390 - 390.144-0ubuntu0.20.04.1 libcuda1-384 - 390.144-0ubuntu0.20.04.1 nvidia-libopencl1-384 - 390.144-0ubuntu0.20.04.1 nvidia-dkms-390 - 390.144-0ubuntu0.20.04.1 nvidia-kernel-source-390 - 390.144-0ubuntu0.20.04.1 libnvidia-cfg1-390 - 390.144-0ubuntu0.20.04.1 No subscription required xserver-xorg-video-nvidia-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-headless-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-kernel-common-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-gl-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-decode-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-ifr1-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-compute-utils-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-fbc1-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-driver-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-utils-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-common-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-compute-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-headless-no-dkms-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-encode-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-kernel-source-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-cfg1-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-dkms-418-server - 418.211.00-0ubuntu0.20.04.1 No subscription required libnvidia-compute-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-ifr1-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-driver-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-decode-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-headless-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-gl-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-common-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-common-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-extra-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-utils-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-utils-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-headless-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-cfg1-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-kernel-common-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-encode-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-dkms-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-kernel-source-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-encode-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-driver-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-compute-utils-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-cfg1-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-fbc1-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-kernel-source-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-kernel-common-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440-server - 450.142.00-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-dkms-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-ifr1-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-fbc1-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-compute-utils-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-compute-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-decode-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-extra-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-gl-440-server - 450.142.00-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450-server - 450.142.00-0ubuntu0.20.04.1 No subscription required libnvidia-common-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-gl-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-utils-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-encode-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-fbc1-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-fbc1-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-source-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-compute-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-gl-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-common-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-common-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-cfg1-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-encode-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-gl-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-compute-utils-460 - 460.91.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460 - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-common-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-cfg1-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-cfg1-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-utils-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-decode-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-driver-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-compute-460 - 460.91.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-ifr1-460-server - 460.91.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-driver-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-fbc1-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-source-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-encode-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-common-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460 - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-common-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-dkms-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-extra-460 - 460.91.03-0ubuntu0.20.04.1 nvidia-compute-utils-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-compute-utils-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-common-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-decode-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-dkms-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-extra-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-driver-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-fbc1-460 - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-source-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-source-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-compute-utils-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-ifr1-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-ifr1-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-decode-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-encode-460 - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-common-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-utils-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-utils-455 - 460.91.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-gl-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-cfg1-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-decode-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-ifr1-460 - 460.91.03-0ubuntu0.20.04.1 nvidia-dkms-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-dkms-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-compute-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-extra-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-compute-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-extra-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-driver-460-server - 460.91.03-0ubuntu0.20.04.1 No subscription required libnvidia-common-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-cfg1-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-ifr1-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-headless-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-gl-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-gl-465 - 470.57.02-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-cfg1-465 - 470.57.02-0ubuntu0.20.04.1 nvidia-headless-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-compute-utils-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-compute-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-kernel-common-465 - 470.57.02-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-465 - 470.57.02-0ubuntu0.20.04.1 nvidia-utils-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-encode-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-compute-465 - 470.57.02-0ubuntu0.20.04.1 nvidia-compute-utils-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-kernel-common-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-utils-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-kernel-source-465 - 470.57.02-0ubuntu0.20.04.1 nvidia-headless-no-dkms-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-encode-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-dkms-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-extra-465 - 470.57.02-0ubuntu0.20.04.1 nvidia-kernel-source-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-headless-no-dkms-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-driver-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-dkms-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-fbc1-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-extra-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-driver-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-decode-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-fbc1-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-common-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-decode-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-ifr1-465 - 470.57.02-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-1093 CVE-2021-1094 CVE-2021-1095 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-31799) It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to conduct port scans and service banner extractions. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-31810) It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to perform machine-in-the-middle attackers to bypass the TLS protection. (CVE-2021-32066) Update Instructions: Run `sudo pro fix USN-5020-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.5 ruby2.7-doc - 2.7.0-5ubuntu1.5 ruby2.7-dev - 2.7.0-5ubuntu1.5 libruby2.7 - 2.7.0-5ubuntu1.5 No subscription required Medium CVE-2021-31799 CVE-2021-31810 CVE-2021-32066 Ubuntu 20.04 LTS Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data possibly containing sensitive information could be sent to the remote server, contrary to expectations. (CVE-2021-22898, CVE-2021-22925) Harry Sintonen discovered that curl incorrectly reused connections in the connection pool. This could result in curl reusing the wrong connections. (CVE-2021-22924) Update Instructions: Run `sudo pro fix USN-5021-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.6 libcurl4-openssl-dev - 7.68.0-1ubuntu2.6 libcurl3-gnutls - 7.68.0-1ubuntu2.6 libcurl4-doc - 7.68.0-1ubuntu2.6 libcurl3-nss - 7.68.0-1ubuntu2.6 libcurl4-nss-dev - 7.68.0-1ubuntu2.6 libcurl4 - 7.68.0-1ubuntu2.6 curl - 7.68.0-1ubuntu2.6 No subscription required Medium CVE-2021-22898 CVE-2021-22924 CVE-2021-22925 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.26 in Ubuntu 20.04 LTS and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.35. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-35.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-26.html https://www.oracle.com/security-alerts/cpujul2021.html Update Instructions: Run `sudo pro fix USN-5022-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.26-0ubuntu0.20.04.2 mysql-client-8.0 - 8.0.26-0ubuntu0.20.04.2 libmysqlclient-dev - 8.0.26-0ubuntu0.20.04.2 mysql-testsuite-8.0 - 8.0.26-0ubuntu0.20.04.2 mysql-router - 8.0.26-0ubuntu0.20.04.2 mysql-server - 8.0.26-0ubuntu0.20.04.2 libmysqlclient21 - 8.0.26-0ubuntu0.20.04.2 mysql-client-core-8.0 - 8.0.26-0ubuntu0.20.04.2 mysql-server-core-8.0 - 8.0.26-0ubuntu0.20.04.2 mysql-testsuite - 8.0.26-0ubuntu0.20.04.2 mysql-server-8.0 - 8.0.26-0ubuntu0.20.04.2 mysql-source-8.0 - 8.0.26-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-2339 CVE-2021-2340 CVE-2021-2342 CVE-2021-2352 CVE-2021-2354 CVE-2021-2356 CVE-2021-2357 CVE-2021-2367 CVE-2021-2370 CVE-2021-2372 CVE-2021-2374 CVE-2021-2383 CVE-2021-2384 CVE-2021-2385 CVE-2021-2387 CVE-2021-2389 CVE-2021-2390 CVE-2021-2399 CVE-2021-2402 CVE-2021-2410 CVE-2021-2417 CVE-2021-2418 CVE-2021-2422 CVE-2021-2424 CVE-2021-2425 CVE-2021-2426 CVE-2021-2427 CVE-2021-2429 CVE-2021-2437 CVE-2021-2440 CVE-2021-2441 Ubuntu 20.04 LTS USN-5022-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2021-2372 and CVE-2021-2389 in MariaDB 10.3 and 10.5. In addition to security fixes, the updated package contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://mariadb.com/kb/en/mariadb-10331-changelog/ https://mariadb.com/kb/en/mariadb-10512-changelog/ Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.26 in Ubuntu 20.04 LTS and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.35. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-35.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-26.html https://www.oracle.com/security-alerts/cpujul2021.html Update Instructions: Run `sudo pro fix USN-5022-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.31-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.31-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.31-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.31-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.31-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.31-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.31-0ubuntu0.20.04.1 mariadb-client - 1:10.3.31-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.31-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.31-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.31-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.31-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.31-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.31-0ubuntu0.20.04.1 mariadb-server - 1:10.3.31-0ubuntu0.20.04.1 mariadb-common - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.31-0ubuntu0.20.04.1 mariadb-test - 1:10.3.31-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-2372 CVE-2021-2389 Ubuntu 20.04 LTS It was discovered that Aspell incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash. Update Instructions: Run `sudo pro fix USN-5023-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libaspell15 - 0.60.8-1ubuntu0.1 aspell-doc - 0.60.8-1ubuntu0.1 aspell - 0.60.8-1ubuntu0.1 libpspell-dev - 0.60.8-1ubuntu0.1 libaspell-dev - 0.60.8-1ubuntu0.1 No subscription required Medium CVE-2019-25051 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5024-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.32.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.32.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.32.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.32.3-0ubuntu0.20.04.1 webkit2gtk-driver - 2.32.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.32.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.32.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.32.3-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.32.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.32.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-21775 CVE-2021-21779 CVE-2021-30663 CVE-2021-30665 CVE-2021-30689 CVE-2021-30720 CVE-2021-30734 CVE-2021-30744 CVE-2021-30749 CVE-2021-30758 CVE-2021-30795 CVE-2021-30797 CVE-2021-30799 Ubuntu 20.04 LTS It was discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5025-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsndfile1 - 1.0.28-7ubuntu0.1 libsndfile1-dev - 1.0.28-7ubuntu0.1 sndfile-programs - 1.0.28-7ubuntu0.1 No subscription required Medium CVE-2021-3246 Ubuntu 20.04 LTS It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-18020) It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-36978) Update Instructions: Run `sudo pro fix USN-5026-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libqpdf-dev - 9.1.1-1ubuntu0.1 qpdf - 9.1.1-1ubuntu0.1 libqpdf26 - 9.1.1-1ubuntu0.1 No subscription required Medium CVE-2018-18020 CVE-2021-36978 Ubuntu 20.04 LTS It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5027-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-pear - 1:1.10.9+submodules+notgz-1ubuntu0.20.04.3 No subscription required Medium CVE-2021-32610 Ubuntu 20.04 LTS It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5028-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exiv2 - 0.27.2-8ubuntu2.5 libexiv2-27 - 0.27.2-8ubuntu2.5 libexiv2-doc - 0.27.2-8ubuntu2.5 libexiv2-dev - 0.27.2-8ubuntu2.5 No subscription required None Ubuntu 20.04 LTS It was discovered that GnuTLS incorrectly handled sending certain extensions when being used as a client. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5029-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-doc - 3.6.13-2ubuntu1.6 libgnutls28-dev - 3.6.13-2ubuntu1.6 libgnutls-openssl27 - 3.6.13-2ubuntu1.6 libgnutls30 - 3.6.13-2ubuntu1.6 libgnutls-dane0 - 3.6.13-2ubuntu1.6 gnutls-bin - 3.6.13-2ubuntu1.6 guile-gnutls - 3.6.13-2ubuntu1.6 libgnutlsxx28 - 3.6.13-2ubuntu1.6 No subscription required Low CVE-2021-20231 CVE-2021-20232 Ubuntu 20.04 LTS It was discovered that the Perl DBI module incorrectly opened files outside of the folder specified in the data source name. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2014-10402) It was discovered that the Perl DBI module incorrectly handled certain long strings. A local attacker could possibly use this issue to cause the DBI module to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-14393) Update Instructions: Run `sudo pro fix USN-5030-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libdbi-perl - 1.643-1ubuntu0.1 No subscription required Medium CVE-2014-10402 CVE-2020-14393 Ubuntu 20.04 LTS Several vulnerabilities were fixed in Docker. This update provides a new upstream version that fixed them. Update Instructions: Run `sudo pro fix USN-5032-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-docker-docker-dev - 20.10.7-0ubuntu1~20.04.1 docker.io - 20.10.7-0ubuntu1~20.04.1 golang-docker-dev - 20.10.7-0ubuntu1~20.04.1 vim-syntax-docker - 20.10.7-0ubuntu1~20.04.1 docker-doc - 20.10.7-0ubuntu1~20.04.1 No subscription required None https://launchpad.net/bugs/1938908 Ubuntu 20.04 LTS Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly validated certain hostnames returned by DNS servers. A remote attacker could possibly use this issue to perform Domain Hijacking attacks. Update Instructions: Run `sudo pro fix USN-5034-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc-ares2 - 1.15.0-1ubuntu0.1 libc-ares-dev - 1.15.0-1ubuntu0.1 No subscription required Medium CVE-2021-3672 Ubuntu 20.04 LTS It was discovered that GPSd incorrectly handled certain leap second events which would result in the time jumping back 1024 weeks on 2021-10-31. Update Instructions: Run `sudo pro fix USN-5035-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgps26 - 3.20-8ubuntu0.4 libqgpsmm-dev - 3.20-8ubuntu0.4 libgps-dev - 3.20-8ubuntu0.4 gpsd - 3.20-8ubuntu0.4 python3-gps - 3.20-8ubuntu0.4 gpsd-clients - 3.20-8ubuntu0.4 libqgpsmm26 - 3.20-8ubuntu0.4 No subscription required None https://launchpad.net/bugs/1938730 Ubuntu 20.04 LTS It was discovered that Tor incorrectly handled certain memory operations. A remote attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 ESM. (CVE-2019-8955) It was discovered that Tor did not properly handle the input length to dump_desc() function. A remote attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-28089) It was discovered that Tor did not properly sanitize the relay nickname in dirvote_add_signatures_to_pending_consensus() function. An attacker could possibly use this issue to cause an assertion failure and then cause a denial of service. (CVE-2021-28090) It was discovered that Tor did not properly validate the layer hint on half-open streams. A remote attacker could possibly use this issue to bypass the access control, leading to remote code execution. This issue only affected Ubuntu 20.04 ESM. (CVE-2021-34548) It was discovered that Tor was using an insecure hash function. A remote attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-34549) It was discovered that Tor did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted request, a remote attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly reading sensitive data. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-34550) It was discovered that Tor mishandles the relationship between batch-signature verification and single-signature verification. An attacker could possibly use this issue to cause an assertion failure and then cause a denial of service. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-38385) Update Instructions: Run `sudo pro fix USN-5036-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tor - 0.4.2.7-1ubuntu0.1~esm1 tor-geoipdb - 0.4.2.7-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-8955 CVE-2021-28089 CVE-2021-28090 CVE-2021-34548 CVE-2021-34549 CVE-2021-34550 CVE-2021-38385 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5037-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 91.0+build2-0ubuntu0.20.04.1 firefox - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 91.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 91.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 91.0+build2-0ubuntu0.20.04.1 firefox-dev - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 91.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-29980 CVE-2021-29981 CVE-2021-29982 CVE-2021-29984 CVE-2021-29985 CVE-2021-29986 CVE-2021-29987 CVE-2021-29988 CVE-2021-29989 CVE-2021-29990 Ubuntu 20.04 LTS USN-5037-1 fixed vulnerabilities in Firefox. The update introduced a regression that caused Firefox to repeatedly prompt for a password. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5037-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 91.0.2+build1-0ubuntu0.20.04.1 firefox - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 91.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 91.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 91.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 91.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1941496 Ubuntu 20.04 LTS It was discovered that the PostgresQL planner could create incorrect plans in certain circumstances. A remote attacker could use this issue to cause PostgreSQL to crash, resulting in a denial of service, or possibly obtain sensitive information from memory. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. (CVE-2021-3677) It was discovered that PostgreSQL incorrectly handled certain SSL renegotiation ClientHello messages from clients. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. (CVE-2021-3449) Update Instructions: Run `sudo pro fix USN-5038-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.8-0ubuntu0.20.04.1 libecpg6 - 12.8-0ubuntu0.20.04.1 libpq-dev - 12.8-0ubuntu0.20.04.1 libpgtypes3 - 12.8-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.8-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.8-0ubuntu0.20.04.1 libecpg-dev - 12.8-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.8-0ubuntu0.20.04.1 libpq5 - 12.8-0ubuntu0.20.04.1 postgresql-doc-12 - 12.8-0ubuntu0.20.04.1 postgresql-12 - 12.8-0ubuntu0.20.04.1 postgresql-client-12 - 12.8-0ubuntu0.20.04.1 libecpg-compat3 - 12.8-0ubuntu0.20.04.1 No subscription required High CVE-2021-3449 CVE-2021-3677 Ubuntu 20.04 LTS It was discovered that HAProxy incorrectly handled the HTTP/2 protocol. A remote attacker could possibly use this issue to bypass restrictions. Update Instructions: Run `sudo pro fix USN-5042-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.13-2ubuntu0.2 haproxy-doc - 2.0.13-2ubuntu0.2 vim-haproxy - 2.0.13-2ubuntu0.2 No subscription required None https://launchpad.net/bugs/1940314 Ubuntu 20.04 LTS It was discovered that Exiv2 incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-32815, CVE-2021-34334, CVE-2021-37620, CVE-2021-37622) It was discovered that Exiv2 incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service. These issues only affected Ubuntu 20.04 LTS and Ubuntu 21.04. (CVE-2021-34335, CVE-2021-37615, CVE-2021-37616, CVE-2021-37618, CVE-2021-37619, CVE-2021-37621, CVE-2021-37623) Update Instructions: Run `sudo pro fix USN-5043-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exiv2 - 0.27.2-8ubuntu2.6 libexiv2-27 - 0.27.2-8ubuntu2.6 libexiv2-doc - 0.27.2-8ubuntu2.6 libexiv2-dev - 0.27.2-8ubuntu2.6 No subscription required Medium CVE-2021-32815 CVE-2021-34334 CVE-2021-34335 CVE-2021-37615 CVE-2021-37616 CVE-2021-37618 CVE-2021-37619 CVE-2021-37620 CVE-2021-37621 CVE-2021-37622 CVE-2021-37623 Ubuntu 20.04 LTS USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression that could cause a crash in applications using libexiv2. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Exiv2 incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-37620) Update Instructions: Run `sudo pro fix USN-5043-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exiv2 - 0.27.2-8ubuntu2.7 libexiv2-27 - 0.27.2-8ubuntu2.7 libexiv2-doc - 0.27.2-8ubuntu2.7 libexiv2-dev - 0.27.2-8ubuntu2.7 No subscription required Medium CVE-2021-37620 https://launchpad.net/bugs/1941752 Ubuntu 20.04 LTS Norbert Slusarek discovered that the CAN broadcast manger (bcm) protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-34693) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3564) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device detach events, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3573) It was discovered that the NFC implementation in the Linux kernel did not properly handle failed connect events leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2021-3587) Update Instructions: Run `sudo pro fix USN-5045-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-image-unsigned-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-tools-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-gkeop-source-5.4.0 - 5.4.0-1022.23 linux-headers-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-modules-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-image-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-buildinfo-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-cloud-tools-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-gkeop-tools-5.4.0-1022 - 5.4.0-1022.23 linux-gkeop-headers-5.4.0-1022 - 5.4.0-1022.23 linux-gkeop-cloud-tools-5.4.0-1022 - 5.4.0-1022.23 No subscription required linux-tools-5.4.0-1042-raspi - 5.4.0-1042.46 linux-raspi-tools-5.4.0-1042 - 5.4.0-1042.46 linux-modules-5.4.0-1042-raspi - 5.4.0-1042.46 linux-headers-5.4.0-1042-raspi - 5.4.0-1042.46 linux-raspi-headers-5.4.0-1042 - 5.4.0-1042.46 linux-image-5.4.0-1042-raspi - 5.4.0-1042.46 linux-buildinfo-5.4.0-1042-raspi - 5.4.0-1042.46 No subscription required linux-image-5.4.0-1045-kvm - 5.4.0-1045.47 linux-tools-5.4.0-1045-kvm - 5.4.0-1045.47 linux-buildinfo-5.4.0-1045-kvm - 5.4.0-1045.47 linux-kvm-tools-5.4.0-1045 - 5.4.0-1045.47 linux-image-unsigned-5.4.0-1045-kvm - 5.4.0-1045.47 linux-kvm-headers-5.4.0-1045 - 5.4.0-1045.47 linux-modules-5.4.0-1045-kvm - 5.4.0-1045.47 linux-headers-5.4.0-1045-kvm - 5.4.0-1045.47 No subscription required linux-image-unsigned-5.4.0-1051-gke - 5.4.0-1051.54 linux-gke-headers-5.4.0-1051 - 5.4.0-1051.54 linux-buildinfo-5.4.0-1051-gke - 5.4.0-1051.54 linux-modules-extra-5.4.0-1051-gke - 5.4.0-1051.54 linux-image-5.4.0-1051-gke - 5.4.0-1051.54 linux-tools-5.4.0-1051-gke - 5.4.0-1051.54 linux-gke-tools-5.4.0-1051 - 5.4.0-1051.54 linux-modules-5.4.0-1051-gke - 5.4.0-1051.54 linux-headers-5.4.0-1051-gke - 5.4.0-1051.54 No subscription required linux-image-5.4.0-1051-gcp - 5.4.0-1051.55 linux-image-unsigned-5.4.0-1051-gcp - 5.4.0-1051.55 linux-tools-5.4.0-1051-gcp - 5.4.0-1051.55 linux-gcp-headers-5.4.0-1051 - 5.4.0-1051.55 linux-headers-5.4.0-1051-gcp - 5.4.0-1051.55 linux-modules-extra-5.4.0-1051-gcp - 5.4.0-1051.55 linux-buildinfo-5.4.0-1051-gcp - 5.4.0-1051.55 linux-gcp-tools-5.4.0-1051 - 5.4.0-1051.55 linux-modules-5.4.0-1051-gcp - 5.4.0-1051.55 No subscription required linux-tools-5.4.0-1053-oracle - 5.4.0-1053.57 linux-modules-5.4.0-1053-oracle - 5.4.0-1053.57 linux-oracle-headers-5.4.0-1053 - 5.4.0-1053.57 linux-image-unsigned-5.4.0-1053-oracle - 5.4.0-1053.57 linux-oracle-tools-5.4.0-1053 - 5.4.0-1053.57 linux-headers-5.4.0-1053-oracle - 5.4.0-1053.57 linux-image-5.4.0-1053-oracle - 5.4.0-1053.57 linux-modules-extra-5.4.0-1053-oracle - 5.4.0-1053.57 linux-buildinfo-5.4.0-1053-oracle - 5.4.0-1053.57 No subscription required linux-image-5.4.0-1055-aws - 5.4.0-1055.58 linux-aws-tools-5.4.0-1055 - 5.4.0-1055.58 linux-cloud-tools-5.4.0-1055-aws - 5.4.0-1055.58 linux-headers-5.4.0-1055-aws - 5.4.0-1055.58 linux-aws-headers-5.4.0-1055 - 5.4.0-1055.58 linux-modules-extra-5.4.0-1055-aws - 5.4.0-1055.58 linux-aws-cloud-tools-5.4.0-1055 - 5.4.0-1055.58 linux-modules-5.4.0-1055-aws - 5.4.0-1055.58 linux-tools-5.4.0-1055-aws - 5.4.0-1055.58 linux-buildinfo-5.4.0-1055-aws - 5.4.0-1055.58 No subscription required linux-azure-cloud-tools-5.4.0-1056 - 5.4.0-1056.58 linux-azure-tools-5.4.0-1056 - 5.4.0-1056.58 linux-cloud-tools-5.4.0-1056-azure - 5.4.0-1056.58 linux-modules-extra-5.4.0-1056-azure - 5.4.0-1056.58 linux-headers-5.4.0-1056-azure - 5.4.0-1056.58 linux-modules-5.4.0-1056-azure - 5.4.0-1056.58 linux-image-5.4.0-1056-azure - 5.4.0-1056.58 linux-buildinfo-5.4.0-1056-azure - 5.4.0-1056.58 linux-image-unsigned-5.4.0-1056-azure - 5.4.0-1056.58 linux-azure-headers-5.4.0-1056 - 5.4.0-1056.58 linux-tools-5.4.0-1056-azure - 5.4.0-1056.58 No subscription required linux-modules-extra-5.4.0-81-generic - 5.4.0-81.91 linux-tools-5.4.0-81 - 5.4.0-81.91 linux-image-5.4.0-81-generic - 5.4.0-81.91 linux-tools-host - 5.4.0-81.91 linux-headers-5.4.0-81-lowlatency - 5.4.0-81.91 linux-headers-5.4.0-81 - 5.4.0-81.91 linux-doc - 5.4.0-81.91 linux-tools-5.4.0-81-lowlatency - 5.4.0-81.91 linux-libc-dev - 5.4.0-81.91 linux-source-5.4.0 - 5.4.0-81.91 linux-modules-5.4.0-81-generic-lpae - 5.4.0-81.91 linux-cloud-tools-5.4.0-81-generic - 5.4.0-81.91 linux-tools-5.4.0-81-generic-lpae - 5.4.0-81.91 linux-image-unsigned-5.4.0-81-generic - 5.4.0-81.91 linux-headers-5.4.0-81-generic - 5.4.0-81.91 linux-buildinfo-5.4.0-81-lowlatency - 5.4.0-81.91 linux-headers-5.4.0-81-generic-lpae - 5.4.0-81.91 linux-image-unsigned-5.4.0-81-lowlatency - 5.4.0-81.91 linux-cloud-tools-5.4.0-81-lowlatency - 5.4.0-81.91 linux-image-5.4.0-81-lowlatency - 5.4.0-81.91 linux-buildinfo-5.4.0-81-generic - 5.4.0-81.91 linux-cloud-tools-common - 5.4.0-81.91 linux-buildinfo-5.4.0-81-generic-lpae - 5.4.0-81.91 linux-tools-common - 5.4.0-81.91 linux-modules-5.4.0-81-generic - 5.4.0-81.91 linux-image-5.4.0-81-generic-lpae - 5.4.0-81.91 linux-tools-5.4.0-81-generic - 5.4.0-81.91 linux-cloud-tools-5.4.0-81 - 5.4.0-81.91 linux-modules-5.4.0-81-lowlatency - 5.4.0-81.91 No subscription required linux-headers-gkeop - 5.4.0.1022.25 linux-cloud-tools-gkeop-5.4 - 5.4.0.1022.25 linux-image-gkeop - 5.4.0.1022.25 linux-modules-extra-gkeop-5.4 - 5.4.0.1022.25 linux-gkeop-5.4 - 5.4.0.1022.25 linux-image-gkeop-5.4 - 5.4.0.1022.25 linux-gkeop - 5.4.0.1022.25 linux-cloud-tools-gkeop - 5.4.0.1022.25 linux-tools-gkeop-5.4 - 5.4.0.1022.25 linux-headers-gkeop-5.4 - 5.4.0.1022.25 linux-modules-extra-gkeop - 5.4.0.1022.25 linux-tools-gkeop - 5.4.0.1022.25 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1042.77 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1042.77 linux-raspi2 - 5.4.0.1042.77 linux-headers-raspi2 - 5.4.0.1042.77 linux-tools-raspi-hwe-18.04 - 5.4.0.1042.77 linux-image-raspi-hwe-18.04 - 5.4.0.1042.77 linux-image-raspi2-hwe-18.04 - 5.4.0.1042.77 linux-tools-raspi - 5.4.0.1042.77 linux-headers-raspi2-hwe-18.04 - 5.4.0.1042.77 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1042.77 linux-headers-raspi - 5.4.0.1042.77 linux-raspi-hwe-18.04 - 5.4.0.1042.77 linux-tools-raspi2-hwe-18.04 - 5.4.0.1042.77 linux-raspi2-hwe-18.04 - 5.4.0.1042.77 linux-image-raspi-hwe-18.04-edge - 5.4.0.1042.77 linux-image-raspi2 - 5.4.0.1042.77 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1042.77 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1042.77 linux-tools-raspi2 - 5.4.0.1042.77 linux-headers-raspi-hwe-18.04 - 5.4.0.1042.77 linux-raspi-hwe-18.04-edge - 5.4.0.1042.77 linux-raspi - 5.4.0.1042.77 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1042.77 linux-image-raspi - 5.4.0.1042.77 No subscription required linux-kvm - 5.4.0.1045.44 linux-headers-kvm - 5.4.0.1045.44 linux-image-kvm - 5.4.0.1045.44 linux-tools-kvm - 5.4.0.1045.44 No subscription required linux-modules-extra-gke - 5.4.0.1051.61 linux-headers-gke-5.4 - 5.4.0.1051.61 linux-modules-extra-gke-5.4 - 5.4.0.1051.61 linux-gcp-lts-20.04 - 5.4.0.1051.61 linux-gke-5.4 - 5.4.0.1051.61 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1051.61 linux-headers-gcp-lts-20.04 - 5.4.0.1051.61 linux-tools-gke - 5.4.0.1051.61 linux-image-gcp-lts-20.04 - 5.4.0.1051.61 linux-gke - 5.4.0.1051.61 linux-headers-gke - 5.4.0.1051.61 linux-image-gke - 5.4.0.1051.61 linux-tools-gcp-lts-20.04 - 5.4.0.1051.61 linux-image-gke-5.4 - 5.4.0.1051.61 linux-tools-gke-5.4 - 5.4.0.1051.61 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1053.53 linux-headers-oracle-lts-20.04 - 5.4.0.1053.53 linux-oracle-lts-20.04 - 5.4.0.1053.53 linux-image-oracle-lts-20.04 - 5.4.0.1053.53 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1055.58 linux-image-aws-lts-20.04 - 5.4.0.1055.58 linux-headers-aws-lts-20.04 - 5.4.0.1055.58 linux-tools-aws-lts-20.04 - 5.4.0.1055.58 linux-aws-lts-20.04 - 5.4.0.1055.58 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1056.54 linux-azure-lts-20.04 - 5.4.0.1056.54 linux-image-azure-lts-20.04 - 5.4.0.1056.54 linux-modules-extra-azure-lts-20.04 - 5.4.0.1056.54 linux-tools-azure-lts-20.04 - 5.4.0.1056.54 linux-headers-azure-lts-20.04 - 5.4.0.1056.54 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.81.85 linux-cloud-tools-virtual - 5.4.0.81.85 linux-image-generic-hwe-18.04 - 5.4.0.81.85 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.81.85 linux-headers-generic-lpae - 5.4.0.81.85 linux-image-virtual - 5.4.0.81.85 linux-oem-osp1-tools-host - 5.4.0.81.85 linux-image-generic - 5.4.0.81.85 linux-tools-lowlatency - 5.4.0.81.85 linux-image-oem - 5.4.0.81.85 linux-headers-lowlatency-hwe-18.04 - 5.4.0.81.85 linux-lowlatency-hwe-18.04-edge - 5.4.0.81.85 linux-image-generic-lpae-hwe-18.04 - 5.4.0.81.85 linux-crashdump - 5.4.0.81.85 linux-tools-lowlatency-hwe-18.04 - 5.4.0.81.85 linux-headers-generic-hwe-18.04 - 5.4.0.81.85 linux-headers-virtual-hwe-18.04-edge - 5.4.0.81.85 linux-source - 5.4.0.81.85 linux-lowlatency - 5.4.0.81.85 linux-tools-generic-lpae - 5.4.0.81.85 linux-cloud-tools-generic - 5.4.0.81.85 linux-oem - 5.4.0.81.85 linux-tools-virtual-hwe-18.04-edge - 5.4.0.81.85 linux-virtual - 5.4.0.81.85 linux-headers-virtual-hwe-18.04 - 5.4.0.81.85 linux-virtual-hwe-18.04 - 5.4.0.81.85 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.81.85 linux-tools-virtual - 5.4.0.81.85 linux-generic-lpae-hwe-18.04-edge - 5.4.0.81.85 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.81.85 linux-generic-lpae - 5.4.0.81.85 linux-headers-oem - 5.4.0.81.85 linux-image-extra-virtual-hwe-18.04 - 5.4.0.81.85 linux-generic - 5.4.0.81.85 linux-tools-oem-osp1 - 5.4.0.81.85 linux-image-virtual-hwe-18.04-edge - 5.4.0.81.85 linux-image-virtual-hwe-18.04 - 5.4.0.81.85 linux-oem-tools-host - 5.4.0.81.85 linux-headers-lowlatency - 5.4.0.81.85 linux-image-generic-hwe-18.04-edge - 5.4.0.81.85 linux-image-oem-osp1 - 5.4.0.81.85 linux-generic-hwe-18.04-edge - 5.4.0.81.85 linux-tools-generic-hwe-18.04 - 5.4.0.81.85 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.81.85 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.81.85 linux-tools-generic - 5.4.0.81.85 linux-image-extra-virtual - 5.4.0.81.85 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.81.85 linux-cloud-tools-lowlatency - 5.4.0.81.85 linux-tools-oem - 5.4.0.81.85 linux-headers-oem-osp1 - 5.4.0.81.85 linux-generic-lpae-hwe-18.04 - 5.4.0.81.85 linux-headers-generic-hwe-18.04-edge - 5.4.0.81.85 linux-headers-generic - 5.4.0.81.85 linux-oem-osp1 - 5.4.0.81.85 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.81.85 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.81.85 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.81.85 linux-image-lowlatency-hwe-18.04 - 5.4.0.81.85 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.81.85 linux-virtual-hwe-18.04-edge - 5.4.0.81.85 linux-headers-virtual - 5.4.0.81.85 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.81.85 linux-tools-virtual-hwe-18.04 - 5.4.0.81.85 linux-lowlatency-hwe-18.04 - 5.4.0.81.85 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.81.85 linux-generic-hwe-18.04 - 5.4.0.81.85 linux-image-generic-lpae - 5.4.0.81.85 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.81.85 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.81.85 linux-tools-generic-hwe-18.04-edge - 5.4.0.81.85 linux-image-lowlatency - 5.4.0.81.85 No subscription required Medium CVE-2021-34693 CVE-2021-3564 CVE-2021-3573 Ubuntu 20.04 LTS It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129) Michael Brown discovered that the Xen netback driver in the Linux kernel did not properly handle malformed packets from a network PV frontend, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-28691) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3564) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device detach events, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3573) It was discovered that the NFC implementation in the Linux kernel did not properly handle failed connect events leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2021-3587) Update Instructions: Run `sudo pro fix USN-5046-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.11.0-27-generic-lpae - 5.11.0-27.29~20.04.1 linux-modules-5.11.0-27-generic-lpae - 5.11.0-27.29~20.04.1 linux-image-unsigned-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-buildinfo-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-cloud-tools-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-image-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-headers-5.11.0-27-generic-lpae - 5.11.0-27.29~20.04.1 linux-tools-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-headers-5.11.0-27-generic-64k - 5.11.0-27.29~20.04.1 linux-buildinfo-5.11.0-27-generic-64k - 5.11.0-27.29~20.04.1 linux-image-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-modules-extra-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-hwe-5.11-tools-common - 5.11.0-27.29~20.04.1 linux-cloud-tools-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-image-unsigned-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-headers-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-modules-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-modules-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-buildinfo-5.11.0-27-generic-lpae - 5.11.0-27.29~20.04.1 linux-hwe-5.11-tools-host - 5.11.0-27.29~20.04.1 linux-hwe-5.11-headers-5.11.0-27 - 5.11.0-27.29~20.04.1 linux-hwe-5.11-tools-5.11.0-27 - 5.11.0-27.29~20.04.1 linux-modules-5.11.0-27-generic-64k - 5.11.0-27.29~20.04.1 linux-hwe-5.11-cloud-tools-common - 5.11.0-27.29~20.04.1 linux-image-5.11.0-27-generic-64k - 5.11.0-27.29~20.04.1 linux-headers-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-tools-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-tools-5.11.0-27-generic-64k - 5.11.0-27.29~20.04.1 linux-buildinfo-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-image-unsigned-5.11.0-27-generic-64k - 5.11.0-27.29~20.04.1 linux-hwe-5.11-source-5.11.0 - 5.11.0-27.29~20.04.1 linux-image-5.11.0-27-generic-lpae - 5.11.0-27.29~20.04.1 linux-hwe-5.11-cloud-tools-5.11.0-27 - 5.11.0-27.29~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-virtual-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-headers-generic-lpae-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-headers-lowlatency-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-generic-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-cloud-tools-generic-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-generic-64k-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-headers-generic-64k-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-generic-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-headers-generic-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-image-virtual-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-virtual-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-generic-lpae-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-generic-lpae-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-tools-virtual-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-generic-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-virtual-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-headers-virtual-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-tools-generic-64k-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-lowlatency-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-tools-generic-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-lowlatency-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-tools-lowlatency-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-headers-generic-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-tools-lowlatency-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-generic-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-image-extra-virtual-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-generic-64k-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-generic-64k-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-cloud-tools-virtual-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-tools-generic-64k-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-tools-generic-lpae-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-image-generic-lpae-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-headers-lowlatency-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-generic-64k-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-tools-generic-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-image-extra-virtual-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-headers-virtual-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-lowlatency-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-generic-lpae-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-tools-virtual-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-lowlatency-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-headers-generic-64k-hwe-20.04-edge - 5.11.0.27.29~20.04.11 No subscription required Medium CVE-2020-26558 CVE-2021-0129 CVE-2021-28691 CVE-2021-3564 CVE-2021-3573 Ubuntu 20.04 LTS It was discovered that Firefox could be made to incorrectly accept newlines in HTTP/3 response headers. If a user were tricked into opening a specially crafted website, an attacker could exploit this to conduct header splitting attacks. Update Instructions: Run `sudo pro fix USN-5047-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 91.0.1+build1-0ubuntu0.20.04.1 firefox - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 91.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 91.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 91.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 91.0.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-29991 Ubuntu 20.04 LTS It was discovered that Inetutils telnet server allows remote attackers to execute arbitrary code via short writes or urgent data. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5048-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: inetutils-tools - 2:1.9.4-11ubuntu0.1 inetutils-ftpd - 2:1.9.4-11ubuntu0.1 inetutils-talkd - 2:1.9.4-11ubuntu0.1 inetutils-traceroute - 2:1.9.4-11ubuntu0.1 inetutils-talk - 2:1.9.4-11ubuntu0.1 inetutils-telnetd - 2:1.9.4-11ubuntu0.1 inetutils-inetd - 2:1.9.4-11ubuntu0.1 inetutils-ping - 2:1.9.4-11ubuntu0.1 inetutils-syslogd - 2:1.9.4-11ubuntu0.1 inetutils-ftp - 2:1.9.4-11ubuntu0.1 inetutils-telnet - 2:1.9.4-11ubuntu0.1 No subscription required Medium CVE-2020-10188 Ubuntu 20.04 LTS It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129) Michael Brown discovered that the Xen netback driver in the Linux kernel did not properly handle malformed packets from a network PV frontend, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-28691) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3564) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device detach events, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3573) It was discovered that the NFC implementation in the Linux kernel did not properly handle failed connect events leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2021-38208) Update Instructions: Run `sudo pro fix USN-5050-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oracle-5.8-headers-5.8.0-1038 - 5.8.0-1038.39~20.04.1 linux-oracle-5.8-tools-5.8.0-1038 - 5.8.0-1038.39~20.04.1 linux-image-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 linux-modules-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 linux-buildinfo-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 linux-tools-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 linux-image-unsigned-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 linux-headers-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 linux-modules-extra-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 No subscription required linux-gcp-5.8-tools-5.8.0-1039 - 5.8.0-1039.41 linux-image-5.8.0-1039-gcp - 5.8.0-1039.41 linux-headers-5.8.0-1039-gcp - 5.8.0-1039.41 linux-gcp-5.8-headers-5.8.0-1039 - 5.8.0-1039.41 linux-buildinfo-5.8.0-1039-gcp - 5.8.0-1039.41 linux-modules-extra-5.8.0-1039-gcp - 5.8.0-1039.41 linux-tools-5.8.0-1039-gcp - 5.8.0-1039.41 linux-modules-5.8.0-1039-gcp - 5.8.0-1039.41 linux-image-unsigned-5.8.0-1039-gcp - 5.8.0-1039.41 No subscription required linux-buildinfo-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-modules-extra-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-image-unsigned-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-azure-5.8-tools-5.8.0-1040 - 5.8.0-1040.43~20.04.1 linux-azure-5.8-headers-5.8.0-1040 - 5.8.0-1040.43~20.04.1 linux-cloud-tools-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-tools-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-headers-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-azure-5.8-cloud-tools-5.8.0-1040 - 5.8.0-1040.43~20.04.1 linux-modules-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-image-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 No subscription required linux-tools-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-headers-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-modules-extra-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-aws-5.8-cloud-tools-5.8.0-1042 - 5.8.0-1042.44~20.04.1 linux-buildinfo-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-cloud-tools-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-aws-5.8-tools-5.8.0-1042 - 5.8.0-1042.44~20.04.1 linux-image-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-modules-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-aws-5.8-headers-5.8.0-1042 - 5.8.0-1042.44~20.04.1 No subscription required linux-headers-oracle - 5.8.0.1038.39~20.04.14 linux-image-oracle - 5.8.0.1038.39~20.04.14 linux-tools-oracle - 5.8.0.1038.39~20.04.14 linux-oracle - 5.8.0.1038.39~20.04.14 No subscription required linux-tools-gcp - 5.8.0.1039.14 linux-gcp - 5.8.0.1039.14 linux-headers-gcp - 5.8.0.1039.14 linux-image-gcp - 5.8.0.1039.14 linux-modules-extra-gcp - 5.8.0.1039.14 No subscription required linux-azure - 5.8.0.1040.43~20.04.12 linux-image-azure - 5.8.0.1040.43~20.04.12 linux-cloud-tools-azure - 5.8.0.1040.43~20.04.12 linux-tools-azure - 5.8.0.1040.43~20.04.12 linux-modules-extra-azure - 5.8.0.1040.43~20.04.12 linux-headers-azure - 5.8.0.1040.43~20.04.12 No subscription required linux-modules-extra-aws - 5.8.0.1042.44~20.04.14 linux-tools-aws - 5.8.0.1042.44~20.04.14 linux-aws - 5.8.0.1042.44~20.04.14 linux-headers-aws - 5.8.0.1042.44~20.04.14 linux-image-aws - 5.8.0.1042.44~20.04.14 No subscription required Medium CVE-2020-26558 CVE-2021-0129 CVE-2021-28691 CVE-2021-3564 CVE-2021-3573 CVE-2021-38208 Ubuntu 20.04 LTS John Ouyang discovered that OpenSSL incorrectly handled decrypting SM2 data. A remote attacker could use this issue to cause applications using OpenSSL to crash, resulting in a denial of service, or possibly change application behaviour. (CVE-2021-3711) Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2021-3712) Update Instructions: Run `sudo pro fix USN-5051-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.8 libssl-dev - 1.1.1f-1ubuntu2.8 openssl - 1.1.1f-1ubuntu2.8 libssl-doc - 1.1.1f-1ubuntu2.8 No subscription required High CVE-2021-3711 CVE-2021-3712 Ubuntu 20.04 LTS MongoDB would fail to properly invalidate existing sessions for deleted users. This could allow a remote authenticated attacker to gain elevated privileges if their user account was recreated with elevated privileges. Update Instructions: Run `sudo pro fix USN-5052-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mongodb-server - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2 mongodb - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2 mongodb-clients - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2 mongodb-server-core - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2 No subscription required Low CVE-2019-2386 Ubuntu 20.04 LTS It was discovered that libssh incorrectly handled rekeying. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5053-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh-gcrypt-dev - 0.9.3-2ubuntu2.2 libssh-doc - 0.9.3-2ubuntu2.2 libssh-gcrypt-4 - 0.9.3-2ubuntu2.2 libssh-dev - 0.9.3-2ubuntu2.2 libssh-4 - 0.9.3-2ubuntu2.2 No subscription required Medium CVE-2021-3634 Ubuntu 20.04 LTS Michael Catanzaro discovered that grilo incorrectly handled certain TLS certificate verification. An attacker could possibly use this issue to MITM attacks. Update Instructions: Run `sudo pro fix USN-5055-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-grilo-0.3 - 0.3.12-1ubuntu0.1 libgrilo-0.3-bin - 0.3.12-1ubuntu0.1 libgrilo-0.3-0 - 0.3.12-1ubuntu0.1 libgrilo-0.3-dev - 0.3.12-1ubuntu0.1 libgrilo-0.3-doc - 0.3.12-1ubuntu0.1 No subscription required Medium CVE-2021-39365 Ubuntu 20.04 LTS Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Update Instructions: Run `sudo pro fix USN-5057-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squashfs-tools - 1:4.4-1ubuntu0.1 No subscription required Medium CVE-2021-40153 Ubuntu 20.04 LTS It was discovered that Thunderbird didn't ignore IMAP server responses prior to completion of the STARTTLS handshake. A person-in-the-middle could potentially exploit this to trick Thunderbird into showing incorrect information. (CVE-2021-29969) Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. (CVE-2021-29970, CVE-2021-29976, CVE-2021-29980, CVE-2021-29984, CVE-2021-29985, CVE-2021-29986, CVE-2021-29988, CVE-2021-29989, CVE-2021-30547) Update Instructions: Run `sudo pro fix USN-5058-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-br - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bn - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-be - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bg - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ja - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sl - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sk - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-si - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-gnome-support - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sv - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sr - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sq - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hsb - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cy - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cs - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ca - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt-br - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pa - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ka - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ko - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-kk - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-kab - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pl - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-tw - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nn-no - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nb-no - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bn-bd - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-lt - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en-gb - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-uz - 1:78.13.0+build1-0ubuntu0.20.04.2 xul-ext-calendar-timezones - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-de - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-da - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-uk - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-dev - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-el - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en-us - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-rm - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ms - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ro - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-eu - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-et - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-hant - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-hans - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ru - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-es - 1:78.13.0+build1-0ubuntu0.20.04.2 xul-ext-gdata-provider - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fr - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-es-es - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ta-lk - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fy - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fa - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fi - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ast - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nl - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nn - 1:78.13.0+build1-0ubuntu0.20.04.2 xul-ext-lightning - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ga-ie - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fy-nl - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nb - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-cn - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-gl - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ga - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-tr - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-gd - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-th - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ta - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-dsb - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-it - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hy - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sv-se - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hr - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hu - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pa-in - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-he - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ar - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-af - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt-pt - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cak - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-is - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-vi - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-mozsymbols - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-mk - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-id - 1:78.13.0+build1-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-29969 CVE-2021-29970 CVE-2021-29976 CVE-2021-29980 CVE-2021-29984 CVE-2021-29985 CVE-2021-29986 CVE-2021-29988 CVE-2021-29989 CVE-2021-30547 Ubuntu 20.04 LTS It was discovered that NTFS-3G incorrectly handled certain image file. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5060-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ntfs-3g - 1:2017.3.23AR.3-3ubuntu1.1 libntfs-3g883 - 1:2017.3.23AR.3-3ubuntu1.1 ntfs-3g-dev - 1:2017.3.23AR.3-3ubuntu1.1 No subscription required None https://launchpad.net/bugs/1942235 Ubuntu 20.04 LTS Ori Hollander discovered that HAProxy incorrectly handled HTTP header name length encoding. A remote attacker could possibly use this issue to inject a duplicate content-length header and perform request smuggling attacks. Update Instructions: Run `sudo pro fix USN-5063-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.13-2ubuntu0.3 haproxy-doc - 2.0.13-2ubuntu0.3 vim-haproxy - 2.0.13-2ubuntu0.3 No subscription required Medium CVE-2021-40346 Ubuntu 20.04 LTS Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5064-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cpio - 2.13+dfsg-2ubuntu0.3 cpio-win32 - 2.13+dfsg-2ubuntu0.3 No subscription required Medium CVE-2021-38185 Ubuntu 20.04 LTS It was discovered that Open vSwitch incorrectly handled decoding RAW_ENCAP actions. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5065-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-doc - 2.13.3-0ubuntu0.20.04.2 openvswitch-switch - 2.13.3-0ubuntu0.20.04.2 openvswitch-pki - 2.13.3-0ubuntu0.20.04.2 openvswitch-common - 2.13.3-0ubuntu0.20.04.2 openvswitch-testcontroller - 2.13.3-0ubuntu0.20.04.2 openvswitch-vtep - 2.13.3-0ubuntu0.20.04.2 openvswitch-source - 2.13.3-0ubuntu0.20.04.2 python3-openvswitch - 2.13.3-0ubuntu0.20.04.2 openvswitch-switch-dpdk - 2.13.3-0ubuntu0.20.04.2 openvswitch-test - 2.13.3-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-36980 Ubuntu 20.04 LTS Brian Wolff discovered that PySAML2 incorrectly validated cryptographic signatures. A remote attacker could possibly use this issue to alter SAML documents. Update Instructions: Run `sudo pro fix USN-5066-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pysaml2-doc - 4.9.0-0ubuntu3.1 python3-pysaml2 - 4.9.0-0ubuntu3.1 No subscription required Medium CVE-2021-21239 Ubuntu 20.04 LTS Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-10852) It was discovered that SSSD incorrectly handled Group Policy Objects. When SSSD is configured with too strict permissions causing the GPO to not be readable, SSSD will allow all authenticated users to login instead of being denied, contrary to expectations. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-16838) It was discovered that SSSD incorrectly handled users with no home directory set. When no home directory was set, SSSD would return the root directory instead of an empty string, possibly bypassing security measures. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-3811) Cedric Buissart discovered that SSSD incorrectly handled the sssctl command. In certain environments, a local user could use this issue to execute arbitrary commands and possibly escalate privileges. (CVE-2021-3621) Update Instructions: Run `sudo pro fix USN-5067-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsss-certmap-dev - 2.2.3-3ubuntu0.7 libipa-hbac-dev - 2.2.3-3ubuntu0.7 sssd-ad - 2.2.3-3ubuntu0.7 libsss-sudo - 2.2.3-3ubuntu0.7 libsss-nss-idmap0 - 2.2.3-3ubuntu0.7 libnss-sss - 2.2.3-3ubuntu0.7 sssd-ipa - 2.2.3-3ubuntu0.7 libsss-simpleifp0 - 2.2.3-3ubuntu0.7 libsss-idmap-dev - 2.2.3-3ubuntu0.7 python3-libsss-nss-idmap - 2.2.3-3ubuntu0.7 libsss-certmap0 - 2.2.3-3ubuntu0.7 python3-sss - 2.2.3-3ubuntu0.7 libpam-sss - 2.2.3-3ubuntu0.7 sssd - 2.2.3-3ubuntu0.7 libsss-idmap0 - 2.2.3-3ubuntu0.7 sssd-ldap - 2.2.3-3ubuntu0.7 libsss-nss-idmap-dev - 2.2.3-3ubuntu0.7 libsss-simpleifp-dev - 2.2.3-3ubuntu0.7 sssd-kcm - 2.2.3-3ubuntu0.7 libwbclient-sssd - 2.2.3-3ubuntu0.7 libwbclient-sssd-dev - 2.2.3-3ubuntu0.7 sssd-common - 2.2.3-3ubuntu0.7 python3-libipa-hbac - 2.2.3-3ubuntu0.7 libipa-hbac0 - 2.2.3-3ubuntu0.7 sssd-tools - 2.2.3-3ubuntu0.7 sssd-ad-common - 2.2.3-3ubuntu0.7 sssd-krb5-common - 2.2.3-3ubuntu0.7 sssd-dbus - 2.2.3-3ubuntu0.7 sssd-krb5 - 2.2.3-3ubuntu0.7 sssd-proxy - 2.2.3-3ubuntu0.7 No subscription required Medium CVE-2018-10852 CVE-2018-16838 CVE-2019-3811 CVE-2021-3621 Ubuntu 20.04 LTS It was discovered that GD Graphics Library incorrectly handled certain GD and GD2 files. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 ESM, and Ubuntu 14.04 ESM. (CVE-2017-6363) It was discovered that GD Graphics Library incorrectly handled certain TGA files. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2021-381) It was discovered that GD Graphics Library incorrectly handled certain files. An attacker could possibly use this issue to cause a crash. (CVE-2021-40145) Update Instructions: Run `sudo pro fix USN-5068-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgd3 - 2.2.5-5.2ubuntu2.1 libgd-tools - 2.2.5-5.2ubuntu2.1 libgd-dev - 2.2.5-5.2ubuntu2.1 No subscription required Medium CVE-2017-6363 CVE-2021-38115 CVE-2021-40145 Ubuntu 20.04 LTS It was discovered that mod-auth-mellon incorrectly filtered certain URLs. A remote attacker could possibly use this issue to perform an open redirect attack. Update Instructions: Run `sudo pro fix USN-5069-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-auth-mellon - 0.16.0-1ubuntu0.1 No subscription required Medium CVE-2021-3639 Ubuntu 20.04 LTS Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. (CVE-2021-3656) Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. (CVE-2021-3653) It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-26541) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. (CVE-2021-22543) Norbert Slusarek discovered that the CAN broadcast manger (bcm) protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-34693) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly compute the access permissions for shadow pages in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-38198) It was discovered that the perf subsystem in the Linux kernel for the PowerPC architecture contained a null pointer dereference in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-38200) Ben Greear discovered that the mac80211 subsystem in the Linux kernel contained a null pointer dereference in some situations. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38206) It was discovered that the Xilinx LL TEMAC device driver in the Linux kernel did not properly calculate the number of buffers to be used in certain situations. A remote attacker could use this to cause a denial of service (system crash). (CVE-2021-38207) Update Instructions: Run `sudo pro fix USN-5070-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-headers-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-azure-5.11-tools-5.11.0-1015 - 5.11.0-1015.16~20.04.1 linux-azure-5.11-headers-5.11.0-1015 - 5.11.0-1015.16~20.04.1 linux-buildinfo-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1015 - 5.11.0-1015.16~20.04.1 linux-modules-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-cloud-tools-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-image-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-image-unsigned-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-tools-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 No subscription required linux-modules-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-tools-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-image-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 linux-tools-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 linux-modules-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 linux-cloud-tools-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 linux-image-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-headers-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 linux-aws-5.11-headers-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-aws-5.11-tools-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-buildinfo-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-oracle-5.11-tools-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-modules-extra-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-image-unsigned-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-oracle-5.11-headers-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-modules-extra-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 linux-headers-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-buildinfo-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 No subscription required linux-hwe-5.11-headers-5.11.0-34 - 5.11.0-34.36~20.04.1 linux-hwe-5.11-tools-5.11.0-34 - 5.11.0-34.36~20.04.1 linux-image-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-headers-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 linux-image-unsigned-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-buildinfo-5.11.0-34-generic-lpae - 5.11.0-34.36~20.04.1 linux-buildinfo-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 linux-modules-extra-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-buildinfo-5.11.0-34-generic-64k - 5.11.0-34.36~20.04.1 linux-image-5.11.0-34-generic-lpae - 5.11.0-34.36~20.04.1 linux-hwe-5.11-source-5.11.0 - 5.11.0-34.36~20.04.1 linux-image-unsigned-5.11.0-34-generic-64k - 5.11.0-34.36~20.04.1 linux-image-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 linux-cloud-tools-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 linux-image-5.11.0-34-generic-64k - 5.11.0-34.36~20.04.1 linux-buildinfo-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-modules-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-cloud-tools-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-headers-5.11.0-34-generic-lpae - 5.11.0-34.36~20.04.1 linux-hwe-5.11-tools-host - 5.11.0-34.36~20.04.1 linux-headers-5.11.0-34-generic-64k - 5.11.0-34.36~20.04.1 linux-hwe-5.11-cloud-tools-common - 5.11.0-34.36~20.04.1 linux-headers-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-modules-5.11.0-34-generic-64k - 5.11.0-34.36~20.04.1 linux-modules-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 linux-tools-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-tools-5.11.0-34-generic-64k - 5.11.0-34.36~20.04.1 linux-hwe-5.11-tools-common - 5.11.0-34.36~20.04.1 linux-hwe-5.11-cloud-tools-5.11.0-34 - 5.11.0-34.36~20.04.1 linux-tools-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 linux-modules-5.11.0-34-generic-lpae - 5.11.0-34.36~20.04.1 linux-tools-5.11.0-34-generic-lpae - 5.11.0-34.36~20.04.1 linux-image-unsigned-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 No subscription required linux-tools-azure-edge - 5.11.0.1015.16~20.04.14 linux-image-azure-edge - 5.11.0.1015.16~20.04.14 linux-cloud-tools-azure-edge - 5.11.0.1015.16~20.04.14 linux-headers-azure-edge - 5.11.0.1015.16~20.04.14 linux-azure-edge - 5.11.0.1015.16~20.04.14 linux-modules-extra-azure-edge - 5.11.0.1015.16~20.04.14 No subscription required linux-headers-oracle - 5.11.0.1017.18~20.04.10 linux-tools-oracle - 5.11.0.1017.18~20.04.10 linux-tools-oracle-edge - 5.11.0.1017.18~20.04.10 linux-image-oracle-edge - 5.11.0.1017.18~20.04.10 linux-oracle-edge - 5.11.0.1017.18~20.04.10 linux-headers-oracle-edge - 5.11.0.1017.18~20.04.10 linux-image-oracle - 5.11.0.1017.18~20.04.10 linux-oracle - 5.11.0.1017.18~20.04.10 No subscription required linux-headers-aws - 5.11.0.1017.18~20.04.16 linux-image-aws - 5.11.0.1017.18~20.04.16 linux-modules-extra-aws-edge - 5.11.0.1017.18~20.04.16 linux-image-aws-edge - 5.11.0.1017.18~20.04.16 linux-aws-edge - 5.11.0.1017.18~20.04.16 linux-aws - 5.11.0.1017.18~20.04.16 linux-tools-aws - 5.11.0.1017.18~20.04.16 linux-headers-aws-edge - 5.11.0.1017.18~20.04.16 linux-modules-extra-aws - 5.11.0.1017.18~20.04.16 linux-tools-aws-edge - 5.11.0.1017.18~20.04.16 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-virtual-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-headers-virtual-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-cloud-tools-virtual-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-lowlatency-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-headers-generic-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-lowlatency-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-generic-64k-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-generic-lpae-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-headers-lowlatency-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-headers-generic-lpae-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-extra-virtual-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-image-lowlatency-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-lowlatency-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-cloud-tools-generic-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-lowlatency-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-virtual-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-headers-lowlatency-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-headers-generic-64k-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-generic-64k-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-generic-lpae-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-image-virtual-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-extra-virtual-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-generic-lpae-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-tools-generic-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-generic-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-image-generic-64k-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-generic-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-generic-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-generic-lpae-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-tools-generic-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-headers-generic-64k-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-headers-generic-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-generic-lpae-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-virtual-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-generic-64k-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-lowlatency-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-virtual-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-generic-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-generic-64k-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-image-generic-64k-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-virtual-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-headers-virtual-hwe-20.04 - 5.11.0.34.36~20.04.13 No subscription required High CVE-2020-26541 CVE-2021-22543 CVE-2021-34693 CVE-2021-3612 CVE-2021-3653 CVE-2021-3656 CVE-2021-38198 CVE-2021-38200 CVE-2021-38206 CVE-2021-38207 Ubuntu 20.04 LTS Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. (CVE-2021-3656) Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. (CVE-2021-3653) It was discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not ensure enough processing time was given to perform cleanups of large SEV VMs. A local attacker could use this to cause a denial of service (soft lockup). (CVE-2020-36311) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. (CVE-2021-22543) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) Update Instructions: Run `sudo pro fix USN-5071-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-modules-extra-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-buildinfo-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-gkeop-headers-5.4.0-1023 - 5.4.0-1023.24 linux-gkeop-source-5.4.0 - 5.4.0-1023.24 linux-headers-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-image-unsigned-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-cloud-tools-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-tools-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-gkeop-tools-5.4.0-1023 - 5.4.0-1023.24 linux-modules-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-gkeop-cloud-tools-5.4.0-1023 - 5.4.0-1023.24 No subscription required linux-tools-5.4.0-1046-kvm - 5.4.0-1046.48 linux-headers-5.4.0-1046-kvm - 5.4.0-1046.48 linux-image-5.4.0-1046-kvm - 5.4.0-1046.48 linux-modules-5.4.0-1046-kvm - 5.4.0-1046.48 linux-image-unsigned-5.4.0-1046-kvm - 5.4.0-1046.48 linux-kvm-tools-5.4.0-1046 - 5.4.0-1046.48 linux-kvm-headers-5.4.0-1046 - 5.4.0-1046.48 linux-buildinfo-5.4.0-1046-kvm - 5.4.0-1046.48 No subscription required linux-image-5.4.0-1052-gke - 5.4.0-1052.55 linux-buildinfo-5.4.0-1052-gke - 5.4.0-1052.55 linux-gke-headers-5.4.0-1052 - 5.4.0-1052.55 linux-modules-5.4.0-1052-gke - 5.4.0-1052.55 linux-modules-extra-5.4.0-1052-gke - 5.4.0-1052.55 linux-image-unsigned-5.4.0-1052-gke - 5.4.0-1052.55 linux-tools-5.4.0-1052-gke - 5.4.0-1052.55 linux-gke-tools-5.4.0-1052 - 5.4.0-1052.55 linux-headers-5.4.0-1052-gke - 5.4.0-1052.55 No subscription required linux-image-5.4.0-1052-gcp - 5.4.0-1052.56 linux-gcp-headers-5.4.0-1052 - 5.4.0-1052.56 linux-modules-extra-5.4.0-1052-gcp - 5.4.0-1052.56 linux-modules-5.4.0-1052-gcp - 5.4.0-1052.56 linux-headers-5.4.0-1052-gcp - 5.4.0-1052.56 linux-gcp-tools-5.4.0-1052 - 5.4.0-1052.56 linux-buildinfo-5.4.0-1052-gcp - 5.4.0-1052.56 linux-image-unsigned-5.4.0-1052-gcp - 5.4.0-1052.56 linux-tools-5.4.0-1052-gcp - 5.4.0-1052.56 No subscription required linux-headers-5.4.0-1054-oracle - 5.4.0-1054.58 linux-modules-extra-5.4.0-1054-oracle - 5.4.0-1054.58 linux-modules-5.4.0-1054-oracle - 5.4.0-1054.58 linux-buildinfo-5.4.0-1054-oracle - 5.4.0-1054.58 linux-oracle-headers-5.4.0-1054 - 5.4.0-1054.58 linux-image-5.4.0-1054-oracle - 5.4.0-1054.58 linux-tools-5.4.0-1054-oracle - 5.4.0-1054.58 linux-oracle-tools-5.4.0-1054 - 5.4.0-1054.58 linux-image-unsigned-5.4.0-1054-oracle - 5.4.0-1054.58 No subscription required linux-modules-extra-5.4.0-1056-aws - 5.4.0-1056.59 linux-buildinfo-5.4.0-1056-aws - 5.4.0-1056.59 linux-aws-tools-5.4.0-1056 - 5.4.0-1056.59 linux-aws-headers-5.4.0-1056 - 5.4.0-1056.59 linux-tools-5.4.0-1056-aws - 5.4.0-1056.59 linux-headers-5.4.0-1056-aws - 5.4.0-1056.59 linux-aws-cloud-tools-5.4.0-1056 - 5.4.0-1056.59 linux-image-5.4.0-1056-aws - 5.4.0-1056.59 linux-modules-5.4.0-1056-aws - 5.4.0-1056.59 linux-cloud-tools-5.4.0-1056-aws - 5.4.0-1056.59 No subscription required linux-azure-cloud-tools-5.4.0-1058 - 5.4.0-1058.60 linux-modules-extra-5.4.0-1058-azure - 5.4.0-1058.60 linux-azure-tools-5.4.0-1058 - 5.4.0-1058.60 linux-image-5.4.0-1058-azure - 5.4.0-1058.60 linux-buildinfo-5.4.0-1058-azure - 5.4.0-1058.60 linux-tools-5.4.0-1058-azure - 5.4.0-1058.60 linux-cloud-tools-5.4.0-1058-azure - 5.4.0-1058.60 linux-azure-headers-5.4.0-1058 - 5.4.0-1058.60 linux-modules-5.4.0-1058-azure - 5.4.0-1058.60 linux-headers-5.4.0-1058-azure - 5.4.0-1058.60 linux-image-unsigned-5.4.0-1058-azure - 5.4.0-1058.60 No subscription required linux-modules-5.4.0-84-generic-lpae - 5.4.0-84.94 linux-image-5.4.0-84-generic-lpae - 5.4.0-84.94 linux-tools-common - 5.4.0-84.94 linux-tools-5.4.0-84 - 5.4.0-84.94 linux-tools-host - 5.4.0-84.94 linux-doc - 5.4.0-84.94 linux-headers-5.4.0-84 - 5.4.0-84.94 linux-cloud-tools-5.4.0-84-lowlatency - 5.4.0-84.94 linux-image-5.4.0-84-generic - 5.4.0-84.94 linux-image-unsigned-5.4.0-84-lowlatency - 5.4.0-84.94 linux-cloud-tools-5.4.0-84-generic - 5.4.0-84.94 linux-tools-5.4.0-84-generic - 5.4.0-84.94 linux-libc-dev - 5.4.0-84.94 linux-source-5.4.0 - 5.4.0-84.94 linux-buildinfo-5.4.0-84-generic - 5.4.0-84.94 linux-tools-5.4.0-84-generic-lpae - 5.4.0-84.94 linux-modules-extra-5.4.0-84-generic - 5.4.0-84.94 linux-buildinfo-5.4.0-84-lowlatency - 5.4.0-84.94 linux-headers-5.4.0-84-generic - 5.4.0-84.94 linux-image-5.4.0-84-lowlatency - 5.4.0-84.94 linux-image-unsigned-5.4.0-84-generic - 5.4.0-84.94 linux-cloud-tools-common - 5.4.0-84.94 linux-headers-5.4.0-84-generic-lpae - 5.4.0-84.94 linux-headers-5.4.0-84-lowlatency - 5.4.0-84.94 linux-modules-5.4.0-84-generic - 5.4.0-84.94 linux-buildinfo-5.4.0-84-generic-lpae - 5.4.0-84.94 linux-cloud-tools-5.4.0-84 - 5.4.0-84.94 linux-tools-5.4.0-84-lowlatency - 5.4.0-84.94 linux-modules-5.4.0-84-lowlatency - 5.4.0-84.94 No subscription required linux-headers-gkeop - 5.4.0.1023.26 linux-cloud-tools-gkeop-5.4 - 5.4.0.1023.26 linux-image-gkeop - 5.4.0.1023.26 linux-modules-extra-gkeop-5.4 - 5.4.0.1023.26 linux-gkeop-5.4 - 5.4.0.1023.26 linux-headers-gkeop-5.4 - 5.4.0.1023.26 linux-image-gkeop-5.4 - 5.4.0.1023.26 linux-gkeop - 5.4.0.1023.26 linux-cloud-tools-gkeop - 5.4.0.1023.26 linux-modules-extra-gkeop - 5.4.0.1023.26 linux-tools-gkeop - 5.4.0.1023.26 linux-tools-gkeop-5.4 - 5.4.0.1023.26 No subscription required linux-kvm - 5.4.0.1046.45 linux-headers-kvm - 5.4.0.1046.45 linux-image-kvm - 5.4.0.1046.45 linux-tools-kvm - 5.4.0.1046.45 No subscription required linux-modules-extra-gke - 5.4.0.1052.62 linux-headers-gke-5.4 - 5.4.0.1052.62 linux-tools-gke-5.4 - 5.4.0.1052.62 linux-modules-extra-gke-5.4 - 5.4.0.1052.62 linux-gcp-lts-20.04 - 5.4.0.1052.62 linux-gke-5.4 - 5.4.0.1052.62 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1052.62 linux-headers-gcp-lts-20.04 - 5.4.0.1052.62 linux-tools-gke - 5.4.0.1052.62 linux-gke - 5.4.0.1052.62 linux-image-gcp-lts-20.04 - 5.4.0.1052.62 linux-headers-gke - 5.4.0.1052.62 linux-image-gke - 5.4.0.1052.62 linux-tools-gcp-lts-20.04 - 5.4.0.1052.62 linux-image-gke-5.4 - 5.4.0.1052.62 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1054.54 linux-headers-oracle-lts-20.04 - 5.4.0.1054.54 linux-oracle-lts-20.04 - 5.4.0.1054.54 linux-image-oracle-lts-20.04 - 5.4.0.1054.54 No subscription required linux-aws-lts-20.04 - 5.4.0.1056.59 linux-modules-extra-aws-lts-20.04 - 5.4.0.1056.59 linux-image-aws-lts-20.04 - 5.4.0.1056.59 linux-headers-aws-lts-20.04 - 5.4.0.1056.59 linux-tools-aws-lts-20.04 - 5.4.0.1056.59 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1058.56 linux-azure-lts-20.04 - 5.4.0.1058.56 linux-image-azure-lts-20.04 - 5.4.0.1058.56 linux-modules-extra-azure-lts-20.04 - 5.4.0.1058.56 linux-tools-azure-lts-20.04 - 5.4.0.1058.56 linux-headers-azure-lts-20.04 - 5.4.0.1058.56 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.84.88 linux-cloud-tools-virtual - 5.4.0.84.88 linux-headers-generic-hwe-18.04-edge - 5.4.0.84.88 linux-image-generic-hwe-18.04 - 5.4.0.84.88 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.84.88 linux-headers-generic-lpae - 5.4.0.84.88 linux-image-virtual - 5.4.0.84.88 linux-oem-osp1-tools-host - 5.4.0.84.88 linux-cloud-tools-lowlatency - 5.4.0.84.88 linux-image-generic - 5.4.0.84.88 linux-tools-lowlatency - 5.4.0.84.88 linux-tools-virtual-hwe-18.04 - 5.4.0.84.88 linux-image-lowlatency-hwe-18.04 - 5.4.0.84.88 linux-headers-lowlatency-hwe-18.04 - 5.4.0.84.88 linux-lowlatency-hwe-18.04-edge - 5.4.0.84.88 linux-image-extra-virtual-hwe-18.04 - 5.4.0.84.88 linux-image-oem-osp1 - 5.4.0.84.88 linux-image-generic-lpae-hwe-18.04 - 5.4.0.84.88 linux-crashdump - 5.4.0.84.88 linux-tools-lowlatency-hwe-18.04 - 5.4.0.84.88 linux-headers-generic-hwe-18.04 - 5.4.0.84.88 linux-headers-virtual-hwe-18.04-edge - 5.4.0.84.88 linux-lowlatency - 5.4.0.84.88 linux-tools-virtual-hwe-18.04-edge - 5.4.0.84.88 linux-tools-generic-lpae - 5.4.0.84.88 linux-cloud-tools-generic - 5.4.0.84.88 linux-generic-lpae-hwe-18.04 - 5.4.0.84.88 linux-virtual - 5.4.0.84.88 linux-headers-virtual-hwe-18.04 - 5.4.0.84.88 linux-tools-virtual - 5.4.0.84.88 linux-virtual-hwe-18.04 - 5.4.0.84.88 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.84.88 linux-generic-lpae-hwe-18.04-edge - 5.4.0.84.88 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.84.88 linux-generic-lpae - 5.4.0.84.88 linux-headers-oem - 5.4.0.84.88 linux-generic - 5.4.0.84.88 linux-tools-oem-osp1 - 5.4.0.84.88 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.84.88 linux-image-virtual-hwe-18.04 - 5.4.0.84.88 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.84.88 linux-headers-lowlatency - 5.4.0.84.88 linux-image-generic-hwe-18.04-edge - 5.4.0.84.88 linux-generic-hwe-18.04-edge - 5.4.0.84.88 linux-tools-generic-hwe-18.04-edge - 5.4.0.84.88 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.84.88 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.84.88 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.84.88 linux-oem - 5.4.0.84.88 linux-tools-generic - 5.4.0.84.88 linux-source - 5.4.0.84.88 linux-image-extra-virtual - 5.4.0.84.88 linux-oem-tools-host - 5.4.0.84.88 linux-tools-oem - 5.4.0.84.88 linux-headers-oem-osp1 - 5.4.0.84.88 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.84.88 linux-headers-generic - 5.4.0.84.88 linux-oem-osp1 - 5.4.0.84.88 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.84.88 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.84.88 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.84.88 linux-virtual-hwe-18.04-edge - 5.4.0.84.88 linux-headers-virtual - 5.4.0.84.88 linux-image-oem - 5.4.0.84.88 linux-lowlatency-hwe-18.04 - 5.4.0.84.88 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.84.88 linux-generic-hwe-18.04 - 5.4.0.84.88 linux-image-generic-lpae - 5.4.0.84.88 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.84.88 linux-image-lowlatency - 5.4.0.84.88 linux-tools-generic-hwe-18.04 - 5.4.0.84.88 linux-image-virtual-hwe-18.04-edge - 5.4.0.84.88 No subscription required High CVE-2020-36311 CVE-2021-22543 CVE-2021-3612 CVE-2021-3653 CVE-2021-3656 Ubuntu 20.04 LTS It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. (CVE-2021-22543) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) Update Instructions: Run `sudo pro fix USN-5071-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1043-raspi - 5.4.0-1043.47 linux-raspi-tools-5.4.0-1043 - 5.4.0-1043.47 linux-buildinfo-5.4.0-1043-raspi - 5.4.0-1043.47 linux-raspi-headers-5.4.0-1043 - 5.4.0-1043.47 linux-image-5.4.0-1043-raspi - 5.4.0-1043.47 linux-tools-5.4.0-1043-raspi - 5.4.0-1043.47 linux-modules-5.4.0-1043-raspi - 5.4.0-1043.47 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1043.78 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1043.78 linux-raspi-hwe-18.04-edge - 5.4.0.1043.78 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1043.78 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1043.78 linux-raspi-hwe-18.04 - 5.4.0.1043.78 linux-tools-raspi - 5.4.0.1043.78 linux-image-raspi - 5.4.0.1043.78 linux-tools-raspi2-hwe-18.04 - 5.4.0.1043.78 linux-raspi2-hwe-18.04 - 5.4.0.1043.78 linux-raspi2 - 5.4.0.1043.78 linux-headers-raspi2 - 5.4.0.1043.78 linux-headers-raspi2-hwe-18.04 - 5.4.0.1043.78 linux-image-raspi2 - 5.4.0.1043.78 linux-image-raspi-hwe-18.04-edge - 5.4.0.1043.78 linux-tools-raspi-hwe-18.04 - 5.4.0.1043.78 linux-tools-raspi2 - 5.4.0.1043.78 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1043.78 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1043.78 linux-raspi - 5.4.0.1043.78 linux-headers-raspi - 5.4.0.1043.78 linux-headers-raspi-hwe-18.04 - 5.4.0.1043.78 linux-image-raspi-hwe-18.04 - 5.4.0.1043.78 linux-image-raspi2-hwe-18.04 - 5.4.0.1043.78 No subscription required Medium CVE-2021-22543 CVE-2021-3612 Ubuntu 20.04 LTS Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. (CVE-2021-3656) Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. (CVE-2021-3653) Update Instructions: Run `sudo pro fix USN-5072-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.10-tools-host - 5.10.0-1045.47 linux-oem-5.10-headers-5.10.0-1045 - 5.10.0-1045.47 linux-image-5.10.0-1045-oem - 5.10.0-1045.47 linux-headers-5.10.0-1045-oem - 5.10.0-1045.47 linux-modules-5.10.0-1045-oem - 5.10.0-1045.47 linux-tools-5.10.0-1045-oem - 5.10.0-1045.47 linux-image-unsigned-5.10.0-1045-oem - 5.10.0-1045.47 linux-oem-5.10-tools-5.10.0-1045 - 5.10.0-1045.47 linux-buildinfo-5.10.0-1045-oem - 5.10.0-1045.47 No subscription required linux-image-oem-20.04b - 5.10.0.1045.47 linux-headers-oem-20.04-edge - 5.10.0.1045.47 linux-headers-oem-20.04 - 5.10.0.1045.47 linux-image-oem-20.04-edge - 5.10.0.1045.47 linux-oem-20.04 - 5.10.0.1045.47 linux-image-oem-20.04 - 5.10.0.1045.47 linux-oem-20.04b - 5.10.0.1045.47 linux-oem-20.04-edge - 5.10.0.1045.47 linux-tools-oem-20.04b - 5.10.0.1045.47 linux-tools-oem-20.04-edge - 5.10.0.1045.47 linux-headers-oem-20.04b - 5.10.0.1045.47 linux-tools-oem-20.04 - 5.10.0.1045.47 No subscription required linux-modules-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-tools-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-azure-5.8-tools-5.8.0-1041 - 5.8.0-1041.44~20.04.1 linux-headers-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-azure-5.8-headers-5.8.0-1041 - 5.8.0-1041.44~20.04.1 linux-modules-extra-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-image-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-image-unsigned-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-cloud-tools-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-azure-5.8-cloud-tools-5.8.0-1041 - 5.8.0-1041.44~20.04.1 linux-buildinfo-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 No subscription required linux-azure - 5.8.0.1041.44~20.04.13 linux-cloud-tools-azure - 5.8.0.1041.44~20.04.13 linux-tools-azure - 5.8.0.1041.44~20.04.13 linux-modules-extra-azure - 5.8.0.1041.44~20.04.13 linux-image-azure - 5.8.0.1041.44~20.04.13 linux-headers-azure - 5.8.0.1041.44~20.04.13 No subscription required High CVE-2021-3653 CVE-2021-3656 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass mixed content blocking, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5074-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-szl - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 92.0+build3-0ubuntu0.20.04.1 firefox - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 92.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 92.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 92.0+build3-0ubuntu0.20.04.1 firefox-dev - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 92.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-38491 CVE-2021-38493 CVE-2021-38494 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service. Update Instructions: Run `sudo pro fix USN-5075-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.3 ghostscript-x - 9.50~dfsg-5ubuntu4.3 libgs-dev - 9.50~dfsg-5ubuntu4.3 ghostscript-doc - 9.50~dfsg-5ubuntu4.3 libgs9 - 9.50~dfsg-5ubuntu4.3 libgs9-common - 9.50~dfsg-5ubuntu4.3 No subscription required High CVE-2021-3781 Ubuntu 20.04 LTS It was discovered that Git allowed newline characters in certain repository paths. An attacker could potentially use this issue to perform cross-protocol requests. Update Instructions: Run `sudo pro fix USN-5076-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.2 gitweb - 1:2.25.1-1ubuntu3.2 git-gui - 1:2.25.1-1ubuntu3.2 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.2 git-el - 1:2.25.1-1ubuntu3.2 gitk - 1:2.25.1-1ubuntu3.2 git-all - 1:2.25.1-1ubuntu3.2 git-mediawiki - 1:2.25.1-1ubuntu3.2 git-daemon-run - 1:2.25.1-1ubuntu3.2 git-man - 1:2.25.1-1ubuntu3.2 git-doc - 1:2.25.1-1ubuntu3.2 git-svn - 1:2.25.1-1ubuntu3.2 git-cvs - 1:2.25.1-1ubuntu3.2 git-email - 1:2.25.1-1ubuntu3.2 No subscription required Medium CVE-2021-40330 Ubuntu 20.04 LTS Maik Münch and Stephen Röttger discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use this issue to gain read access to arbitrary files, possibly containing sensitive information. Update Instructions: Run `sudo pro fix USN-5077-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.20 apport-kde - 2.20.11-0ubuntu27.20 apport-retrace - 2.20.11-0ubuntu27.20 apport-valgrind - 2.20.11-0ubuntu27.20 python3-apport - 2.20.11-0ubuntu27.20 dh-apport - 2.20.11-0ubuntu27.20 apport-gtk - 2.20.11-0ubuntu27.20 apport - 2.20.11-0ubuntu27.20 apport-noui - 2.20.11-0ubuntu27.20 No subscription required Medium CVE-2021-3709 CVE-2021-3710 Ubuntu 20.04 LTS Richard Weinberger discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Update Instructions: Run `sudo pro fix USN-5078-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squashfs-tools - 1:4.4-1ubuntu0.2 No subscription required Medium CVE-2021-41072 Ubuntu 20.04 LTS USN-5078-1 fixed a vulnerability in Squashfs-Tools. That update was incomplete and could still result in Squashfs-Tools mishandling certain malformed SQUASHFS files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Richard Weinberger discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Update Instructions: Run `sudo pro fix USN-5078-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squashfs-tools - 1:4.4-1ubuntu0.3 No subscription required Medium CVE-2021-41072 Ubuntu 20.04 LTS It was discovered that curl incorrect handled memory when sending data to an MQTT server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-22945) Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl would continue without TLS even when the option to require a successful upgrade to TLS was specified. (CVE-2021-22946) Patrick Monnerat discovered that curl incorrectly handled responses received before STARTTLS. A remote attacker could possibly use this issue to inject responses and intercept communications. (CVE-2021-22947) Update Instructions: Run `sudo pro fix USN-5079-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.7 libcurl4-openssl-dev - 7.68.0-1ubuntu2.7 libcurl3-gnutls - 7.68.0-1ubuntu2.7 libcurl4-doc - 7.68.0-1ubuntu2.7 libcurl3-nss - 7.68.0-1ubuntu2.7 libcurl4-nss-dev - 7.68.0-1ubuntu2.7 libcurl4 - 7.68.0-1ubuntu2.7 curl - 7.68.0-1ubuntu2.7 No subscription required Medium CVE-2021-22945 CVE-2021-22946 CVE-2021-22947 Ubuntu 20.04 LTS It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An attacker could possibly use this issue to recover sensitive information. Update Instructions: Run `sudo pro fix USN-5080-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgcrypt20 - 1.8.5-5ubuntu1.1 libgcrypt-mingw-w64-dev - 1.8.5-5ubuntu1.1 libgcrypt20-doc - 1.8.5-5ubuntu1.1 libgcrypt20-dev - 1.8.5-5ubuntu1.1 No subscription required Medium CVE-2021-33560 CVE-2021-40528 Ubuntu 20.04 LTS Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. (CVE-2021-3656) Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. (CVE-2021-3653) Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609) Update Instructions: Run `sudo pro fix USN-5082-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.13.0-1012-oem - 5.13.0-1012.16 linux-image-5.13.0-1012-oem - 5.13.0-1012.16 linux-buildinfo-5.13.0-1012-oem - 5.13.0-1012.16 linux-oem-5.13-headers-5.13.0-1012 - 5.13.0-1012.16 linux-oem-5.13-tools-host - 5.13.0-1012.16 linux-oem-5.13-tools-5.13.0-1012 - 5.13.0-1012.16 linux-modules-5.13.0-1012-oem - 5.13.0-1012.16 linux-tools-5.13.0-1012-oem - 5.13.0-1012.16 linux-image-unsigned-5.13.0-1012-oem - 5.13.0-1012.16 No subscription required linux-image-oem-20.04c - 5.13.0.1012.16 linux-tools-oem-20.04c - 5.13.0.1012.16 linux-headers-oem-20.04c - 5.13.0.1012.16 linux-oem-20.04c - 5.13.0.1012.16 No subscription required High CVE-2021-3609 CVE-2021-3653 CVE-2021-3656 Ubuntu 20.04 LTS It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Update Instructions: Run `sudo pro fix USN-5084-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.2 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.2 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.2 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.2 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.2 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.2 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.2 No subscription required Medium CVE-2020-19143 Ubuntu 20.04 LTS Johan Almbladh discovered that the eBPF JIT implementation for IBM s390x systems in the Linux kernel miscompiled operations in some situations, allowing circumvention of the BPF verifier. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5086-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 linux-hwe-5.11-headers-5.11.0-36 - 5.11.0-36.40~20.04.1 linux-hwe-5.11-tools-5.11.0-36 - 5.11.0-36.40~20.04.1 linux-modules-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 linux-modules-extra-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-headers-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 linux-headers-5.11.0-36-generic-64k - 5.11.0-36.40~20.04.1 linux-tools-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-headers-5.11.0-36-generic-lpae - 5.11.0-36.40~20.04.1 linux-tools-5.11.0-36-generic-lpae - 5.11.0-36.40~20.04.1 linux-modules-5.11.0-36-generic-lpae - 5.11.0-36.40~20.04.1 linux-hwe-5.11-source-5.11.0 - 5.11.0-36.40~20.04.1 linux-buildinfo-5.11.0-36-generic-64k - 5.11.0-36.40~20.04.1 linux-image-unsigned-5.11.0-36-generic-64k - 5.11.0-36.40~20.04.1 linux-modules-5.11.0-36-generic-64k - 5.11.0-36.40~20.04.1 linux-image-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 linux-headers-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-buildinfo-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-image-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-image-5.11.0-36-generic-64k - 5.11.0-36.40~20.04.1 linux-modules-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-image-5.11.0-36-generic-lpae - 5.11.0-36.40~20.04.1 linux-hwe-5.11-tools-host - 5.11.0-36.40~20.04.1 linux-cloud-tools-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-cloud-tools-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 linux-hwe-5.11-cloud-tools-common - 5.11.0-36.40~20.04.1 linux-tools-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 linux-buildinfo-5.11.0-36-generic-lpae - 5.11.0-36.40~20.04.1 linux-hwe-5.11-tools-common - 5.11.0-36.40~20.04.1 linux-hwe-5.11-cloud-tools-5.11.0-36 - 5.11.0-36.40~20.04.1 linux-tools-5.11.0-36-generic-64k - 5.11.0-36.40~20.04.1 linux-image-unsigned-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-buildinfo-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-headers-virtual-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-cloud-tools-virtual-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-headers-generic-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-image-virtual-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-generic-64k-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-generic-lpae-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-headers-lowlatency-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-headers-generic-lpae-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-extra-virtual-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-image-lowlatency-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-lowlatency-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-cloud-tools-generic-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-lowlatency-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-virtual-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-headers-lowlatency-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-headers-generic-64k-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-generic-64k-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-generic-lpae-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-virtual-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-virtual-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-extra-virtual-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-generic-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-generic-lpae-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-tools-generic-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-generic-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-image-generic-64k-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-generic-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-generic-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-generic-lpae-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-lowlatency-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-headers-generic-64k-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-headers-generic-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-tools-lowlatency-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-image-generic-lpae-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-virtual-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-generic-64k-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-lowlatency-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-virtual-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-generic-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-generic-64k-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-image-generic-64k-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-headers-virtual-hwe-20.04 - 5.11.0.36.40~20.04.15 No subscription required linux-image-unsigned-5.4.0-86-generic - 5.4.0-86.97 linux-tools-common - 5.4.0-86.97 linux-buildinfo-5.4.0-86-generic-lpae - 5.4.0-86.97 linux-headers-5.4.0-86-generic - 5.4.0-86.97 linux-tools-5.4.0-86 - 5.4.0-86.97 linux-tools-host - 5.4.0-86.97 linux-image-5.4.0-86-generic-lpae - 5.4.0-86.97 linux-doc - 5.4.0-86.97 linux-headers-5.4.0-86 - 5.4.0-86.97 linux-modules-extra-5.4.0-86-generic - 5.4.0-86.97 linux-tools-5.4.0-86-generic - 5.4.0-86.97 linux-modules-5.4.0-86-generic-lpae - 5.4.0-86.97 linux-libc-dev - 5.4.0-86.97 linux-source-5.4.0 - 5.4.0-86.97 linux-buildinfo-5.4.0-86-lowlatency - 5.4.0-86.97 linux-image-unsigned-5.4.0-86-lowlatency - 5.4.0-86.97 linux-tools-5.4.0-86-lowlatency - 5.4.0-86.97 linux-cloud-tools-common - 5.4.0-86.97 linux-modules-5.4.0-86-lowlatency - 5.4.0-86.97 linux-buildinfo-5.4.0-86-generic - 5.4.0-86.97 linux-image-5.4.0-86-lowlatency - 5.4.0-86.97 linux-cloud-tools-5.4.0-86-lowlatency - 5.4.0-86.97 linux-headers-5.4.0-86-generic-lpae - 5.4.0-86.97 linux-cloud-tools-5.4.0-86-generic - 5.4.0-86.97 linux-tools-5.4.0-86-generic-lpae - 5.4.0-86.97 linux-modules-5.4.0-86-generic - 5.4.0-86.97 linux-headers-5.4.0-86-lowlatency - 5.4.0-86.97 linux-cloud-tools-5.4.0-86 - 5.4.0-86.97 linux-image-5.4.0-86-generic - 5.4.0-86.97 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.86.90 linux-cloud-tools-virtual - 5.4.0.86.90 linux-image-generic-hwe-18.04 - 5.4.0.86.90 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.86.90 linux-headers-generic-lpae - 5.4.0.86.90 linux-image-virtual - 5.4.0.86.90 linux-oem-osp1-tools-host - 5.4.0.86.90 linux-image-generic - 5.4.0.86.90 linux-image-oem - 5.4.0.86.90 linux-tools-virtual-hwe-18.04 - 5.4.0.86.90 linux-headers-lowlatency-hwe-18.04 - 5.4.0.86.90 linux-lowlatency-hwe-18.04-edge - 5.4.0.86.90 linux-image-extra-virtual-hwe-18.04 - 5.4.0.86.90 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.86.90 linux-image-generic-lpae-hwe-18.04 - 5.4.0.86.90 linux-crashdump - 5.4.0.86.90 linux-generic-hwe-18.04-edge - 5.4.0.86.90 linux-tools-lowlatency-hwe-18.04 - 5.4.0.86.90 linux-headers-generic-hwe-18.04 - 5.4.0.86.90 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.86.90 linux-headers-virtual-hwe-18.04-edge - 5.4.0.86.90 linux-source - 5.4.0.86.90 linux-lowlatency - 5.4.0.86.90 linux-tools-generic-lpae - 5.4.0.86.90 linux-cloud-tools-generic - 5.4.0.86.90 linux-virtual - 5.4.0.86.90 linux-headers-virtual-hwe-18.04 - 5.4.0.86.90 linux-virtual-hwe-18.04 - 5.4.0.86.90 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.86.90 linux-tools-virtual - 5.4.0.86.90 linux-generic-lpae-hwe-18.04-edge - 5.4.0.86.90 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.86.90 linux-tools-oem-osp1 - 5.4.0.86.90 linux-generic-lpae - 5.4.0.86.90 linux-headers-oem - 5.4.0.86.90 linux-generic - 5.4.0.86.90 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.86.90 linux-tools-generic-hwe-18.04-edge - 5.4.0.86.90 linux-image-virtual-hwe-18.04 - 5.4.0.86.90 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.86.90 linux-oem-tools-host - 5.4.0.86.90 linux-headers-lowlatency - 5.4.0.86.90 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.86.90 linux-oem - 5.4.0.86.90 linux-tools-generic - 5.4.0.86.90 linux-image-extra-virtual - 5.4.0.86.90 linux-image-oem-osp1 - 5.4.0.86.90 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.86.90 linux-cloud-tools-lowlatency - 5.4.0.86.90 linux-tools-oem - 5.4.0.86.90 linux-headers-oem-osp1 - 5.4.0.86.90 linux-tools-virtual-hwe-18.04-edge - 5.4.0.86.90 linux-generic-lpae-hwe-18.04 - 5.4.0.86.90 linux-tools-generic-hwe-18.04 - 5.4.0.86.90 linux-headers-generic-hwe-18.04-edge - 5.4.0.86.90 linux-headers-generic - 5.4.0.86.90 linux-oem-osp1 - 5.4.0.86.90 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.86.90 linux-tools-lowlatency - 5.4.0.86.90 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.86.90 linux-image-lowlatency-hwe-18.04 - 5.4.0.86.90 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.86.90 linux-virtual-hwe-18.04-edge - 5.4.0.86.90 linux-headers-virtual - 5.4.0.86.90 linux-lowlatency-hwe-18.04 - 5.4.0.86.90 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.86.90 linux-generic-hwe-18.04 - 5.4.0.86.90 linux-image-generic-lpae - 5.4.0.86.90 linux-image-virtual-hwe-18.04-edge - 5.4.0.86.90 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.86.90 linux-image-generic-hwe-18.04-edge - 5.4.0.86.90 linux-image-lowlatency - 5.4.0.86.90 No subscription required None https://launchpad.net/bugs/1943960 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5087-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.32.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.32.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.32.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.32.4-0ubuntu0.20.04.1 webkit2gtk-driver - 2.32.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.32.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.32.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.32.4-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.32.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.32.4-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-30858 Ubuntu 20.04 LTS It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash, resulting in a denial of service, obtain sensitive information or execute arbitrary code. (CVE-2019-11098) Paul Kehrer discovered that OpenSSL used in EDK II incorrectly handled certain input lengths in EVP functions. An attacker could possibly use this issue to cause EDK II to crash, resulting in a denial of service. (CVE-2021-23840) Ingo Schwarze discovered that OpenSSL used in EDK II incorrectly handled certain ASN.1 strings. An attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2021-3712) It was discovered that EDK II incorrectly decoded certain strings. A remote attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-38575) Update Instructions: Run `sudo pro fix USN-5088-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-efi-arm - 0~20191122.bd85bf54-2ubuntu3.3 qemu-efi - 0~20191122.bd85bf54-2ubuntu3.3 qemu-efi-aarch64 - 0~20191122.bd85bf54-2ubuntu3.3 ovmf - 0~20191122.bd85bf54-2ubuntu3.3 No subscription required Medium CVE-2019-11098 CVE-2021-23840 CVE-2021-3712 CVE-2021-38575 Ubuntu 20.04 LTS The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA. Update Instructions: Run `sudo pro fix USN-5089-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates - 20210119~20.04.2 No subscription required None https://launchpad.net/bugs/1944481 Ubuntu 20.04 LTS James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. (CVE-2021-33193) It was discovered that the Apache HTTP Server incorrectly handled certain malformed requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2021-34798) Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. (CVE-2021-36160) It was discovered that the Apache HTTP Server incorrectly handled escaping quotes. If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-39275) It was discovered that the Apache mod_proxy module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to forward requests to arbitrary origin servers. (CVE-2021-40438) Update Instructions: Run `sudo pro fix USN-5090-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.5 libapache2-mod-md - 2.4.41-4ubuntu3.5 apache2-utils - 2.4.41-4ubuntu3.5 apache2-dev - 2.4.41-4ubuntu3.5 apache2-suexec-pristine - 2.4.41-4ubuntu3.5 apache2-suexec-custom - 2.4.41-4ubuntu3.5 apache2 - 2.4.41-4ubuntu3.5 apache2-doc - 2.4.41-4ubuntu3.5 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.5 apache2-ssl-dev - 2.4.41-4ubuntu3.5 apache2-bin - 2.4.41-4ubuntu3.5 No subscription required Medium CVE-2021-33193 CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438 Ubuntu 20.04 LTS USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. Original advisory details: James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. (CVE-2021-33193) It was discovered that the Apache HTTP Server incorrectly handled certain malformed requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2021-34798) Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. (CVE-2021-36160) It was discovered that the Apache HTTP Server incorrectly handled escaping quotes. If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-39275) It was discovered that the Apache mod_proxy module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to forward requests to arbitrary origin servers. (CVE-2021-40438) Update Instructions: Run `sudo pro fix USN-5090-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.6 libapache2-mod-md - 2.4.41-4ubuntu3.6 apache2-utils - 2.4.41-4ubuntu3.6 apache2-dev - 2.4.41-4ubuntu3.6 apache2-suexec-pristine - 2.4.41-4ubuntu3.6 apache2-suexec-custom - 2.4.41-4ubuntu3.6 apache2 - 2.4.41-4ubuntu3.6 apache2-doc - 2.4.41-4ubuntu3.6 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.6 apache2-ssl-dev - 2.4.41-4ubuntu3.6 apache2-bin - 2.4.41-4ubuntu3.6 No subscription required None https://launchpad.net/bugs/1945311 Ubuntu 20.04 LTS Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) Alexey Kardashevskiy discovered that the KVM implementation for PowerPC systems in the Linux kernel did not properly validate RTAS arguments in some situations. An attacker in a guest vm could use this to cause a denial of service (host OS crash) or possibly execute arbitrary code. (CVE-2021-37576) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) Update Instructions: Run `sudo pro fix USN-5091-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-modules-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-headers-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-gkeop-source-5.4.0 - 5.4.0-1024.25 linux-gkeop-headers-5.4.0-1024 - 5.4.0-1024.25 linux-image-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-image-unsigned-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-modules-extra-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-buildinfo-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-gkeop-tools-5.4.0-1024 - 5.4.0-1024.25 linux-tools-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-gkeop-cloud-tools-5.4.0-1024 - 5.4.0-1024.25 No subscription required linux-image-unsigned-5.4.0-1047-kvm - 5.4.0-1047.49 linux-buildinfo-5.4.0-1047-kvm - 5.4.0-1047.49 linux-tools-5.4.0-1047-kvm - 5.4.0-1047.49 linux-kvm-tools-5.4.0-1047 - 5.4.0-1047.49 linux-headers-5.4.0-1047-kvm - 5.4.0-1047.49 linux-image-5.4.0-1047-kvm - 5.4.0-1047.49 linux-modules-5.4.0-1047-kvm - 5.4.0-1047.49 linux-kvm-headers-5.4.0-1047 - 5.4.0-1047.49 No subscription required linux-buildinfo-5.4.0-1053-gke - 5.4.0-1053.56 linux-gke-headers-5.4.0-1053 - 5.4.0-1053.56 linux-modules-extra-5.4.0-1053-gke - 5.4.0-1053.56 linux-tools-5.4.0-1053-gke - 5.4.0-1053.56 linux-headers-5.4.0-1053-gke - 5.4.0-1053.56 linux-image-unsigned-5.4.0-1053-gke - 5.4.0-1053.56 linux-gke-tools-5.4.0-1053 - 5.4.0-1053.56 linux-modules-5.4.0-1053-gke - 5.4.0-1053.56 linux-image-5.4.0-1053-gke - 5.4.0-1053.56 No subscription required linux-modules-5.4.0-1053-gcp - 5.4.0-1053.57 linux-buildinfo-5.4.0-1053-gcp - 5.4.0-1053.57 linux-gcp-headers-5.4.0-1053 - 5.4.0-1053.57 linux-headers-5.4.0-1053-gcp - 5.4.0-1053.57 linux-tools-5.4.0-1053-gcp - 5.4.0-1053.57 linux-modules-extra-5.4.0-1053-gcp - 5.4.0-1053.57 linux-image-unsigned-5.4.0-1053-gcp - 5.4.0-1053.57 linux-gcp-tools-5.4.0-1053 - 5.4.0-1053.57 linux-image-5.4.0-1053-gcp - 5.4.0-1053.57 No subscription required linux-tools-5.4.0-1055-oracle - 5.4.0-1055.59 linux-modules-5.4.0-1055-oracle - 5.4.0-1055.59 linux-oracle-tools-5.4.0-1055 - 5.4.0-1055.59 linux-buildinfo-5.4.0-1055-oracle - 5.4.0-1055.59 linux-image-unsigned-5.4.0-1055-oracle - 5.4.0-1055.59 linux-oracle-headers-5.4.0-1055 - 5.4.0-1055.59 linux-image-5.4.0-1055-oracle - 5.4.0-1055.59 linux-headers-5.4.0-1055-oracle - 5.4.0-1055.59 linux-modules-extra-5.4.0-1055-oracle - 5.4.0-1055.59 No subscription required linux-aws-tools-5.4.0-1057 - 5.4.0-1057.60 linux-image-5.4.0-1057-aws - 5.4.0-1057.60 linux-tools-5.4.0-1057-aws - 5.4.0-1057.60 linux-modules-extra-5.4.0-1057-aws - 5.4.0-1057.60 linux-aws-cloud-tools-5.4.0-1057 - 5.4.0-1057.60 linux-cloud-tools-5.4.0-1057-aws - 5.4.0-1057.60 linux-buildinfo-5.4.0-1057-aws - 5.4.0-1057.60 linux-modules-5.4.0-1057-aws - 5.4.0-1057.60 linux-aws-headers-5.4.0-1057 - 5.4.0-1057.60 linux-headers-5.4.0-1057-aws - 5.4.0-1057.60 No subscription required linux-buildinfo-5.4.0-1059-azure - 5.4.0-1059.62 linux-azure-cloud-tools-5.4.0-1059 - 5.4.0-1059.62 linux-azure-tools-5.4.0-1059 - 5.4.0-1059.62 linux-image-unsigned-5.4.0-1059-azure - 5.4.0-1059.62 linux-modules-extra-5.4.0-1059-azure - 5.4.0-1059.62 linux-modules-5.4.0-1059-azure - 5.4.0-1059.62 linux-tools-5.4.0-1059-azure - 5.4.0-1059.62 linux-image-5.4.0-1059-azure - 5.4.0-1059.62 linux-azure-headers-5.4.0-1059 - 5.4.0-1059.62 linux-headers-5.4.0-1059-azure - 5.4.0-1059.62 linux-cloud-tools-5.4.0-1059-azure - 5.4.0-1059.62 No subscription required linux-image-5.4.0-88-lowlatency - 5.4.0-88.99 linux-tools-common - 5.4.0-88.99 linux-image-unsigned-5.4.0-88-lowlatency - 5.4.0-88.99 linux-tools-5.4.0-88 - 5.4.0-88.99 linux-headers-5.4.0-88 - 5.4.0-88.99 linux-image-5.4.0-88-generic-lpae - 5.4.0-88.99 linux-doc - 5.4.0-88.99 linux-tools-5.4.0-88-lowlatency - 5.4.0-88.99 linux-modules-5.4.0-88-lowlatency - 5.4.0-88.99 linux-buildinfo-5.4.0-88-generic - 5.4.0-88.99 linux-libc-dev - 5.4.0-88.99 linux-source-5.4.0 - 5.4.0-88.99 linux-cloud-tools-5.4.0-88-generic - 5.4.0-88.99 linux-image-5.4.0-88-generic - 5.4.0-88.99 linux-modules-5.4.0-88-generic - 5.4.0-88.99 linux-buildinfo-5.4.0-88-generic-lpae - 5.4.0-88.99 linux-tools-5.4.0-88-generic - 5.4.0-88.99 linux-modules-extra-5.4.0-88-generic - 5.4.0-88.99 linux-buildinfo-5.4.0-88-lowlatency - 5.4.0-88.99 linux-tools-host - 5.4.0-88.99 linux-cloud-tools-common - 5.4.0-88.99 linux-cloud-tools-5.4.0-88 - 5.4.0-88.99 linux-headers-5.4.0-88-generic - 5.4.0-88.99 linux-tools-5.4.0-88-generic-lpae - 5.4.0-88.99 linux-cloud-tools-5.4.0-88-lowlatency - 5.4.0-88.99 linux-headers-5.4.0-88-lowlatency - 5.4.0-88.99 linux-modules-5.4.0-88-generic-lpae - 5.4.0-88.99 linux-image-unsigned-5.4.0-88-generic - 5.4.0-88.99 linux-headers-5.4.0-88-generic-lpae - 5.4.0-88.99 No subscription required linux-headers-gkeop - 5.4.0.1024.27 linux-cloud-tools-gkeop-5.4 - 5.4.0.1024.27 linux-image-gkeop - 5.4.0.1024.27 linux-modules-extra-gkeop-5.4 - 5.4.0.1024.27 linux-gkeop-5.4 - 5.4.0.1024.27 linux-headers-gkeop-5.4 - 5.4.0.1024.27 linux-image-gkeop-5.4 - 5.4.0.1024.27 linux-gkeop - 5.4.0.1024.27 linux-cloud-tools-gkeop - 5.4.0.1024.27 linux-modules-extra-gkeop - 5.4.0.1024.27 linux-tools-gkeop - 5.4.0.1024.27 linux-tools-gkeop-5.4 - 5.4.0.1024.27 No subscription required linux-kvm - 5.4.0.1047.46 linux-headers-kvm - 5.4.0.1047.46 linux-image-kvm - 5.4.0.1047.46 linux-tools-kvm - 5.4.0.1047.46 No subscription required linux-modules-extra-gke - 5.4.0.1053.63 linux-headers-gke-5.4 - 5.4.0.1053.63 linux-tools-gke-5.4 - 5.4.0.1053.63 linux-modules-extra-gke-5.4 - 5.4.0.1053.63 linux-gcp-lts-20.04 - 5.4.0.1053.63 linux-gke-5.4 - 5.4.0.1053.63 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1053.63 linux-headers-gcp-lts-20.04 - 5.4.0.1053.63 linux-tools-gke - 5.4.0.1053.63 linux-gke - 5.4.0.1053.63 linux-image-gcp-lts-20.04 - 5.4.0.1053.63 linux-headers-gke - 5.4.0.1053.63 linux-tools-gcp-lts-20.04 - 5.4.0.1053.63 linux-image-gke - 5.4.0.1053.63 linux-image-gke-5.4 - 5.4.0.1053.63 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1055.55 linux-oracle-lts-20.04 - 5.4.0.1055.55 linux-headers-oracle-lts-20.04 - 5.4.0.1055.55 linux-image-oracle-lts-20.04 - 5.4.0.1055.55 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1057.60 linux-image-aws-lts-20.04 - 5.4.0.1057.60 linux-headers-aws-lts-20.04 - 5.4.0.1057.60 linux-tools-aws-lts-20.04 - 5.4.0.1057.60 linux-aws-lts-20.04 - 5.4.0.1057.60 No subscription required linux-azure-lts-20.04 - 5.4.0.1059.57 linux-image-azure-lts-20.04 - 5.4.0.1059.57 linux-modules-extra-azure-lts-20.04 - 5.4.0.1059.57 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1059.57 linux-tools-azure-lts-20.04 - 5.4.0.1059.57 linux-headers-azure-lts-20.04 - 5.4.0.1059.57 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.88.92 linux-cloud-tools-virtual - 5.4.0.88.92 linux-image-generic-hwe-18.04 - 5.4.0.88.92 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.88.92 linux-headers-generic-lpae - 5.4.0.88.92 linux-image-virtual - 5.4.0.88.92 linux-oem-osp1-tools-host - 5.4.0.88.92 linux-image-generic - 5.4.0.88.92 linux-tools-lowlatency - 5.4.0.88.92 linux-image-oem - 5.4.0.88.92 linux-tools-virtual-hwe-18.04 - 5.4.0.88.92 linux-headers-lowlatency-hwe-18.04 - 5.4.0.88.92 linux-lowlatency-hwe-18.04-edge - 5.4.0.88.92 linux-image-extra-virtual-hwe-18.04 - 5.4.0.88.92 linux-image-oem-osp1 - 5.4.0.88.92 linux-image-generic-lpae-hwe-18.04 - 5.4.0.88.92 linux-crashdump - 5.4.0.88.92 linux-tools-lowlatency-hwe-18.04 - 5.4.0.88.92 linux-headers-generic-hwe-18.04 - 5.4.0.88.92 linux-headers-virtual-hwe-18.04-edge - 5.4.0.88.92 linux-lowlatency - 5.4.0.88.92 linux-tools-virtual-hwe-18.04-edge - 5.4.0.88.92 linux-tools-generic-lpae - 5.4.0.88.92 linux-cloud-tools-generic - 5.4.0.88.92 linux-virtual - 5.4.0.88.92 linux-headers-virtual-hwe-18.04 - 5.4.0.88.92 linux-tools-virtual - 5.4.0.88.92 linux-virtual-hwe-18.04 - 5.4.0.88.92 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.88.92 linux-headers-virtual - 5.4.0.88.92 linux-generic-lpae-hwe-18.04-edge - 5.4.0.88.92 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.88.92 linux-generic-lpae - 5.4.0.88.92 linux-headers-oem - 5.4.0.88.92 linux-generic - 5.4.0.88.92 linux-tools-oem-osp1 - 5.4.0.88.92 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.88.92 linux-tools-generic-hwe-18.04-edge - 5.4.0.88.92 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.88.92 linux-cloud-tools-lowlatency - 5.4.0.88.92 linux-headers-lowlatency - 5.4.0.88.92 linux-image-generic-hwe-18.04-edge - 5.4.0.88.92 linux-generic-hwe-18.04-edge - 5.4.0.88.92 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.88.92 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.88.92 linux-oem - 5.4.0.88.92 linux-tools-generic - 5.4.0.88.92 linux-source - 5.4.0.88.92 linux-image-extra-virtual - 5.4.0.88.92 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.88.92 linux-oem-tools-host - 5.4.0.88.92 linux-tools-oem - 5.4.0.88.92 linux-headers-oem-osp1 - 5.4.0.88.92 linux-generic-lpae-hwe-18.04 - 5.4.0.88.92 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.88.92 linux-headers-generic-hwe-18.04-edge - 5.4.0.88.92 linux-headers-generic - 5.4.0.88.92 linux-oem-osp1 - 5.4.0.88.92 linux-image-virtual-hwe-18.04 - 5.4.0.88.92 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.88.92 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.88.92 linux-image-lowlatency-hwe-18.04 - 5.4.0.88.92 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.88.92 linux-virtual-hwe-18.04-edge - 5.4.0.88.92 linux-lowlatency-hwe-18.04 - 5.4.0.88.92 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.88.92 linux-generic-hwe-18.04 - 5.4.0.88.92 linux-image-generic-lpae - 5.4.0.88.92 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.88.92 linux-image-lowlatency - 5.4.0.88.92 linux-tools-generic-hwe-18.04 - 5.4.0.88.92 linux-image-virtual-hwe-18.04-edge - 5.4.0.88.92 No subscription required Medium CVE-2021-33624 CVE-2021-3679 CVE-2021-37576 CVE-2021-38160 CVE-2021-38199 CVE-2021-38204 Ubuntu 20.04 LTS Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) Update Instructions: Run `sudo pro fix USN-5091-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1044-raspi - 5.4.0-1044.48 linux-raspi-tools-5.4.0-1044 - 5.4.0-1044.48 linux-tools-5.4.0-1044-raspi - 5.4.0-1044.48 linux-buildinfo-5.4.0-1044-raspi - 5.4.0-1044.48 linux-raspi-headers-5.4.0-1044 - 5.4.0-1044.48 linux-modules-5.4.0-1044-raspi - 5.4.0-1044.48 linux-image-5.4.0-1044-raspi - 5.4.0-1044.48 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1044.79 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1044.79 linux-raspi-hwe-18.04-edge - 5.4.0.1044.79 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1044.79 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1044.79 linux-raspi-hwe-18.04 - 5.4.0.1044.79 linux-image-raspi2 - 5.4.0.1044.79 linux-tools-raspi - 5.4.0.1044.79 linux-image-raspi - 5.4.0.1044.79 linux-tools-raspi2-hwe-18.04 - 5.4.0.1044.79 linux-raspi2-hwe-18.04 - 5.4.0.1044.79 linux-raspi2 - 5.4.0.1044.79 linux-headers-raspi2 - 5.4.0.1044.79 linux-headers-raspi2-hwe-18.04 - 5.4.0.1044.79 linux-image-raspi-hwe-18.04-edge - 5.4.0.1044.79 linux-tools-raspi-hwe-18.04 - 5.4.0.1044.79 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1044.79 linux-tools-raspi2 - 5.4.0.1044.79 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1044.79 linux-raspi - 5.4.0.1044.79 linux-headers-raspi - 5.4.0.1044.79 linux-headers-raspi-hwe-18.04 - 5.4.0.1044.79 linux-image-raspi-hwe-18.04 - 5.4.0.1044.79 linux-image-raspi2-hwe-18.04 - 5.4.0.1044.79 No subscription required Medium CVE-2021-33624 CVE-2021-3679 CVE-2021-38160 CVE-2021-38199 CVE-2021-38204 Ubuntu 20.04 LTS USN-5091-1 fixed vulnerabilities in Linux 5.4-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) Alexey Kardashevskiy discovered that the KVM implementation for PowerPC systems in the Linux kernel did not properly validate RTAS arguments in some situations. An attacker in a guest vm could use this to cause a denial of service (host OS crash) or possibly execute arbitrary code. (CVE-2021-37576) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) Update Instructions: Run `sudo pro fix USN-5091-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1061-azure - 5.4.0-1061.64 linux-azure-cloud-tools-5.4.0-1061 - 5.4.0-1061.64 linux-image-unsigned-5.4.0-1061-azure - 5.4.0-1061.64 linux-azure-headers-5.4.0-1061 - 5.4.0-1061.64 linux-azure-tools-5.4.0-1061 - 5.4.0-1061.64 linux-modules-extra-5.4.0-1061-azure - 5.4.0-1061.64 linux-image-5.4.0-1061-azure - 5.4.0-1061.64 linux-modules-5.4.0-1061-azure - 5.4.0-1061.64 linux-headers-5.4.0-1061-azure - 5.4.0-1061.64 linux-tools-5.4.0-1061-azure - 5.4.0-1061.64 linux-cloud-tools-5.4.0-1061-azure - 5.4.0-1061.64 No subscription required linux-image-azure-lts-20.04 - 5.4.0.1061.59 linux-headers-azure-lts-20.04 - 5.4.0.1061.59 linux-tools-azure-lts-20.04 - 5.4.0.1061.59 linux-modules-extra-azure-lts-20.04 - 5.4.0.1061.59 linux-azure-lts-20.04 - 5.4.0.1061.59 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1061.59 No subscription required None https://launchpad.net/bugs/1940564 Ubuntu 20.04 LTS Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. (CVE-2021-41073) Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) Alexey Kardashevskiy discovered that the KVM implementation for PowerPC systems in the Linux kernel did not properly validate RTAS arguments in some situations. An attacker in a guest vm could use this to cause a denial of service (host OS crash) or possibly execute arbitrary code. (CVE-2021-37576) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the Sun RPC implementation in the Linux kernel contained an out-of-bounds access error. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38201) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) Update Instructions: Run `sudo pro fix USN-5092-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-modules-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-image-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-cloud-tools-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-tools-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-aws-5.11-tools-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-modules-extra-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-headers-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-aws-5.11-headers-5.11.0-1019 - 5.11.0-1019.20~20.04.1 No subscription required linux-modules-extra-aws - 5.11.0.1019.20~20.04.18 linux-aws-edge - 5.11.0.1019.20~20.04.18 linux-modules-extra-aws-edge - 5.11.0.1019.20~20.04.18 linux-tools-aws-edge - 5.11.0.1019.20~20.04.18 linux-image-aws-edge - 5.11.0.1019.20~20.04.18 linux-headers-aws - 5.11.0.1019.20~20.04.18 linux-aws - 5.11.0.1019.20~20.04.18 linux-tools-aws - 5.11.0.1019.20~20.04.18 linux-headers-aws-edge - 5.11.0.1019.20~20.04.18 linux-image-aws - 5.11.0.1019.20~20.04.18 No subscription required High CVE-2021-33624 CVE-2021-34556 CVE-2021-35477 CVE-2021-3679 CVE-2021-37159 CVE-2021-37576 CVE-2021-38160 CVE-2021-38199 CVE-2021-38201 CVE-2021-38204 CVE-2021-38205 CVE-2021-41073 Ubuntu 20.04 LTS Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. (CVE-2021-41073) Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) Alexey Kardashevskiy discovered that the KVM implementation for PowerPC systems in the Linux kernel did not properly validate RTAS arguments in some situations. An attacker in a guest vm could use this to cause a denial of service (host OS crash) or possibly execute arbitrary code. (CVE-2021-37576) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the Sun RPC implementation in the Linux kernel contained an out-of-bounds access error. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38201) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) Update Instructions: Run `sudo pro fix USN-5092-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-tools-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-modules-extra-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-image-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-buildinfo-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-azure-5.11-tools-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-azure-5.11-headers-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-cloud-tools-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-image-unsigned-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-modules-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 No subscription required linux-modules-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 linux-modules-extra-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 linux-oracle-5.11-tools-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-headers-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 linux-buildinfo-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 linux-image-unsigned-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 linux-oracle-5.11-headers-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-image-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 linux-tools-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 No subscription required linux-modules-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-hwe-5.11-tools-5.11.0-37 - 5.11.0-37.41~20.04.2 linux-hwe-5.11-headers-5.11.0-37 - 5.11.0-37.41~20.04.2 linux-buildinfo-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-tools-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-image-unsigned-5.11.0-37-generic-64k - 5.11.0-37.41~20.04.2 linux-modules-5.11.0-37-generic-64k - 5.11.0-37.41~20.04.2 linux-modules-5.11.0-37-generic-lpae - 5.11.0-37.41~20.04.2 linux-image-unsigned-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-tools-5.11.0-37-generic-64k - 5.11.0-37.41~20.04.2 linux-buildinfo-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-buildinfo-5.11.0-37-generic-lpae - 5.11.0-37.41~20.04.2 linux-modules-extra-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-tools-5.11.0-37-generic-lpae - 5.11.0-37.41~20.04.2 linux-hwe-5.11-source-5.11.0 - 5.11.0-37.41~20.04.2 linux-tools-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-headers-5.11.0-37-generic-lpae - 5.11.0-37.41~20.04.2 linux-image-unsigned-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-image-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-image-5.11.0-37-generic-lpae - 5.11.0-37.41~20.04.2 linux-cloud-tools-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-cloud-tools-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-headers-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-modules-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-buildinfo-5.11.0-37-generic-64k - 5.11.0-37.41~20.04.2 linux-hwe-5.11-tools-host - 5.11.0-37.41~20.04.2 linux-hwe-5.11-cloud-tools-common - 5.11.0-37.41~20.04.2 linux-headers-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-image-5.11.0-37-generic-64k - 5.11.0-37.41~20.04.2 linux-headers-5.11.0-37-generic-64k - 5.11.0-37.41~20.04.2 linux-image-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-hwe-5.11-tools-common - 5.11.0-37.41~20.04.2 linux-hwe-5.11-cloud-tools-5.11.0-37 - 5.11.0-37.41~20.04.2 No subscription required linux-tools-azure-edge - 5.11.0.1017.18~20.04.16 linux-image-azure-edge - 5.11.0.1017.18~20.04.16 linux-cloud-tools-azure-edge - 5.11.0.1017.18~20.04.16 linux-headers-azure-edge - 5.11.0.1017.18~20.04.16 linux-azure-edge - 5.11.0.1017.18~20.04.16 linux-modules-extra-azure-edge - 5.11.0.1017.18~20.04.16 No subscription required linux-tools-oracle - 5.11.0.1019.20~20.04.12 linux-headers-oracle - 5.11.0.1019.20~20.04.12 linux-tools-oracle-edge - 5.11.0.1019.20~20.04.12 linux-oracle-edge - 5.11.0.1019.20~20.04.12 linux-image-oracle-edge - 5.11.0.1019.20~20.04.12 linux-headers-oracle-edge - 5.11.0.1019.20~20.04.12 linux-image-oracle - 5.11.0.1019.20~20.04.12 linux-oracle - 5.11.0.1019.20~20.04.12 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-image-virtual-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-cloud-tools-virtual-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-image-lowlatency-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-generic-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-image-virtual-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-generic-64k-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-image-generic-lpae-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-lowlatency-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-headers-generic-lpae-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-image-extra-virtual-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-image-lowlatency-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-lowlatency-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-cloud-tools-generic-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-lowlatency-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-virtual-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-headers-lowlatency-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-generic-64k-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-generic-64k-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-generic-lpae-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-virtual-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-image-extra-virtual-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-generic-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-generic-lpae-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-tools-generic-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-generic-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-image-generic-64k-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-image-generic-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-headers-virtual-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-generic-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-generic-lpae-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-generic-64k-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-generic-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-tools-lowlatency-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-image-generic-lpae-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-virtual-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-generic-64k-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-lowlatency-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-virtual-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-image-generic-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-generic-64k-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-image-generic-64k-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-virtual-hwe-20.04 - 5.11.0.37.41~20.04.16 No subscription required High CVE-2021-33624 CVE-2021-34556 CVE-2021-35477 CVE-2021-3679 CVE-2021-37159 CVE-2021-37576 CVE-2021-38160 CVE-2021-38199 CVE-2021-38201 CVE-2021-38204 CVE-2021-38205 CVE-2021-41073 Ubuntu 20.04 LTS USN-5092-2 fixed vulnerabilities in Linux 5.11-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. (CVE-2021-41073) Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) Alexey Kardashevskiy discovered that the KVM implementation for PowerPC systems in the Linux kernel did not properly validate RTAS arguments in some situations. An attacker in a guest vm could use this to cause a denial of service (host OS crash) or possibly execute arbitrary code. (CVE-2021-37576) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the Sun RPC implementation in the Linux kernel contained an out-of-bounds access error. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38201) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) Update Instructions: Run `sudo pro fix USN-5092-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-tools-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-buildinfo-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-azure-5.11-headers-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-cloud-tools-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-azure-5.11-tools-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-image-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-modules-extra-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-modules-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-headers-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 No subscription required linux-image-azure-edge - 5.11.0.1019.20~20.04.18 linux-modules-extra-azure-edge - 5.11.0.1019.20~20.04.18 linux-azure-edge - 5.11.0.1019.20~20.04.18 linux-tools-azure-edge - 5.11.0.1019.20~20.04.18 linux-cloud-tools-azure-edge - 5.11.0.1019.20~20.04.18 linux-headers-azure-edge - 5.11.0.1019.20~20.04.18 No subscription required None https://launchpad.net/bugs/1940564 https://ubuntu.com/security/notices/USN-5092-2 Ubuntu 20.04 LTS Brian Carpenter discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. (CVE-2021-3770) Brian Carpenter discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. (CVE-2021-3778) Dhiraj Mishra discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. (CVE-2021-3796) Update Instructions: Run `sudo pro fix USN-5093-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.3 vim-athena - 2:8.1.2269-1ubuntu5.3 xxd - 2:8.1.2269-1ubuntu5.3 vim-gtk - 2:8.1.2269-1ubuntu5.3 vim-gui-common - 2:8.1.2269-1ubuntu5.3 vim - 2:8.1.2269-1ubuntu5.3 vim-doc - 2:8.1.2269-1ubuntu5.3 vim-tiny - 2:8.1.2269-1ubuntu5.3 vim-runtime - 2:8.1.2269-1ubuntu5.3 vim-gtk3 - 2:8.1.2269-1ubuntu5.3 vim-nox - 2:8.1.2269-1ubuntu5.3 No subscription required Medium CVE-2021-3770 CVE-2021-3778 CVE-2021-3796 Ubuntu 20.04 LTS It was discovered that Apache Commons IO incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5095-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcommons-io-java-doc - 2.6-2ubuntu0.20.04.1 libcommons-io-java - 2.6-2ubuntu0.20.04.1 No subscription required Medium CVE-2021-29425 Ubuntu 20.04 LTS Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. (CVE-2021-41073) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) It was discovered that the BPF subsystem in the Linux kernel contained an integer overflow in its hash table implementation. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-38166) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the Sun RPC implementation in the Linux kernel contained an out-of-bounds access error. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38201) It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds read when the trace even framework is being used for nfsd. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38202) Naohiro Aota discovered that the btrfs file system in the Linux kernel contained a race condition in situations that triggered allocations of new system chunks. A local attacker could possibly use this to cause a denial of service (deadlock). (CVE-2021-38203) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) Update Instructions: Run `sudo pro fix USN-5096-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.13.0-1014-oem - 5.13.0-1014.18 linux-headers-5.13.0-1014-oem - 5.13.0-1014.18 linux-oem-5.13-tools-host - 5.13.0-1014.18 linux-modules-5.13.0-1014-oem - 5.13.0-1014.18 linux-oem-5.13-headers-5.13.0-1014 - 5.13.0-1014.18 linux-buildinfo-5.13.0-1014-oem - 5.13.0-1014.18 linux-oem-5.13-tools-5.13.0-1014 - 5.13.0-1014.18 linux-tools-5.13.0-1014-oem - 5.13.0-1014.18 linux-image-unsigned-5.13.0-1014-oem - 5.13.0-1014.18 No subscription required linux-tools-oem-20.04c - 5.13.0.1014.18 linux-headers-oem-20.04c - 5.13.0.1014.18 linux-image-oem-20.04c - 5.13.0.1014.18 linux-oem-20.04c - 5.13.0.1014.18 No subscription required High CVE-2021-34556 CVE-2021-35477 CVE-2021-3612 CVE-2021-3679 CVE-2021-37159 CVE-2021-3732 CVE-2021-38160 CVE-2021-38166 CVE-2021-38199 CVE-2021-38201 CVE-2021-38202 CVE-2021-38203 CVE-2021-38204 CVE-2021-38205 CVE-2021-40490 CVE-2021-41073 Ubuntu 20.04 LTS It was discovered that LedgerSMB incorrectly handled certain inputs. An attacker could use this to leak sensitive information, cause a DoS, or execute arbitrary code. (CVE-2021-3693, CVE-2021-3694, CVE-2021-3731) Update Instructions: Run `sudo pro fix USN-5097-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ledgersmb - 1.6.9+ds-1ubuntu0.1 No subscription required Medium CVE-2021-3693 CVE-2021-3694 CVE-2021-3731 Ubuntu 20.04 LTS It was discovered that Imlib2 incorrectly handled certain ICO images. An attacker could use this issue to cause a denial of service and possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5099-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libimlib2-dev - 1.6.1-1ubuntu0.1 libimlib2 - 1.6.1-1ubuntu0.1 No subscription required Medium CVE-2020-12761 Ubuntu 20.04 LTS It was discovered that containerd insufficiently restricted permissions on container root and plugin directories. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could traverse directory contents and modify files and execute programs on the host filesystem, possibly leading to privilege escalation. Update Instructions: Run `sudo pro fix USN-5100-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.5.2-0ubuntu1~20.04.3 golang-github-docker-containerd-dev - 1.5.2-0ubuntu1~20.04.3 golang-github-containerd-containerd-dev - 1.5.2-0ubuntu1~20.04.3 No subscription required High CVE-2021-41103 Ubuntu 20.04 LTS It was discovered that MongoDB incorrectly handled certain wire protocol messages. A remote attacker could possibly use this issue to cause MongoDB to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5101-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mongodb-server - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3 mongodb - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3 mongodb-clients - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3 mongodb-server-core - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3 No subscription required Medium CVE-2019-20925 Ubuntu 20.04 LTS Lei Wang and Ruizhi Xiao discovered that the Moby Docker engine in Docker incorrectly allowed the docker cp command to make permissions changes in the host filesystem in some situations. A local attacker could possibly use to this to expose sensitive information or gain administrative privileges. Update Instructions: Run `sudo pro fix USN-5103-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-docker-docker-dev - 20.10.7-0ubuntu1~20.04.2 docker.io - 20.10.7-0ubuntu1~20.04.2 golang-docker-dev - 20.10.7-0ubuntu1~20.04.2 vim-syntax-docker - 20.10.7-0ubuntu1~20.04.2 docker-doc - 20.10.7-0ubuntu1~20.04.2 No subscription required Medium CVE-2021-41089 Ubuntu 20.04 LTS Lyu discovered that Squid incorrectly handled WCCP protocol data. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5104-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.5 squidclient - 4.10-1ubuntu1.5 squid-purge - 4.10-1ubuntu1.5 squid - 4.10-1ubuntu1.5 squid-cgi - 4.10-1ubuntu1.5 No subscription required Medium CVE-2021-28116 Ubuntu 20.04 LTS It was discovered that Bottle incorrectly handled certain inputs. An attacker could possibly use this issue to cache malicious requests. Update Instructions: Run `sudo pro fix USN-5105-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-bottle - 0.12.15-2.1ubuntu0.1 python-bottle-doc - 0.12.15-2.1ubuntu0.1 No subscription required Medium CVE-2020-28473 Ubuntu 20.04 LTS Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. (CVE-2021-41073) It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-26541) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. (CVE-2021-22543) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) Update Instructions: Run `sudo pro fix USN-5106-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.10-tools-host - 5.10.0-1049.51 linux-headers-5.10.0-1049-oem - 5.10.0-1049.51 linux-image-unsigned-5.10.0-1049-oem - 5.10.0-1049.51 linux-tools-5.10.0-1049-oem - 5.10.0-1049.51 linux-image-5.10.0-1049-oem - 5.10.0-1049.51 linux-oem-5.10-headers-5.10.0-1049 - 5.10.0-1049.51 linux-buildinfo-5.10.0-1049-oem - 5.10.0-1049.51 linux-modules-5.10.0-1049-oem - 5.10.0-1049.51 linux-oem-5.10-tools-5.10.0-1049 - 5.10.0-1049.51 No subscription required linux-oem-20.04 - 5.10.0.1049.51 linux-oem-20.04-edge - 5.10.0.1049.51 linux-headers-oem-20.04b - 5.10.0.1049.51 linux-image-oem-20.04b - 5.10.0.1049.51 linux-image-oem-20.04 - 5.10.0.1049.51 linux-tools-oem-20.04-edge - 5.10.0.1049.51 linux-image-oem-20.04-edge - 5.10.0.1049.51 linux-headers-oem-20.04-edge - 5.10.0.1049.51 linux-headers-oem-20.04 - 5.10.0.1049.51 linux-tools-oem-20.04 - 5.10.0.1049.51 linux-tools-oem-20.04b - 5.10.0.1049.51 linux-oem-20.04b - 5.10.0.1049.51 No subscription required High CVE-2020-26541 CVE-2021-22543 CVE-2021-3612 CVE-2021-38160 CVE-2021-38199 CVE-2021-41073 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof another origin, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5107-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 93.0+build1-0ubuntu0.20.04.1 firefox - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 93.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 93.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 93.0+build1-0ubuntu0.20.04.1 firefox-dev - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 93.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-32810 CVE-2021-38496 CVE-2021-38497 CVE-2021-38498 CVE-2021-38499 CVE-2021-38500 CVE-2021-38501 Ubuntu 20.04 LTS It was discovered that Libntlm incorrectly handled specially crafted NTML requests. An attacker could possibly use this issue to cause a denial of service or another unspecified impact. Update Instructions: Run `sudo pro fix USN-5108-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libntlm0 - 1.5-2ubuntu0.1 libntlm0-dev - 1.5-2ubuntu0.1 No subscription required Medium CVE-2019-17455 Ubuntu 20.04 LTS It was discovered that Ardour incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5110-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ardour-video-timeline - 1:5.12.0-3ubuntu4.1 ardour - 1:5.12.0-3ubuntu4.1 ardour-data - 1:5.12.0-3ubuntu4.1 No subscription required Medium CVE-2020-22617 Ubuntu 20.04 LTS It was discovered that strongSwan incorrectly handled certain RSASSA-PSS signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. (CVE-2021-41990) It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-41991) Update Instructions: Run `sudo pro fix USN-5111-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: strongswan-nm - 5.8.2-1ubuntu3.3 strongswan-scepclient - 5.8.2-1ubuntu3.3 libcharon-extra-plugins - 5.8.2-1ubuntu3.3 libcharon-standard-plugins - 5.8.2-1ubuntu3.3 libstrongswan-extra-plugins - 5.8.2-1ubuntu3.3 strongswan-charon - 5.8.2-1ubuntu3.3 libstrongswan - 5.8.2-1ubuntu3.3 strongswan-swanctl - 5.8.2-1ubuntu3.3 libstrongswan-standard-plugins - 5.8.2-1ubuntu3.3 strongswan-starter - 5.8.2-1ubuntu3.3 libcharon-extauth-plugins - 5.8.2-1ubuntu3.3 charon-systemd - 5.8.2-1ubuntu3.3 strongswan - 5.8.2-1ubuntu3.3 strongswan-tnc-server - 5.8.2-1ubuntu3.3 strongswan-tnc-client - 5.8.2-1ubuntu3.3 strongswan-tnc-base - 5.8.2-1ubuntu3.3 charon-cmd - 5.8.2-1ubuntu3.3 strongswan-libcharon - 5.8.2-1ubuntu3.3 strongswan-pki - 5.8.2-1ubuntu3.3 strongswan-tnc-ifmap - 5.8.2-1ubuntu3.3 strongswan-tnc-pdp - 5.8.2-1ubuntu3.3 No subscription required Medium CVE-2021-41990 CVE-2021-41991 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information (WiFi network traffic). (CVE-2020-3702) Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732) It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739) It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2021-3743) It was discovered that the virtual terminal (vt) device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. (CVE-2021-3753) It was discovered that the BPF subsystem in the Linux kernel contained an integer overflow in its hash table implementation. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-38166) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) It was discovered that the 6pack network protocol driver in the Linux kernel did not properly perform validation checks. A privileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-42008) Update Instructions: Run `sudo pro fix USN-5113-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1020 - 5.11.0-1020.21~20.04.1 linux-tools-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-modules-extra-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-image-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-azure-5.11-headers-5.11.0-1020 - 5.11.0-1020.21~20.04.1 linux-oracle-5.11-headers-5.11.0-1020 - 5.11.0-1020.21~20.04.1 linux-oracle-5.11-tools-5.11.0-1020 - 5.11.0-1020.21~20.04.1 linux-image-unsigned-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-cloud-tools-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-headers-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-buildinfo-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-modules-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-tools-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-buildinfo-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-image-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-image-unsigned-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-modules-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-azure-5.11-tools-5.11.0-1020 - 5.11.0-1020.21~20.04.1 linux-headers-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 No subscription required linux-modules-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 linux-cloud-tools-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 linux-modules-extra-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 linux-aws-5.11-tools-5.11.0-1020 - 5.11.0-1020.21~20.04.2 linux-tools-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 linux-image-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 linux-aws-5.11-cloud-tools-5.11.0-1020 - 5.11.0-1020.21~20.04.2 linux-aws-5.11-headers-5.11.0-1020 - 5.11.0-1020.21~20.04.2 linux-headers-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 linux-buildinfo-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 No subscription required linux-modules-extra-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 linux-gcp-5.11-tools-5.11.0-1021 - 5.11.0-1021.23~20.04.1 linux-gcp-5.11-headers-5.11.0-1021 - 5.11.0-1021.23~20.04.1 linux-tools-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 linux-buildinfo-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 linux-modules-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 linux-image-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 linux-image-unsigned-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 linux-headers-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 No subscription required linux-cloud-tools-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 linux-buildinfo-5.11.0-38-generic-lpae - 5.11.0-38.42~20.04.1 linux-headers-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 linux-hwe-5.11-headers-5.11.0-38 - 5.11.0-38.42~20.04.1 linux-hwe-5.11-tools-5.11.0-38 - 5.11.0-38.42~20.04.1 linux-image-unsigned-5.11.0-38-generic-64k - 5.11.0-38.42~20.04.1 linux-modules-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-image-unsigned-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-image-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 linux-image-5.11.0-38-generic-lpae - 5.11.0-38.42~20.04.1 linux-image-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-image-unsigned-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 linux-tools-5.11.0-38-generic-lpae - 5.11.0-38.42~20.04.1 linux-tools-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 linux-modules-extra-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-tools-5.11.0-38-generic-64k - 5.11.0-38.42~20.04.1 linux-hwe-5.11-source-5.11.0 - 5.11.0-38.42~20.04.1 linux-headers-5.11.0-38-generic-lpae - 5.11.0-38.42~20.04.1 linux-tools-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-headers-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-headers-5.11.0-38-generic-64k - 5.11.0-38.42~20.04.1 linux-hwe-5.11-tools-host - 5.11.0-38.42~20.04.1 linux-hwe-5.11-cloud-tools-common - 5.11.0-38.42~20.04.1 linux-buildinfo-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-modules-5.11.0-38-generic-64k - 5.11.0-38.42~20.04.1 linux-modules-5.11.0-38-generic-lpae - 5.11.0-38.42~20.04.1 linux-hwe-5.11-cloud-tools-5.11.0-38 - 5.11.0-38.42~20.04.1 linux-hwe-5.11-tools-common - 5.11.0-38.42~20.04.1 linux-modules-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 linux-cloud-tools-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-image-5.11.0-38-generic-64k - 5.11.0-38.42~20.04.1 linux-buildinfo-5.11.0-38-generic-64k - 5.11.0-38.42~20.04.1 linux-buildinfo-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 No subscription required linux-headers-oracle - 5.11.0.1020.21~20.04.13 linux-tools-oracle-edge - 5.11.0.1020.21~20.04.13 linux-image-oracle-edge - 5.11.0.1020.21~20.04.13 linux-oracle-edge - 5.11.0.1020.21~20.04.13 linux-headers-oracle-edge - 5.11.0.1020.21~20.04.13 linux-image-oracle - 5.11.0.1020.21~20.04.13 linux-tools-oracle - 5.11.0.1020.21~20.04.13 linux-oracle - 5.11.0.1020.21~20.04.13 No subscription required linux-tools-azure-edge - 5.11.0.1020.21~20.04.19 linux-headers-aws - 5.11.0.1020.21~20.04.19 linux-image-aws - 5.11.0.1020.21~20.04.19 linux-image-aws-edge - 5.11.0.1020.21~20.04.19 linux-cloud-tools-azure-edge - 5.11.0.1020.21~20.04.19 linux-aws-edge - 5.11.0.1020.21~20.04.19 linux-aws - 5.11.0.1020.21~20.04.19 linux-modules-extra-aws-edge - 5.11.0.1020.21~20.04.19 linux-headers-aws-edge - 5.11.0.1020.21~20.04.19 linux-headers-azure-edge - 5.11.0.1020.21~20.04.19 linux-azure-edge - 5.11.0.1020.21~20.04.19 linux-modules-extra-azure-edge - 5.11.0.1020.21~20.04.19 linux-modules-extra-aws - 5.11.0.1020.21~20.04.19 linux-tools-aws - 5.11.0.1020.21~20.04.19 linux-image-azure-edge - 5.11.0.1020.21~20.04.19 linux-tools-aws-edge - 5.11.0.1020.21~20.04.19 No subscription required linux-headers-gcp-edge - 5.11.0.1021.23~20.04.20 linux-image-gcp-edge - 5.11.0.1021.23~20.04.20 linux-tools-gcp - 5.11.0.1021.23~20.04.20 linux-modules-extra-gcp-edge - 5.11.0.1021.23~20.04.20 linux-gcp - 5.11.0.1021.23~20.04.20 linux-headers-gcp - 5.11.0.1021.23~20.04.20 linux-image-gcp - 5.11.0.1021.23~20.04.20 linux-modules-extra-gcp - 5.11.0.1021.23~20.04.20 linux-tools-gcp-edge - 5.11.0.1021.23~20.04.20 linux-gcp-edge - 5.11.0.1021.23~20.04.20 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-headers-generic-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-virtual-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-virtual-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-cloud-tools-virtual-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-lowlatency-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-generic-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-image-virtual-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-tools-generic-64k-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-generic-lpae-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-lowlatency-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-image-extra-virtual-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-image-lowlatency-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-tools-lowlatency-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-cloud-tools-generic-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-generic-lpae-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-virtual-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-headers-lowlatency-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-generic-64k-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-generic-64k-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-generic-lpae-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-virtual-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-extra-virtual-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-tools-generic-lpae-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-tools-generic-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-generic-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-generic-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-generic-64k-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-lowlatency-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-generic-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-generic-lpae-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-tools-generic-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-headers-generic-64k-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-tools-lowlatency-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-image-generic-lpae-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-tools-virtual-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-tools-generic-64k-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-lowlatency-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-tools-virtual-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-generic-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-generic-64k-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-image-generic-64k-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-virtual-hwe-20.04 - 5.11.0.38.42~20.04.17 No subscription required Medium CVE-2020-3702 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-38166 CVE-2021-40490 CVE-2021-42008 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information (WiFi network traffic). (CVE-2020-3702) Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732) It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739) It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2021-3743) It was discovered that the virtual terminal (vt) device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. (CVE-2021-3753) It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759) It was discovered that the BPF subsystem in the Linux kernel contained an integer overflow in its hash table implementation. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-38166) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) It was discovered that the 6pack network protocol driver in the Linux kernel did not properly perform validation checks. A privileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-42008) Update Instructions: Run `sudo pro fix USN-5115-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.10-tools-host - 5.10.0-1050.52 linux-oem-5.10-headers-5.10.0-1050 - 5.10.0-1050.52 linux-modules-5.10.0-1050-oem - 5.10.0-1050.52 linux-image-5.10.0-1050-oem - 5.10.0-1050.52 linux-oem-5.10-tools-5.10.0-1050 - 5.10.0-1050.52 linux-headers-5.10.0-1050-oem - 5.10.0-1050.52 linux-tools-5.10.0-1050-oem - 5.10.0-1050.52 linux-buildinfo-5.10.0-1050-oem - 5.10.0-1050.52 linux-image-unsigned-5.10.0-1050-oem - 5.10.0-1050.52 No subscription required linux-oem-20.04 - 5.10.0.1050.52 linux-oem-20.04-edge - 5.10.0.1050.52 linux-headers-oem-20.04b - 5.10.0.1050.52 linux-image-oem-20.04b - 5.10.0.1050.52 linux-image-oem-20.04 - 5.10.0.1050.52 linux-headers-oem-20.04-edge - 5.10.0.1050.52 linux-headers-oem-20.04 - 5.10.0.1050.52 linux-tools-oem-20.04 - 5.10.0.1050.52 linux-image-oem-20.04-edge - 5.10.0.1050.52 linux-tools-oem-20.04b - 5.10.0.1050.52 linux-tools-oem-20.04-edge - 5.10.0.1050.52 linux-oem-20.04b - 5.10.0.1050.52 No subscription required Medium CVE-2020-3702 CVE-2021-33624 CVE-2021-34556 CVE-2021-35477 CVE-2021-3679 CVE-2021-37159 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-3759 CVE-2021-38166 CVE-2021-38204 CVE-2021-38205 CVE-2021-40490 CVE-2021-42008 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information (WiFi network traffic). (CVE-2020-3702) Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly compute the access permissions for shadow pages in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-38198) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) It was discovered that the 6pack network protocol driver in the Linux kernel did not properly perform validation checks. A privileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-42008) Update Instructions: Run `sudo pro fix USN-5116-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1020-bluefield - 5.4.0-1020.23 linux-bluefield-headers-5.4.0-1020 - 5.4.0-1020.23 linux-bluefield-tools-5.4.0-1020 - 5.4.0-1020.23 linux-image-unsigned-5.4.0-1020-bluefield - 5.4.0-1020.23 linux-tools-5.4.0-1020-bluefield - 5.4.0-1020.23 linux-headers-5.4.0-1020-bluefield - 5.4.0-1020.23 linux-modules-5.4.0-1020-bluefield - 5.4.0-1020.23 linux-buildinfo-5.4.0-1020-bluefield - 5.4.0-1020.23 No subscription required linux-tools-5.4.0-1048-kvm - 5.4.0-1048.50 linux-image-unsigned-5.4.0-1048-kvm - 5.4.0-1048.50 linux-kvm-tools-5.4.0-1048 - 5.4.0-1048.50 linux-headers-5.4.0-1048-kvm - 5.4.0-1048.50 linux-image-5.4.0-1048-kvm - 5.4.0-1048.50 linux-modules-5.4.0-1048-kvm - 5.4.0-1048.50 linux-buildinfo-5.4.0-1048-kvm - 5.4.0-1048.50 linux-kvm-headers-5.4.0-1048 - 5.4.0-1048.50 No subscription required linux-tools-common - 5.4.0-89.100 linux-headers-5.4.0-89-generic - 5.4.0-89.100 linux-tools-5.4.0-89 - 5.4.0-89.100 linux-tools-host - 5.4.0-89.100 linux-image-5.4.0-89-generic - 5.4.0-89.100 linux-buildinfo-5.4.0-89-lowlatency - 5.4.0-89.100 linux-doc - 5.4.0-89.100 linux-image-5.4.0-89-generic-lpae - 5.4.0-89.100 linux-headers-5.4.0-89-generic-lpae - 5.4.0-89.100 linux-libc-dev - 5.4.0-89.100 linux-source-5.4.0 - 5.4.0-89.100 linux-image-unsigned-5.4.0-89-generic - 5.4.0-89.100 linux-modules-extra-5.4.0-89-generic - 5.4.0-89.100 linux-cloud-tools-5.4.0-89-generic - 5.4.0-89.100 linux-tools-5.4.0-89-generic - 5.4.0-89.100 linux-buildinfo-5.4.0-89-generic-lpae - 5.4.0-89.100 linux-headers-5.4.0-89-lowlatency - 5.4.0-89.100 linux-buildinfo-5.4.0-89-generic - 5.4.0-89.100 linux-image-5.4.0-89-lowlatency - 5.4.0-89.100 linux-cloud-tools-common - 5.4.0-89.100 linux-modules-5.4.0-89-generic - 5.4.0-89.100 linux-image-unsigned-5.4.0-89-lowlatency - 5.4.0-89.100 linux-cloud-tools-5.4.0-89-lowlatency - 5.4.0-89.100 linux-tools-5.4.0-89-generic-lpae - 5.4.0-89.100 linux-tools-5.4.0-89-lowlatency - 5.4.0-89.100 linux-headers-5.4.0-89 - 5.4.0-89.100 linux-cloud-tools-5.4.0-89 - 5.4.0-89.100 linux-modules-5.4.0-89-generic-lpae - 5.4.0-89.100 linux-modules-5.4.0-89-lowlatency - 5.4.0-89.100 No subscription required linux-image-bluefield - 5.4.0.1020.21 linux-bluefield - 5.4.0.1020.21 linux-headers-bluefield - 5.4.0.1020.21 linux-tools-bluefield - 5.4.0.1020.21 No subscription required linux-kvm - 5.4.0.1048.47 linux-headers-kvm - 5.4.0.1048.47 linux-image-kvm - 5.4.0.1048.47 linux-tools-kvm - 5.4.0.1048.47 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.89.93 linux-cloud-tools-virtual - 5.4.0.89.93 linux-image-generic-hwe-18.04 - 5.4.0.89.93 linux-tools-oem - 5.4.0.89.93 linux-headers-generic-lpae - 5.4.0.89.93 linux-image-virtual - 5.4.0.89.93 linux-oem-osp1-tools-host - 5.4.0.89.93 linux-image-generic - 5.4.0.89.93 linux-tools-lowlatency - 5.4.0.89.93 linux-image-oem - 5.4.0.89.93 linux-tools-virtual-hwe-18.04 - 5.4.0.89.93 linux-headers-generic-hwe-18.04 - 5.4.0.89.93 linux-headers-lowlatency-hwe-18.04 - 5.4.0.89.93 linux-lowlatency-hwe-18.04-edge - 5.4.0.89.93 linux-image-extra-virtual-hwe-18.04 - 5.4.0.89.93 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.89.93 linux-image-oem-osp1 - 5.4.0.89.93 linux-image-generic-lpae-hwe-18.04 - 5.4.0.89.93 linux-crashdump - 5.4.0.89.93 linux-tools-lowlatency-hwe-18.04 - 5.4.0.89.93 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.89.93 linux-headers-virtual-hwe-18.04-edge - 5.4.0.89.93 linux-source - 5.4.0.89.93 linux-lowlatency - 5.4.0.89.93 linux-tools-virtual-hwe-18.04-edge - 5.4.0.89.93 linux-tools-generic-lpae - 5.4.0.89.93 linux-cloud-tools-generic - 5.4.0.89.93 linux-virtual - 5.4.0.89.93 linux-headers-virtual-hwe-18.04 - 5.4.0.89.93 linux-virtual-hwe-18.04 - 5.4.0.89.93 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.89.93 linux-tools-virtual - 5.4.0.89.93 linux-generic-lpae-hwe-18.04-edge - 5.4.0.89.93 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.89.93 linux-generic-lpae - 5.4.0.89.93 linux-headers-oem - 5.4.0.89.93 linux-generic - 5.4.0.89.93 linux-tools-oem-osp1 - 5.4.0.89.93 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.89.93 linux-tools-generic-hwe-18.04-edge - 5.4.0.89.93 linux-image-virtual-hwe-18.04 - 5.4.0.89.93 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.89.93 linux-oem-tools-host - 5.4.0.89.93 linux-headers-lowlatency - 5.4.0.89.93 linux-image-generic-hwe-18.04-edge - 5.4.0.89.93 linux-generic-hwe-18.04-edge - 5.4.0.89.93 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.89.93 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.89.93 linux-oem - 5.4.0.89.93 linux-tools-generic - 5.4.0.89.93 linux-image-extra-virtual - 5.4.0.89.93 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.89.93 linux-cloud-tools-lowlatency - 5.4.0.89.93 linux-headers-oem-osp1 - 5.4.0.89.93 linux-generic-lpae-hwe-18.04 - 5.4.0.89.93 linux-tools-generic-hwe-18.04 - 5.4.0.89.93 linux-headers-generic-hwe-18.04-edge - 5.4.0.89.93 linux-headers-generic - 5.4.0.89.93 linux-oem-osp1 - 5.4.0.89.93 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.89.93 linux-image-lowlatency-hwe-18.04 - 5.4.0.89.93 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.89.93 linux-virtual-hwe-18.04-edge - 5.4.0.89.93 linux-headers-virtual - 5.4.0.89.93 linux-lowlatency-hwe-18.04 - 5.4.0.89.93 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.89.93 linux-generic-hwe-18.04 - 5.4.0.89.93 linux-image-generic-lpae - 5.4.0.89.93 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.89.93 linux-image-lowlatency - 5.4.0.89.93 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.89.93 linux-image-virtual-hwe-18.04-edge - 5.4.0.89.93 No subscription required Medium CVE-2020-3702 CVE-2021-3732 CVE-2021-38198 CVE-2021-38205 CVE-2021-40490 CVE-2021-42008 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information (WiFi network traffic). (CVE-2020-3702) Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly compute the access permissions for shadow pages in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-38198) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) It was discovered that the 6pack network protocol driver in the Linux kernel did not properly perform validation checks. A privileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-42008) Update Instructions: Run `sudo pro fix USN-5116-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1006-ibm - 5.4.0-1006.7 linux-ibm-headers-5.4.0-1006 - 5.4.0-1006.7 linux-buildinfo-5.4.0-1006-ibm - 5.4.0-1006.7 linux-image-5.4.0-1006-ibm - 5.4.0-1006.7 linux-ibm-tools-common - 5.4.0-1006.7 linux-ibm-tools-5.4.0-1006 - 5.4.0-1006.7 linux-image-unsigned-5.4.0-1006-ibm - 5.4.0-1006.7 linux-tools-5.4.0-1006-ibm - 5.4.0-1006.7 linux-ibm-source-5.4.0 - 5.4.0-1006.7 linux-ibm-cloud-tools-common - 5.4.0-1006.7 linux-modules-extra-5.4.0-1006-ibm - 5.4.0-1006.7 linux-modules-5.4.0-1006-ibm - 5.4.0-1006.7 No subscription required linux-modules-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-buildinfo-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-gkeop-source-5.4.0 - 5.4.0-1025.26 linux-tools-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-image-unsigned-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-modules-extra-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-cloud-tools-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-headers-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-image-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-gkeop-headers-5.4.0-1025 - 5.4.0-1025.26 linux-gkeop-tools-5.4.0-1025 - 5.4.0-1025.26 linux-gkeop-cloud-tools-5.4.0-1025 - 5.4.0-1025.26 No subscription required linux-buildinfo-5.4.0-1045-raspi - 5.4.0-1045.49 linux-modules-5.4.0-1045-raspi - 5.4.0-1045.49 linux-raspi-tools-5.4.0-1045 - 5.4.0-1045.49 linux-image-5.4.0-1045-raspi - 5.4.0-1045.49 linux-tools-5.4.0-1045-raspi - 5.4.0-1045.49 linux-raspi-headers-5.4.0-1045 - 5.4.0-1045.49 linux-headers-5.4.0-1045-raspi - 5.4.0-1045.49 No subscription required linux-modules-extra-5.4.0-1054-gke - 5.4.0-1054.57 linux-image-unsigned-5.4.0-1054-gke - 5.4.0-1054.57 linux-gke-headers-5.4.0-1054 - 5.4.0-1054.57 linux-gke-tools-5.4.0-1054 - 5.4.0-1054.57 linux-modules-5.4.0-1054-gke - 5.4.0-1054.57 linux-buildinfo-5.4.0-1054-gke - 5.4.0-1054.57 linux-image-5.4.0-1054-gke - 5.4.0-1054.57 linux-headers-5.4.0-1054-gke - 5.4.0-1054.57 linux-tools-5.4.0-1054-gke - 5.4.0-1054.57 No subscription required linux-headers-5.4.0-1056-gcp - 5.4.0-1056.60 linux-buildinfo-5.4.0-1056-oracle - 5.4.0-1056.60 linux-image-unsigned-5.4.0-1056-gcp - 5.4.0-1056.60 linux-oracle-headers-5.4.0-1056 - 5.4.0-1056.60 linux-gcp-headers-5.4.0-1056 - 5.4.0-1056.60 linux-image-5.4.0-1056-gcp - 5.4.0-1056.60 linux-oracle-tools-5.4.0-1056 - 5.4.0-1056.60 linux-image-5.4.0-1056-oracle - 5.4.0-1056.60 linux-buildinfo-5.4.0-1056-gcp - 5.4.0-1056.60 linux-image-unsigned-5.4.0-1056-oracle - 5.4.0-1056.60 linux-tools-5.4.0-1056-oracle - 5.4.0-1056.60 linux-modules-5.4.0-1056-gcp - 5.4.0-1056.60 linux-modules-extra-5.4.0-1056-oracle - 5.4.0-1056.60 linux-gcp-tools-5.4.0-1056 - 5.4.0-1056.60 linux-tools-5.4.0-1056-gcp - 5.4.0-1056.60 linux-headers-5.4.0-1056-oracle - 5.4.0-1056.60 linux-modules-5.4.0-1056-oracle - 5.4.0-1056.60 linux-modules-extra-5.4.0-1056-gcp - 5.4.0-1056.60 No subscription required linux-image-5.4.0-1058-aws - 5.4.0-1058.61 linux-aws-tools-5.4.0-1058 - 5.4.0-1058.61 linux-buildinfo-5.4.0-1058-aws - 5.4.0-1058.61 linux-aws-headers-5.4.0-1058 - 5.4.0-1058.61 linux-modules-extra-5.4.0-1058-aws - 5.4.0-1058.61 linux-aws-cloud-tools-5.4.0-1058 - 5.4.0-1058.61 linux-cloud-tools-5.4.0-1058-aws - 5.4.0-1058.61 linux-tools-5.4.0-1058-aws - 5.4.0-1058.61 linux-headers-5.4.0-1058-aws - 5.4.0-1058.61 linux-modules-5.4.0-1058-aws - 5.4.0-1058.61 No subscription required linux-tools-5.4.0-1062-azure - 5.4.0-1062.65 linux-modules-extra-5.4.0-1062-azure - 5.4.0-1062.65 linux-azure-headers-5.4.0-1062 - 5.4.0-1062.65 linux-image-5.4.0-1062-azure - 5.4.0-1062.65 linux-buildinfo-5.4.0-1062-azure - 5.4.0-1062.65 linux-cloud-tools-5.4.0-1062-azure - 5.4.0-1062.65 linux-modules-5.4.0-1062-azure - 5.4.0-1062.65 linux-azure-cloud-tools-5.4.0-1062 - 5.4.0-1062.65 linux-image-unsigned-5.4.0-1062-azure - 5.4.0-1062.65 linux-azure-tools-5.4.0-1062 - 5.4.0-1062.65 linux-headers-5.4.0-1062-azure - 5.4.0-1062.65 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1006.7 linux-image-ibm - 5.4.0.1006.7 linux-headers-ibm-lts-20.04 - 5.4.0.1006.7 linux-tools-ibm - 5.4.0.1006.7 linux-image-ibm-lts-20.04 - 5.4.0.1006.7 linux-ibm-lts-20.04 - 5.4.0.1006.7 linux-modules-extra-ibm - 5.4.0.1006.7 linux-ibm - 5.4.0.1006.7 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1006.7 linux-headers-ibm - 5.4.0.1006.7 No subscription required linux-headers-gkeop - 5.4.0.1025.28 linux-cloud-tools-gkeop-5.4 - 5.4.0.1025.28 linux-image-gkeop - 5.4.0.1025.28 linux-modules-extra-gkeop-5.4 - 5.4.0.1025.28 linux-gkeop-5.4 - 5.4.0.1025.28 linux-image-gkeop-5.4 - 5.4.0.1025.28 linux-gkeop - 5.4.0.1025.28 linux-cloud-tools-gkeop - 5.4.0.1025.28 linux-headers-gkeop-5.4 - 5.4.0.1025.28 linux-modules-extra-gkeop - 5.4.0.1025.28 linux-tools-gkeop - 5.4.0.1025.28 linux-tools-gkeop-5.4 - 5.4.0.1025.28 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1045.80 linux-raspi2 - 5.4.0.1045.80 linux-headers-raspi2 - 5.4.0.1045.80 linux-image-raspi-hwe-18.04 - 5.4.0.1045.80 linux-image-raspi2-hwe-18.04 - 5.4.0.1045.80 linux-tools-raspi - 5.4.0.1045.80 linux-headers-raspi-hwe-18.04 - 5.4.0.1045.80 linux-headers-raspi2-hwe-18.04 - 5.4.0.1045.80 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1045.80 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1045.80 linux-headers-raspi - 5.4.0.1045.80 linux-raspi2-hwe-18.04-edge - 5.4.0.1045.80 linux-raspi-hwe-18.04 - 5.4.0.1045.80 linux-tools-raspi2-hwe-18.04 - 5.4.0.1045.80 linux-raspi2-hwe-18.04 - 5.4.0.1045.80 linux-image-raspi-hwe-18.04-edge - 5.4.0.1045.80 linux-image-raspi2 - 5.4.0.1045.80 linux-tools-raspi-hwe-18.04 - 5.4.0.1045.80 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1045.80 linux-raspi-hwe-18.04-edge - 5.4.0.1045.80 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1045.80 linux-image-raspi - 5.4.0.1045.80 linux-tools-raspi2 - 5.4.0.1045.80 linux-raspi - 5.4.0.1045.80 No subscription required linux-modules-extra-gke - 5.4.0.1054.64 linux-headers-gke-5.4 - 5.4.0.1054.64 linux-modules-extra-gke-5.4 - 5.4.0.1054.64 linux-gke-5.4 - 5.4.0.1054.64 linux-tools-gke - 5.4.0.1054.64 linux-gke - 5.4.0.1054.64 linux-image-gke - 5.4.0.1054.64 linux-headers-gke - 5.4.0.1054.64 linux-image-gke-5.4 - 5.4.0.1054.64 linux-tools-gke-5.4 - 5.4.0.1054.64 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1056.56 linux-headers-oracle-lts-20.04 - 5.4.0.1056.56 linux-oracle-lts-20.04 - 5.4.0.1056.56 linux-image-oracle-lts-20.04 - 5.4.0.1056.56 No subscription required linux-gcp-lts-20.04 - 5.4.0.1056.66 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1056.66 linux-headers-gcp-lts-20.04 - 5.4.0.1056.66 linux-image-gcp-lts-20.04 - 5.4.0.1056.66 linux-tools-gcp-lts-20.04 - 5.4.0.1056.66 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1058.61 linux-image-aws-lts-20.04 - 5.4.0.1058.61 linux-headers-aws-lts-20.04 - 5.4.0.1058.61 linux-tools-aws-lts-20.04 - 5.4.0.1058.61 linux-aws-lts-20.04 - 5.4.0.1058.61 No subscription required linux-azure-lts-20.04 - 5.4.0.1062.60 linux-image-azure-lts-20.04 - 5.4.0.1062.60 linux-modules-extra-azure-lts-20.04 - 5.4.0.1062.60 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1062.60 linux-tools-azure-lts-20.04 - 5.4.0.1062.60 linux-headers-azure-lts-20.04 - 5.4.0.1062.60 No subscription required Medium CVE-2020-3702 CVE-2021-3732 CVE-2021-38198 CVE-2021-38205 CVE-2021-40490 CVE-2021-42008 Ubuntu 20.04 LTS It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739) It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2021-3743) It was discovered that the virtual terminal (vt) device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. (CVE-2021-3753) It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759) Update Instructions: Run `sudo pro fix USN-5117-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.13.0-1017-oem - 5.13.0-1017.21 linux-tools-5.13.0-1017-oem - 5.13.0-1017.21 linux-image-5.13.0-1017-oem - 5.13.0-1017.21 linux-oem-5.13-headers-5.13.0-1017 - 5.13.0-1017.21 linux-buildinfo-5.13.0-1017-oem - 5.13.0-1017.21 linux-oem-5.13-tools-host - 5.13.0-1017.21 linux-headers-5.13.0-1017-oem - 5.13.0-1017.21 linux-modules-5.13.0-1017-oem - 5.13.0-1017.21 linux-oem-5.13-tools-5.13.0-1017 - 5.13.0-1017.21 No subscription required linux-image-oem-20.04c - 5.13.0.1017.21 linux-headers-oem-20.04c - 5.13.0.1017.21 linux-tools-oem-20.04c - 5.13.0.1017.21 linux-oem-20.04c - 5.13.0.1017.21 No subscription required Medium CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-3759 Ubuntu 20.04 LTS It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause a crash. (CVE-2021-30498, CVE-2021-30499) Update Instructions: Run `sudo pro fix USN-5119-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: caca-utils - 0.99.beta19-2.1ubuntu1.20.04.2 libcaca-dev - 0.99.beta19-2.1ubuntu1.20.04.2 libcaca0 - 0.99.beta19-2.1ubuntu1.20.04.2 No subscription required Medium CVE-2021-30498 CVE-2021-30499 Ubuntu 20.04 LTS It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19449) It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-26541) It was discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not ensure enough processing time was given to perform cleanups of large SEV VMs. A local attacker could use this to cause a denial of service (soft lockup). (CVE-2020-36311) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. (CVE-2021-22543) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the Xilinx LL TEMAC device driver in the Linux kernel did not properly calculate the number of buffers to be used in certain situations. A remote attacker could use this to cause a denial of service (system crash). (CVE-2021-38207) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) Update Instructions: Run `sudo pro fix USN-5120-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-headers-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-cloud-tools-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-azure-5.8-cloud-tools-5.8.0-1043 - 5.8.0-1043.46~20.04.1 linux-modules-extra-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-tools-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-image-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-azure-5.8-tools-5.8.0-1043 - 5.8.0-1043.46~20.04.1 linux-image-unsigned-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-buildinfo-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-azure-5.8-headers-5.8.0-1043 - 5.8.0-1043.46~20.04.1 No subscription required linux-headers-azure - 5.8.0.1043.46~20.04.15 linux-modules-extra-azure - 5.8.0.1043.46~20.04.15 linux-cloud-tools-azure - 5.8.0.1043.46~20.04.15 linux-azure - 5.8.0.1043.46~20.04.15 linux-tools-azure - 5.8.0.1043.46~20.04.15 linux-image-azure - 5.8.0.1043.46~20.04.15 No subscription required Medium CVE-2019-19449 CVE-2020-26541 CVE-2020-36311 CVE-2021-22543 CVE-2021-3612 CVE-2021-3759 CVE-2021-38199 CVE-2021-38207 CVE-2021-40490 Ubuntu 20.04 LTS USN-5009-1 fixed vulnerabilities in Mailman. This update provides the corresponding updates for Ubuntu 20.04 LTS. In addition, the following CVEs were fixed: It was discovered that Mailman allows arbitrary content injection. An attacker could use this to inject malicious content. (CVE-2020-12108, CVE-2020-15011) It was discovered that Mailman improperly sanitize the MIME content. An attacker could obtain sensitive information by sending a special type of attachment. (CVE-2020-12137) Original advisory details: Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman did not properly associate cross-site request forgery (CSRF) tokens to specific accounts. A remote attacker could use this to perform a CSRF attack to gain access to another account. (CVE-2021-42097) Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman’s cross-site request forgery (CSRF) tokens for the options page are derived from the admin password. A remote attacker could possibly use this to assist in performing a brute force attack against the admin password. (CVE-2021-42096) Update Instructions: Run `sudo pro fix USN-5121-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mailman - 1:2.1.29-1ubuntu3.1 No subscription required High CVE-2020-12108 CVE-2020-12137 CVE-2020-15011 CVE-2021-42096 CVE-2021-42097 Ubuntu 20.04 LTS It was discovered that Apport could be tricked into writing core files as root into arbitrary directories in certain scenarios. A local attacker could possibly use this issue to escalate privileges. This update will cause Apport to generate all core files in the /var/lib/apport/coredump directory. Update Instructions: Run `sudo pro fix USN-5122-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.21 apport-kde - 2.20.11-0ubuntu27.21 apport-retrace - 2.20.11-0ubuntu27.21 apport-valgrind - 2.20.11-0ubuntu27.21 python3-apport - 2.20.11-0ubuntu27.21 dh-apport - 2.20.11-0ubuntu27.21 apport-gtk - 2.20.11-0ubuntu27.21 apport - 2.20.11-0ubuntu27.21 apport-noui - 2.20.11-0ubuntu27.21 No subscription required None https://launchpad.net/bugs/1948657 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.27 in Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.36. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-36.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-27.html https://www.oracle.com/security-alerts/cpuoct2021.html Update Instructions: Run `sudo pro fix USN-5123-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.27-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.27-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.27-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.27-0ubuntu0.20.04.1 mysql-router - 8.0.27-0ubuntu0.20.04.1 mysql-server - 8.0.27-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.27-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.27-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.27-0ubuntu0.20.04.1 mysql-testsuite - 8.0.27-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.27-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.27-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-2478 CVE-2021-2479 CVE-2021-2481 CVE-2021-35546 CVE-2021-35575 CVE-2021-35577 CVE-2021-35584 CVE-2021-35591 CVE-2021-35596 CVE-2021-35597 CVE-2021-35602 CVE-2021-35604 CVE-2021-35607 CVE-2021-35608 CVE-2021-35610 CVE-2021-35612 CVE-2021-35613 CVE-2021-35622 CVE-2021-35623 CVE-2021-35624 CVE-2021-35625 CVE-2021-35626 CVE-2021-35627 CVE-2021-35628 CVE-2021-35630 CVE-2021-35631 CVE-2021-35632 CVE-2021-35633 CVE-2021-35634 CVE-2021-35635 CVE-2021-35636 CVE-2021-35637 CVE-2021-35638 CVE-2021-35639 CVE-2021-35640 CVE-2021-35641 CVE-2021-35642 CVE-2021-35643 CVE-2021-35644 CVE-2021-35645 CVE-2021-35646 CVE-2021-35647 CVE-2021-35648 Ubuntu 20.04 LTS It was discovered that GNU binutils incorrectly handled certain hash lookups. An attacker could use this issue to cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-16592) It was discovered that GNU binutils incorrectly handled certain corrupt DWARF debug sections. An attacker could possibly use this issue to cause GNU binutils to consume memory, resulting in a denial of service. (CVE-2021-3487) Update Instructions: Run `sudo pro fix USN-5124-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils-dev - 2.34-6ubuntu1.3 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.3 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.3 binutils-ia64-linux-gnu - 2.34-6ubuntu1.3 binutils-multiarch - 2.34-6ubuntu1.3 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.3 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.3 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.3 binutils-m68k-linux-gnu - 2.34-6ubuntu1.3 binutils-for-build - 2.34-6ubuntu1.3 binutils-s390x-linux-gnu - 2.34-6ubuntu1.3 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.3 binutils-multiarch-dev - 2.34-6ubuntu1.3 binutils-for-host - 2.34-6ubuntu1.3 libctf-nobfd0 - 2.34-6ubuntu1.3 binutils-i686-gnu - 2.34-6ubuntu1.3 binutils-doc - 2.34-6ubuntu1.3 libctf0 - 2.34-6ubuntu1.3 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.3 binutils-source - 2.34-6ubuntu1.3 binutils-i686-linux-gnu - 2.34-6ubuntu1.3 binutils-common - 2.34-6ubuntu1.3 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.3 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.3 binutils-sh4-linux-gnu - 2.34-6ubuntu1.3 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.3 binutils-hppa-linux-gnu - 2.34-6ubuntu1.3 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.3 libbinutils - 2.34-6ubuntu1.3 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.3 binutils-alpha-linux-gnu - 2.34-6ubuntu1.3 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.3 binutils - 2.34-6ubuntu1.3 No subscription required Low CVE-2020-16592 Ubuntu 20.04 LTS It was discovered that PHP-FPM in PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5125-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.7 php7.4-readline - 7.4.3-4ubuntu2.7 php7.4-dba - 7.4.3-4ubuntu2.7 php7.4-common - 7.4.3-4ubuntu2.7 php7.4-xmlrpc - 7.4.3-4ubuntu2.7 php7.4-intl - 7.4.3-4ubuntu2.7 php7.4-phpdbg - 7.4.3-4ubuntu2.7 php7.4-ldap - 7.4.3-4ubuntu2.7 php7.4-soap - 7.4.3-4ubuntu2.7 php7.4-xsl - 7.4.3-4ubuntu2.7 php7.4-pgsql - 7.4.3-4ubuntu2.7 php7.4-pspell - 7.4.3-4ubuntu2.7 php7.4-zip - 7.4.3-4ubuntu2.7 php7.4-curl - 7.4.3-4ubuntu2.7 php7.4-odbc - 7.4.3-4ubuntu2.7 php7.4-json - 7.4.3-4ubuntu2.7 php7.4-mbstring - 7.4.3-4ubuntu2.7 php7.4-imap - 7.4.3-4ubuntu2.7 php7.4-bz2 - 7.4.3-4ubuntu2.7 php7.4-cgi - 7.4.3-4ubuntu2.7 php7.4 - 7.4.3-4ubuntu2.7 php7.4-bcmath - 7.4.3-4ubuntu2.7 php7.4-dev - 7.4.3-4ubuntu2.7 php7.4-interbase - 7.4.3-4ubuntu2.7 php7.4-tidy - 7.4.3-4ubuntu2.7 php7.4-gmp - 7.4.3-4ubuntu2.7 php7.4-sqlite3 - 7.4.3-4ubuntu2.7 php7.4-enchant - 7.4.3-4ubuntu2.7 php7.4-fpm - 7.4.3-4ubuntu2.7 php7.4-sybase - 7.4.3-4ubuntu2.7 php7.4-cli - 7.4.3-4ubuntu2.7 libphp7.4-embed - 7.4.3-4ubuntu2.7 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.7 php7.4-mysql - 7.4.3-4ubuntu2.7 php7.4-snmp - 7.4.3-4ubuntu2.7 php7.4-xml - 7.4.3-4ubuntu2.7 php7.4-opcache - 7.4.3-4ubuntu2.7 No subscription required High CVE-2021-21703 Ubuntu 20.04 LTS Kishore Kumar Kothapalli discovered that Bind incorrectly handled the lame cache when processing responses. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5126-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.9 bind9-libs - 1:9.16.1-0ubuntu2.9 bind9utils - 1:9.16.1-0ubuntu2.9 bind9-doc - 1:9.16.1-0ubuntu2.9 bind9-utils - 1:9.16.1-0ubuntu2.9 bind9 - 1:9.16.1-0ubuntu2.9 bind9-dnsutils - 1:9.16.1-0ubuntu2.9 bind9-host - 1:9.16.1-0ubuntu2.9 No subscription required Medium CVE-2021-25219 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5127-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.34.1-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.34.1-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.34.1-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.34.1-0ubuntu0.20.04.1 webkit2gtk-driver - 2.34.1-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.34.1-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.34.1-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.34.1-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.34.1-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.34.1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-30846 CVE-2021-30851 CVE-2021-42762 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the browser UI, confuse the user, conduct phishing attacks, or execute arbitrary code. (CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509) It was discovered that the 'Copy Image Link' context menu action would copy the final image URL after redirects. If a user were tricked into copying and pasting a link for an embedded image that triggered authentication flows back to the page, an attacker could potentially exploit this to steal authentication tokens. Update Instructions: Run `sudo pro fix USN-5131-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-szl - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 94.0+build3-0ubuntu0.20.04.1 firefox - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 94.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 94.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 94.0+build3-0ubuntu0.20.04.1 firefox-dev - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 94.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 Ubuntu 20.04 LTS An information disclosure issue was discovered in the command line interface of Docker. A misconfigured credential store could result in supplied credentials being leaked to the public registry, when using the docker login command with a private registry. Update Instructions: Run `sudo pro fix USN-5134-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-docker-docker-dev - 20.10.7-0ubuntu5~20.04.2 docker.io - 20.10.7-0ubuntu5~20.04.2 golang-docker-dev - 20.10.7-0ubuntu5~20.04.2 vim-syntax-docker - 20.10.7-0ubuntu5~20.04.2 docker-doc - 20.10.7-0ubuntu5~20.04.2 No subscription required Medium CVE-2021-41092 Ubuntu 20.04 LTS It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). Update Instructions: Run `sudo pro fix USN-5135-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-image-unsigned-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-tools-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1021 - 5.11.0-1021.22~20.04.1 linux-image-unsigned-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-tools-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-azure-5.11-headers-5.11.0-1021 - 5.11.0-1021.22~20.04.1 linux-oracle-5.11-headers-5.11.0-1021 - 5.11.0-1021.22~20.04.1 linux-oracle-5.11-tools-5.11.0-1021 - 5.11.0-1021.22~20.04.1 linux-buildinfo-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-modules-extra-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-image-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-buildinfo-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-headers-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-headers-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-image-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-cloud-tools-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-modules-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-azure-5.11-tools-5.11.0-1021 - 5.11.0-1021.22~20.04.1 linux-modules-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 No subscription required linux-image-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 linux-modules-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 linux-buildinfo-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 linux-tools-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 linux-aws-5.11-tools-5.11.0-1021 - 5.11.0-1021.22~20.04.2 linux-headers-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 linux-modules-extra-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 linux-aws-5.11-cloud-tools-5.11.0-1021 - 5.11.0-1021.22~20.04.2 linux-aws-5.11-headers-5.11.0-1021 - 5.11.0-1021.22~20.04.2 linux-cloud-tools-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 No subscription required linux-modules-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 linux-gcp-5.11-tools-5.11.0-1022 - 5.11.0-1022.24~20.04.1 linux-gcp-5.11-headers-5.11.0-1022 - 5.11.0-1022.24~20.04.1 linux-modules-extra-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 linux-buildinfo-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 linux-tools-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 linux-image-unsigned-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 linux-image-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 linux-headers-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 No subscription required linux-image-5.11.0-40-generic-lpae - 5.11.0-40.44~20.04.2 linux-image-unsigned-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-image-unsigned-5.11.0-40-generic-64k - 5.11.0-40.44~20.04.2 linux-image-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-cloud-tools-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-headers-5.11.0-40-generic-lpae - 5.11.0-40.44~20.04.2 linux-cloud-tools-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-modules-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-buildinfo-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-modules-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-buildinfo-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-hwe-5.11-cloud-tools-5.11.0-40 - 5.11.0-40.44~20.04.2 linux-hwe-5.11-source-5.11.0 - 5.11.0-40.44~20.04.2 linux-buildinfo-5.11.0-40-generic-64k - 5.11.0-40.44~20.04.2 linux-modules-extra-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-tools-5.11.0-40-generic-64k - 5.11.0-40.44~20.04.2 linux-image-unsigned-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-tools-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-headers-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-modules-5.11.0-40-generic-64k - 5.11.0-40.44~20.04.2 linux-buildinfo-5.11.0-40-generic-lpae - 5.11.0-40.44~20.04.2 linux-tools-5.11.0-40-generic-lpae - 5.11.0-40.44~20.04.2 linux-hwe-5.11-tools-host - 5.11.0-40.44~20.04.2 linux-headers-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-hwe-5.11-tools-5.11.0-40 - 5.11.0-40.44~20.04.2 linux-hwe-5.11-cloud-tools-common - 5.11.0-40.44~20.04.2 linux-image-5.11.0-40-generic-64k - 5.11.0-40.44~20.04.2 linux-headers-5.11.0-40-generic-64k - 5.11.0-40.44~20.04.2 linux-tools-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-hwe-5.11-tools-common - 5.11.0-40.44~20.04.2 linux-hwe-5.11-headers-5.11.0-40 - 5.11.0-40.44~20.04.2 linux-image-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-modules-5.11.0-40-generic-lpae - 5.11.0-40.44~20.04.2 No subscription required linux-headers-oracle - 5.11.0.1021.22~20.04.14 linux-tools-oracle-edge - 5.11.0.1021.22~20.04.14 linux-oracle-edge - 5.11.0.1021.22~20.04.14 linux-image-oracle-edge - 5.11.0.1021.22~20.04.14 linux-headers-oracle-edge - 5.11.0.1021.22~20.04.14 linux-image-oracle - 5.11.0.1021.22~20.04.14 linux-tools-oracle - 5.11.0.1021.22~20.04.14 linux-oracle - 5.11.0.1021.22~20.04.14 No subscription required linux-headers-aws - 5.11.0.1021.22~20.04.20 linux-image-aws - 5.11.0.1021.22~20.04.20 linux-modules-extra-aws-edge - 5.11.0.1021.22~20.04.20 linux-image-aws-edge - 5.11.0.1021.22~20.04.20 linux-aws-edge - 5.11.0.1021.22~20.04.20 linux-aws - 5.11.0.1021.22~20.04.20 linux-headers-aws-edge - 5.11.0.1021.22~20.04.20 linux-modules-extra-aws - 5.11.0.1021.22~20.04.20 linux-tools-aws - 5.11.0.1021.22~20.04.20 linux-tools-aws-edge - 5.11.0.1021.22~20.04.20 No subscription required linux-tools-azure-edge - 5.11.0.1021.22~20.04.21 linux-cloud-tools-azure - 5.11.0.1021.22~20.04.21 linux-tools-azure - 5.11.0.1021.22~20.04.21 linux-image-azure-edge - 5.11.0.1021.22~20.04.21 linux-cloud-tools-azure-edge - 5.11.0.1021.22~20.04.21 linux-modules-extra-azure - 5.11.0.1021.22~20.04.21 linux-azure - 5.11.0.1021.22~20.04.21 linux-image-azure - 5.11.0.1021.22~20.04.21 linux-headers-azure-edge - 5.11.0.1021.22~20.04.21 linux-modules-extra-azure-edge - 5.11.0.1021.22~20.04.21 linux-headers-azure - 5.11.0.1021.22~20.04.21 linux-azure-edge - 5.11.0.1021.22~20.04.21 No subscription required linux-image-gcp-edge - 5.11.0.1022.24~20.04.21 linux-tools-gcp-edge - 5.11.0.1022.24~20.04.21 linux-headers-gcp-edge - 5.11.0.1022.24~20.04.21 linux-tools-gcp - 5.11.0.1022.24~20.04.21 linux-modules-extra-gcp-edge - 5.11.0.1022.24~20.04.21 linux-gcp - 5.11.0.1022.24~20.04.21 linux-headers-gcp - 5.11.0.1022.24~20.04.21 linux-image-gcp - 5.11.0.1022.24~20.04.21 linux-modules-extra-gcp - 5.11.0.1022.24~20.04.21 linux-gcp-edge - 5.11.0.1022.24~20.04.21 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-headers-generic-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-image-virtual-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-headers-lowlatency-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-image-extra-virtual-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-image-lowlatency-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-virtual-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-headers-generic-64k-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-generic-lpae-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-generic-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-tools-generic-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-tools-lowlatency-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-image-generic-lpae-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-tools-virtual-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-image-generic-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-tools-generic-64k-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-lowlatency-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-generic-64k-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-image-generic-64k-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-headers-virtual-hwe-20.04 - 5.11.0.40.44~20.04.18 No subscription required linux-oem-5.13-tools-host - 5.13.0-1019.23 linux-tools-5.13.0-1019-oem - 5.13.0-1019.23 linux-oem-5.13-tools-5.13.0-1019 - 5.13.0-1019.23 linux-image-unsigned-5.13.0-1019-oem - 5.13.0-1019.23 linux-image-5.13.0-1019-oem - 5.13.0-1019.23 linux-headers-5.13.0-1019-oem - 5.13.0-1019.23 linux-buildinfo-5.13.0-1019-oem - 5.13.0-1019.23 linux-oem-5.13-headers-5.13.0-1019 - 5.13.0-1019.23 linux-modules-5.13.0-1019-oem - 5.13.0-1019.23 No subscription required linux-tools-oem-20.04c - 5.13.0.1019.23 linux-image-oem-20.04c - 5.13.0.1019.23 linux-oem-20.04c - 5.13.0.1019.23 linux-headers-oem-20.04c - 5.13.0.1019.23 No subscription required Medium CVE-2021-3759 Ubuntu 20.04 LTS It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19449) It was discovered that the Infiniband RDMA userspace connection manager implementation in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possible execute arbitrary code. (CVE-2020-36385) Wolfgang Frisch discovered that the ext4 file system implementation in the Linux kernel contained an integer overflow when handling metadata inode extents. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2021-3428) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739) It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2021-3743) It was discovered that the virtual terminal (vt) device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. (CVE-2021-3753) It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759) It was discovered that the Aspeed Low Pin Count (LPC) Bus Controller implementation in the Linux kernel did not properly perform boundary checks in some situations, allowing out-of-bounds write access. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. In Ubuntu, this issue only affected systems running armhf kernels. (CVE-2021-42252) Update Instructions: Run `sudo pro fix USN-5137-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1007-ibm - 5.4.0-1007.8 linux-buildinfo-5.4.0-1007-ibm - 5.4.0-1007.8 linux-modules-5.4.0-1007-ibm - 5.4.0-1007.8 linux-ibm-source-5.4.0 - 5.4.0-1007.8 linux-ibm-headers-5.4.0-1007 - 5.4.0-1007.8 linux-ibm-tools-common - 5.4.0-1007.8 linux-ibm-tools-5.4.0-1007 - 5.4.0-1007.8 linux-image-5.4.0-1007-ibm - 5.4.0-1007.8 linux-image-unsigned-5.4.0-1007-ibm - 5.4.0-1007.8 linux-ibm-cloud-tools-common - 5.4.0-1007.8 linux-headers-5.4.0-1007-ibm - 5.4.0-1007.8 linux-tools-5.4.0-1007-ibm - 5.4.0-1007.8 No subscription required linux-gkeop-headers-5.4.0-1026 - 5.4.0-1026.27 linux-image-unsigned-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-headers-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-gkeop-source-5.4.0 - 5.4.0-1026.27 linux-tools-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-modules-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-image-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-modules-extra-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-buildinfo-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-gkeop-tools-5.4.0-1026 - 5.4.0-1026.27 linux-cloud-tools-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-gkeop-cloud-tools-5.4.0-1026 - 5.4.0-1026.27 No subscription required linux-tools-5.4.0-1049-kvm - 5.4.0-1049.51 linux-image-unsigned-5.4.0-1049-kvm - 5.4.0-1049.51 linux-kvm-tools-5.4.0-1049 - 5.4.0-1049.51 linux-modules-5.4.0-1049-kvm - 5.4.0-1049.51 linux-image-5.4.0-1049-kvm - 5.4.0-1049.51 linux-headers-5.4.0-1049-kvm - 5.4.0-1049.51 linux-kvm-headers-5.4.0-1049 - 5.4.0-1049.51 linux-buildinfo-5.4.0-1049-kvm - 5.4.0-1049.51 No subscription required linux-image-unsigned-5.4.0-1055-gke - 5.4.0-1055.58 linux-modules-extra-5.4.0-1055-gke - 5.4.0-1055.58 linux-gke-headers-5.4.0-1055 - 5.4.0-1055.58 linux-buildinfo-5.4.0-1055-gke - 5.4.0-1055.58 linux-image-5.4.0-1055-gke - 5.4.0-1055.58 linux-gke-tools-5.4.0-1055 - 5.4.0-1055.58 linux-tools-5.4.0-1055-gke - 5.4.0-1055.58 linux-headers-5.4.0-1055-gke - 5.4.0-1055.58 linux-modules-5.4.0-1055-gke - 5.4.0-1055.58 No subscription required linux-gcp-headers-5.4.0-1057 - 5.4.0-1057.61 linux-buildinfo-5.4.0-1057-gcp - 5.4.0-1057.61 linux-image-unsigned-5.4.0-1057-gcp - 5.4.0-1057.61 linux-headers-5.4.0-1057-gcp - 5.4.0-1057.61 linux-gcp-tools-5.4.0-1057 - 5.4.0-1057.61 linux-modules-5.4.0-1057-gcp - 5.4.0-1057.61 linux-image-5.4.0-1057-gcp - 5.4.0-1057.61 linux-modules-extra-5.4.0-1057-gcp - 5.4.0-1057.61 linux-tools-5.4.0-1057-gcp - 5.4.0-1057.61 No subscription required linux-modules-5.4.0-1059-aws - 5.4.0-1059.62 linux-cloud-tools-5.4.0-1059-aws - 5.4.0-1059.62 linux-aws-cloud-tools-5.4.0-1059 - 5.4.0-1059.62 linux-tools-5.4.0-1059-aws - 5.4.0-1059.62 linux-image-5.4.0-1059-aws - 5.4.0-1059.62 linux-aws-tools-5.4.0-1059 - 5.4.0-1059.62 linux-aws-headers-5.4.0-1059 - 5.4.0-1059.62 linux-modules-extra-5.4.0-1059-aws - 5.4.0-1059.62 linux-buildinfo-5.4.0-1059-aws - 5.4.0-1059.62 linux-headers-5.4.0-1059-aws - 5.4.0-1059.62 No subscription required linux-image-5.4.0-1063-azure - 5.4.0-1063.66 linux-cloud-tools-5.4.0-1063-azure - 5.4.0-1063.66 linux-azure-headers-5.4.0-1063 - 5.4.0-1063.66 linux-image-unsigned-5.4.0-1063-azure - 5.4.0-1063.66 linux-buildinfo-5.4.0-1063-azure - 5.4.0-1063.66 linux-tools-5.4.0-1063-azure - 5.4.0-1063.66 linux-azure-cloud-tools-5.4.0-1063 - 5.4.0-1063.66 linux-azure-tools-5.4.0-1063 - 5.4.0-1063.66 linux-headers-5.4.0-1063-azure - 5.4.0-1063.66 linux-modules-5.4.0-1063-azure - 5.4.0-1063.66 linux-modules-extra-5.4.0-1063-azure - 5.4.0-1063.66 No subscription required linux-buildinfo-5.4.0-90-lowlatency - 5.4.0-90.101 linux-tools-common - 5.4.0-90.101 linux-tools-host - 5.4.0-90.101 linux-cloud-tools-5.4.0-90-lowlatency - 5.4.0-90.101 linux-headers-5.4.0-90-generic-lpae - 5.4.0-90.101 linux-headers-5.4.0-90-lowlatency - 5.4.0-90.101 linux-doc - 5.4.0-90.101 linux-headers-5.4.0-90 - 5.4.0-90.101 linux-tools-5.4.0-90-generic - 5.4.0-90.101 linux-image-5.4.0-90-generic - 5.4.0-90.101 linux-image-unsigned-5.4.0-90-lowlatency - 5.4.0-90.101 linux-modules-5.4.0-90-generic - 5.4.0-90.101 linux-image-5.4.0-90-lowlatency - 5.4.0-90.101 linux-libc-dev - 5.4.0-90.101 linux-cloud-tools-common - 5.4.0-90.101 linux-cloud-tools-5.4.0-90-generic - 5.4.0-90.101 linux-modules-extra-5.4.0-90-generic - 5.4.0-90.101 linux-buildinfo-5.4.0-90-generic - 5.4.0-90.101 linux-tools-5.4.0-90 - 5.4.0-90.101 linux-tools-5.4.0-90-generic-lpae - 5.4.0-90.101 linux-image-5.4.0-90-generic-lpae - 5.4.0-90.101 linux-modules-5.4.0-90-generic-lpae - 5.4.0-90.101 linux-image-unsigned-5.4.0-90-generic - 5.4.0-90.101 linux-headers-5.4.0-90-generic - 5.4.0-90.101 linux-tools-5.4.0-90-lowlatency - 5.4.0-90.101 linux-source-5.4.0 - 5.4.0-90.101 linux-cloud-tools-5.4.0-90 - 5.4.0-90.101 linux-buildinfo-5.4.0-90-generic-lpae - 5.4.0-90.101 linux-modules-5.4.0-90-lowlatency - 5.4.0-90.101 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1007.8 linux-modules-extra-ibm - 5.4.0.1007.8 linux-image-ibm - 5.4.0.1007.8 linux-headers-ibm-lts-20.04 - 5.4.0.1007.8 linux-tools-ibm - 5.4.0.1007.8 linux-headers-ibm - 5.4.0.1007.8 linux-ibm-lts-20.04 - 5.4.0.1007.8 linux-image-ibm-lts-20.04 - 5.4.0.1007.8 linux-ibm - 5.4.0.1007.8 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1007.8 No subscription required linux-headers-gkeop - 5.4.0.1026.29 linux-cloud-tools-gkeop-5.4 - 5.4.0.1026.29 linux-image-gkeop - 5.4.0.1026.29 linux-modules-extra-gkeop-5.4 - 5.4.0.1026.29 linux-gkeop-5.4 - 5.4.0.1026.29 linux-image-gkeop-5.4 - 5.4.0.1026.29 linux-gkeop - 5.4.0.1026.29 linux-cloud-tools-gkeop - 5.4.0.1026.29 linux-headers-gkeop-5.4 - 5.4.0.1026.29 linux-modules-extra-gkeop - 5.4.0.1026.29 linux-tools-gkeop - 5.4.0.1026.29 linux-tools-gkeop-5.4 - 5.4.0.1026.29 No subscription required linux-kvm - 5.4.0.1049.48 linux-headers-kvm - 5.4.0.1049.48 linux-image-kvm - 5.4.0.1049.48 linux-tools-kvm - 5.4.0.1049.48 No subscription required linux-modules-extra-gke - 5.4.0.1055.65 linux-headers-gke-5.4 - 5.4.0.1055.65 linux-tools-gke-5.4 - 5.4.0.1055.65 linux-modules-extra-gke-5.4 - 5.4.0.1055.65 linux-gke-5.4 - 5.4.0.1055.65 linux-tools-gke - 5.4.0.1055.65 linux-gke - 5.4.0.1055.65 linux-headers-gke - 5.4.0.1055.65 linux-image-gke - 5.4.0.1055.65 linux-image-gke-5.4 - 5.4.0.1055.65 No subscription required linux-gcp-lts-20.04 - 5.4.0.1057.67 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1057.67 linux-headers-gcp-lts-20.04 - 5.4.0.1057.67 linux-image-gcp-lts-20.04 - 5.4.0.1057.67 linux-tools-gcp-lts-20.04 - 5.4.0.1057.67 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1059.62 linux-image-aws-lts-20.04 - 5.4.0.1059.62 linux-headers-aws-lts-20.04 - 5.4.0.1059.62 linux-tools-aws-lts-20.04 - 5.4.0.1059.62 linux-aws-lts-20.04 - 5.4.0.1059.62 No subscription required linux-azure-lts-20.04 - 5.4.0.1063.61 linux-modules-extra-azure-lts-20.04 - 5.4.0.1063.61 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1063.61 linux-image-azure-lts-20.04 - 5.4.0.1063.61 linux-tools-azure-lts-20.04 - 5.4.0.1063.61 linux-headers-azure-lts-20.04 - 5.4.0.1063.61 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.90.94 linux-image-generic-hwe-18.04 - 5.4.0.90.94 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.90.94 linux-headers-generic-lpae - 5.4.0.90.94 linux-generic-hwe-18.04-edge - 5.4.0.90.94 linux-oem-osp1-tools-host - 5.4.0.90.94 linux-image-generic - 5.4.0.90.94 linux-tools-lowlatency - 5.4.0.90.94 linux-image-oem - 5.4.0.90.94 linux-headers-lowlatency-hwe-18.04 - 5.4.0.90.94 linux-cloud-tools-virtual - 5.4.0.90.94 linux-lowlatency-hwe-18.04-edge - 5.4.0.90.94 linux-image-extra-virtual-hwe-18.04 - 5.4.0.90.94 linux-image-oem-osp1 - 5.4.0.90.94 linux-image-generic-lpae-hwe-18.04 - 5.4.0.90.94 linux-crashdump - 5.4.0.90.94 linux-tools-lowlatency-hwe-18.04 - 5.4.0.90.94 linux-headers-generic-hwe-18.04 - 5.4.0.90.94 linux-headers-virtual-hwe-18.04-edge - 5.4.0.90.94 linux-source - 5.4.0.90.94 linux-lowlatency - 5.4.0.90.94 linux-tools-virtual-hwe-18.04-edge - 5.4.0.90.94 linux-tools-generic-lpae - 5.4.0.90.94 linux-cloud-tools-generic - 5.4.0.90.94 linux-oem - 5.4.0.90.94 linux-virtual - 5.4.0.90.94 linux-headers-virtual-hwe-18.04 - 5.4.0.90.94 linux-headers-oem-osp1 - 5.4.0.90.94 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.90.94 linux-tools-virtual - 5.4.0.90.94 linux-image-extra-virtual - 5.4.0.90.94 linux-generic-lpae-hwe-18.04-edge - 5.4.0.90.94 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.90.94 linux-generic-lpae-hwe-18.04 - 5.4.0.90.94 linux-generic-lpae - 5.4.0.90.94 linux-headers-oem - 5.4.0.90.94 linux-generic - 5.4.0.90.94 linux-tools-oem-osp1 - 5.4.0.90.94 linux-image-virtual - 5.4.0.90.94 linux-tools-generic-hwe-18.04-edge - 5.4.0.90.94 linux-image-virtual-hwe-18.04 - 5.4.0.90.94 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.90.94 linux-lowlatency-hwe-18.04 - 5.4.0.90.94 linux-cloud-tools-lowlatency - 5.4.0.90.94 linux-headers-lowlatency - 5.4.0.90.94 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.90.94 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.90.94 linux-tools-generic - 5.4.0.90.94 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.90.94 linux-tools-oem - 5.4.0.90.94 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.90.94 linux-headers-generic-hwe-18.04-edge - 5.4.0.90.94 linux-headers-generic - 5.4.0.90.94 linux-oem-osp1 - 5.4.0.90.94 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.90.94 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.90.94 linux-image-lowlatency-hwe-18.04 - 5.4.0.90.94 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.90.94 linux-virtual-hwe-18.04-edge - 5.4.0.90.94 linux-headers-virtual - 5.4.0.90.94 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.90.94 linux-virtual-hwe-18.04 - 5.4.0.90.94 linux-tools-virtual-hwe-18.04 - 5.4.0.90.94 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.90.94 linux-generic-hwe-18.04 - 5.4.0.90.94 linux-image-generic-lpae - 5.4.0.90.94 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.90.94 linux-image-lowlatency - 5.4.0.90.94 linux-tools-generic-hwe-18.04 - 5.4.0.90.94 linux-image-generic-hwe-18.04-edge - 5.4.0.90.94 linux-image-virtual-hwe-18.04-edge - 5.4.0.90.94 linux-oem-tools-host - 5.4.0.90.94 No subscription required Medium CVE-2019-19449 CVE-2020-36385 CVE-2021-3428 CVE-2021-34556 CVE-2021-35477 CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-3759 CVE-2021-42252 Ubuntu 20.04 LTS It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19449) It was discovered that the Infiniband RDMA userspace connection manager implementation in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possible execute arbitrary code. (CVE-2020-36385) Wolfgang Frisch discovered that the ext4 file system implementation in the Linux kernel contained an integer overflow when handling metadata inode extents. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2021-3428) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739) It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2021-3743) It was discovered that the virtual terminal (vt) device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. (CVE-2021-3753) It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759) Update Instructions: Run `sudo pro fix USN-5137-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-tools-5.4.0-1021 - 5.4.0-1021.24 linux-tools-5.4.0-1021-bluefield - 5.4.0-1021.24 linux-modules-5.4.0-1021-bluefield - 5.4.0-1021.24 linux-buildinfo-5.4.0-1021-bluefield - 5.4.0-1021.24 linux-image-5.4.0-1021-bluefield - 5.4.0-1021.24 linux-headers-5.4.0-1021-bluefield - 5.4.0-1021.24 linux-image-unsigned-5.4.0-1021-bluefield - 5.4.0-1021.24 linux-bluefield-headers-5.4.0-1021 - 5.4.0-1021.24 No subscription required linux-modules-5.4.0-1046-raspi - 5.4.0-1046.50 linux-raspi-tools-5.4.0-1046 - 5.4.0-1046.50 linux-headers-5.4.0-1046-raspi - 5.4.0-1046.50 linux-tools-5.4.0-1046-raspi - 5.4.0-1046.50 linux-raspi-headers-5.4.0-1046 - 5.4.0-1046.50 linux-image-5.4.0-1046-raspi - 5.4.0-1046.50 linux-buildinfo-5.4.0-1046-raspi - 5.4.0-1046.50 No subscription required linux-oracle-headers-5.4.0-1057 - 5.4.0-1057.61 linux-tools-5.4.0-1057-oracle - 5.4.0-1057.61 linux-oracle-tools-5.4.0-1057 - 5.4.0-1057.61 linux-modules-extra-5.4.0-1057-oracle - 5.4.0-1057.61 linux-image-unsigned-5.4.0-1057-oracle - 5.4.0-1057.61 linux-buildinfo-5.4.0-1057-oracle - 5.4.0-1057.61 linux-headers-5.4.0-1057-oracle - 5.4.0-1057.61 linux-image-5.4.0-1057-oracle - 5.4.0-1057.61 linux-modules-5.4.0-1057-oracle - 5.4.0-1057.61 No subscription required linux-image-bluefield - 5.4.0.1021.22 linux-headers-bluefield - 5.4.0.1021.22 linux-tools-bluefield - 5.4.0.1021.22 linux-bluefield - 5.4.0.1021.22 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1046.81 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1046.81 linux-raspi-hwe-18.04-edge - 5.4.0.1046.81 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1046.81 linux-raspi-hwe-18.04 - 5.4.0.1046.81 linux-tools-raspi - 5.4.0.1046.81 linux-image-raspi - 5.4.0.1046.81 linux-raspi2-hwe-18.04 - 5.4.0.1046.81 linux-raspi2 - 5.4.0.1046.81 linux-tools-raspi2 - 5.4.0.1046.81 linux-headers-raspi2-hwe-18.04 - 5.4.0.1046.81 linux-image-raspi2 - 5.4.0.1046.81 linux-image-raspi-hwe-18.04-edge - 5.4.0.1046.81 linux-tools-raspi-hwe-18.04 - 5.4.0.1046.81 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1046.81 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1046.81 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1046.81 linux-tools-raspi2-hwe-18.04 - 5.4.0.1046.81 linux-raspi - 5.4.0.1046.81 linux-headers-raspi2 - 5.4.0.1046.81 linux-headers-raspi - 5.4.0.1046.81 linux-image-raspi-hwe-18.04 - 5.4.0.1046.81 linux-headers-raspi-hwe-18.04 - 5.4.0.1046.81 linux-image-raspi2-hwe-18.04 - 5.4.0.1046.81 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1057.57 linux-image-oracle-lts-20.04 - 5.4.0.1057.57 linux-oracle-lts-20.04 - 5.4.0.1057.57 linux-tools-oracle-lts-20.04 - 5.4.0.1057.57 No subscription required Medium CVE-2019-19449 CVE-2020-36385 CVE-2021-3428 CVE-2021-34556 CVE-2021-35477 CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-3759 Ubuntu 20.04 LTS The py.path.svnwc component of py (aka python-py) through v1.9.0 contains a regular expression with an ambiguous subpattern that is susceptible to catastrophic backtracing. This could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality. Update Instructions: Run `sudo pro fix USN-5138-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pypy-py - 1.8.1-1ubuntu0.1 python3-py - 1.8.1-1ubuntu0.1 python-py - 1.8.1-1ubuntu0.1 No subscription required Medium CVE-2020-29651 Ubuntu 20.04 LTS Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2021-3655) It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3744, CVE-2021-3764) It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) It was discovered that an integer overflow could be triggered in the eBPF implementation in the Linux kernel when preallocating objects for stack maps. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-41864) It was discovered that the KVM implementation for POWER8 processors in the Linux kernel did not properly keep track if a wakeup event could be resolved by a guest. An attacker in a guest VM could possibly use this to cause a denial of service (host OS crash). (CVE-2021-43056) It was discovered that the ISDN CAPI implementation in the Linux kernel contained a race condition in certain situations that could trigger an array out-of-bounds bug. A privileged local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2021-43389) Update Instructions: Run `sudo pro fix USN-5139-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.10-tools-host - 5.10.0-1051.53 linux-buildinfo-5.10.0-1051-oem - 5.10.0-1051.53 linux-tools-5.10.0-1051-oem - 5.10.0-1051.53 linux-oem-5.10-headers-5.10.0-1051 - 5.10.0-1051.53 linux-headers-5.10.0-1051-oem - 5.10.0-1051.53 linux-modules-5.10.0-1051-oem - 5.10.0-1051.53 linux-image-unsigned-5.10.0-1051-oem - 5.10.0-1051.53 linux-image-5.10.0-1051-oem - 5.10.0-1051.53 linux-oem-5.10-tools-5.10.0-1051 - 5.10.0-1051.53 No subscription required linux-oem-20.04 - 5.10.0.1051.53 linux-oem-20.04-edge - 5.10.0.1051.53 linux-headers-oem-20.04b - 5.10.0.1051.53 linux-image-oem-20.04b - 5.10.0.1051.53 linux-image-oem-20.04 - 5.10.0.1051.53 linux-tools-oem-20.04-edge - 5.10.0.1051.53 linux-image-oem-20.04-edge - 5.10.0.1051.53 linux-headers-oem-20.04-edge - 5.10.0.1051.53 linux-headers-oem-20.04 - 5.10.0.1051.53 linux-tools-oem-20.04b - 5.10.0.1051.53 linux-tools-oem-20.04 - 5.10.0.1051.53 linux-oem-20.04b - 5.10.0.1051.53 No subscription required Medium CVE-2021-3655 CVE-2021-3744 CVE-2021-3760 CVE-2021-3764 CVE-2021-41864 CVE-2021-43056 CVE-2021-43389 Ubuntu 20.04 LTS It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3744, CVE-2021-3764) It was discovered that an integer overflow could be triggered in the eBPF implementation in the Linux kernel when preallocating objects for stack maps. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-41864) Update Instructions: Run `sudo pro fix USN-5140-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.14.0-1007-oem - 5.14.0-1007.7 linux-headers-5.14.0-1007-oem - 5.14.0-1007.7 linux-tools-5.14.0-1007-oem - 5.14.0-1007.7 linux-oem-5.14-headers-5.14.0-1007 - 5.14.0-1007.7 linux-oem-5.14-tools-5.14.0-1007 - 5.14.0-1007.7 linux-image-5.14.0-1007-oem - 5.14.0-1007.7 linux-modules-5.14.0-1007-oem - 5.14.0-1007.7 linux-oem-5.14-tools-host - 5.14.0-1007.7 linux-image-unsigned-5.14.0-1007-oem - 5.14.0-1007.7 No subscription required linux-image-oem-20.04d - 5.14.0.1007.7 linux-headers-oem-20.04d - 5.14.0.1007.7 linux-tools-oem-20.04d - 5.14.0.1007.7 linux-oem-20.04d - 5.14.0.1007.7 No subscription required Medium CVE-2021-3744 CVE-2021-3764 CVE-2021-41864 Ubuntu 20.04 LTS Roman Fiedler discovered that a race condition existed in Firejail when using OverlayFS to prevent writes to the underlying file system. A local attacker could use this to gain administrative privileges. Note: this update disables support for OverlayFS in Firejail. Update Instructions: Run `sudo pro fix USN-5141-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firejail - 0.9.62-3ubuntu0.1 firejail-profiles - 0.9.62-3ubuntu0.1 No subscription required Medium CVE-2021-26910 Ubuntu 20.04 LTS Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. (CVE-2016-2124) Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. (CVE-2020-25717) Andrew Bartlett discovered that Samba did not correctly sandbox Kerberos tickets issues by an RODC. An RODC could print administrator tickets, contrary to expectations. (CVE-2020-25718) Andrew Bartlett discovered that Samba incorrectly handled Kerberos tickets. Delegated administrators could possibly use this issue to impersonate accounts, leading to total domain compromise. (CVE-2020-25719) Andrew Bartlett discovered that Samba did not provide stable AD identifiers to Kerberos acceptors. (CVE-2020-25721) Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. (CVE-2020-25722) Stefan Metzmacher discovered that Samba incorrectly handled certain large DCE/RPC requests. A remote attacker could possibly use this issue to bypass signature requirements. (CVE-2021-23192) William Ross discovered that Samba incorrectly handled memory. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly escalate privileges. (CVE-2021-3738) Joseph Sutton discovered that Samba incorrectly handled certain TGS requests. An authenticated attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2021-3671) The fix for CVE-2020-25717 results in possible behaviour changes that could affect certain environments. Please see the upstream advisory for more information: https://www.samba.org/samba/security/CVE-2020-25717.html Update Instructions: Run `sudo pro fix USN-5142-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: registry-tools - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-testsuite - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba - 2:4.13.14+dfsg-0ubuntu0.20.04.1 libnss-winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.1 libpam-winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.1 winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.1 smbclient - 2:4.13.14+dfsg-0ubuntu0.20.04.1 libwbclient0 - 2:4.13.14+dfsg-0ubuntu0.20.04.1 libwbclient-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-common-bin - 2:4.13.14+dfsg-0ubuntu0.20.04.1 libsmbclient - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-dsdb-modules - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.1 libsmbclient-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-vfs-modules - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-common - 2:4.13.14+dfsg-0ubuntu0.20.04.1 ctdb - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-libs - 2:4.13.14+dfsg-0ubuntu0.20.04.1 python3-samba - 2:4.13.14+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2016-2124 CVE-2020-25717 CVE-2020-25718 CVE-2020-25719 CVE-2020-25721 CVE-2020-25722 CVE-2021-23192 CVE-2021-3738 CVE-2021-3671 Ubuntu 20.04 LTS USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes introduced regressions in name mapping and backups. Please see the following upstream bugs for more information: https://bugzilla.samba.org/show_bug.cgi?id=14901 https://bugzilla.samba.org/show_bug.cgi?id=14918 This update fixes the problem. Original advisory details: Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. (CVE-2016-2124) Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. (CVE-2020-25717) Andrew Bartlett discovered that Samba did not correctly sandbox Kerberos tickets issues by an RODC. An RODC could print administrator tickets, contrary to expectations. (CVE-2020-25718) Andrew Bartlett discovered that Samba incorrectly handled Kerberos tickets. Delegated administrators could possibly use this issue to impersonate accounts, leading to total domain compromise. (CVE-2020-25719) Andrew Bartlett discovered that Samba did not provide stable AD identifiers to Kerberos acceptors. (CVE-2020-25721) Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. (CVE-2020-25722) Stefan Metzmacher discovered that Samba incorrectly handled certain large DCE/RPC requests. A remote attacker could possibly use this issue to bypass signature requirements. (CVE-2021-23192) William Ross discovered that Samba incorrectly handled memory. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly escalate privileges. (CVE-2021-3738) Joseph Sutton discovered that Samba incorrectly handled certain TGS requests. An authenticated attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2021-3671) The fix for CVE-2020-25717 results in possible behaviour changes that could affect certain environments. Please see the upstream advisory for more information: https://www.samba.org/samba/security/CVE-2020-25717.html Update Instructions: Run `sudo pro fix USN-5142-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: samba-testsuite - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba - 2:4.13.14+dfsg-0ubuntu0.20.04.3 registry-tools - 2:4.13.14+dfsg-0ubuntu0.20.04.3 libpam-winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.3 winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.3 smbclient - 2:4.13.14+dfsg-0ubuntu0.20.04.3 libwbclient-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.3 libsmbclient - 2:4.13.14+dfsg-0ubuntu0.20.04.3 python3-samba - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba-common-bin - 2:4.13.14+dfsg-0ubuntu0.20.04.3 libwbclient0 - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba-dsdb-modules - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.3 libsmbclient-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba-vfs-modules - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba-common - 2:4.13.14+dfsg-0ubuntu0.20.04.3 ctdb - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba-libs - 2:4.13.14+dfsg-0ubuntu0.20.04.3 libnss-winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.3 No subscription required None https://launchpad.net/bugs/1950363 https://launchpad.net/bugs/1952187 Ubuntu 20.04 LTS USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https://bugzilla.samba.org/show_bug.cgi?id=14922 This update fixes the problem. Original advisory details: Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. (CVE-2016-2124) Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. (CVE-2020-25717) Andrew Bartlett discovered that Samba did not correctly sandbox Kerberos tickets issues by an RODC. An RODC could print administrator tickets, contrary to expectations. (CVE-2020-25718) Andrew Bartlett discovered that Samba incorrectly handled Kerberos tickets. Delegated administrators could possibly use this issue to impersonate accounts, leading to total domain compromise. (CVE-2020-25719) Andrew Bartlett discovered that Samba did not provide stable AD identifiers to Kerberos acceptors. (CVE-2020-25721) Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. (CVE-2020-25722) Stefan Metzmacher discovered that Samba incorrectly handled certain large DCE/RPC requests. A remote attacker could possibly use this issue to bypass signature requirements. (CVE-2021-23192) William Ross discovered that Samba incorrectly handled memory. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly escalate privileges. (CVE-2021-3738) Joseph Sutton discovered that Samba incorrectly handled certain TGS requests. An authenticated attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2021-3671) The fix for CVE-2020-25717 results in possible behaviour changes that could affect certain environments. Please see the upstream advisory for more information: https://www.samba.org/samba/security/CVE-2020-25717.html Update Instructions: Run `sudo pro fix USN-5142-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: samba-testsuite - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba - 2:4.13.14+dfsg-0ubuntu0.20.04.4 registry-tools - 2:4.13.14+dfsg-0ubuntu0.20.04.4 libpam-winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.4 winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.4 smbclient - 2:4.13.14+dfsg-0ubuntu0.20.04.4 libwbclient-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.4 libsmbclient - 2:4.13.14+dfsg-0ubuntu0.20.04.4 python3-samba - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba-common-bin - 2:4.13.14+dfsg-0ubuntu0.20.04.4 libwbclient0 - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba-dsdb-modules - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.4 libsmbclient-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba-vfs-modules - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba-common - 2:4.13.14+dfsg-0ubuntu0.20.04.4 ctdb - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba-libs - 2:4.13.14+dfsg-0ubuntu0.20.04.4 libnss-winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.4 No subscription required None https://launchpad.net/bugs/1950363 Ubuntu 20.04 LTS Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established. Update Instructions: Run `sudo pro fix USN-5145-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.9-0ubuntu0.20.04.1 libpq-dev - 12.9-0ubuntu0.20.04.1 libecpg6 - 12.9-0ubuntu0.20.04.1 libpq5 - 12.9-0ubuntu0.20.04.1 libpgtypes3 - 12.9-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.9-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.9-0ubuntu0.20.04.1 libecpg-dev - 12.9-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.9-0ubuntu0.20.04.1 postgresql-doc-12 - 12.9-0ubuntu0.20.04.1 postgresql-12 - 12.9-0ubuntu0.20.04.1 postgresql-client-12 - 12.9-0ubuntu0.20.04.1 libecpg-compat3 - 12.9-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-23214 CVE-2021-23222 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5146-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:78.14.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:78.14.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:78.14.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:78.14.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-38493 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled permissions on the .swp file. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 ESM. (CVE-2017-17087) It was discovered that Vim incorrectly handled restricted mode. A local attacker could possibly use this issue to bypass restricted mode and execute arbitrary commands. Note: This update only makes executing shell commands more difficult. Restricted mode should not be considered a complete security measure. This issue only affected Ubuntu 14.04 ESM. (CVE-2019-20807) Brian Carpenter discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possible execute arbitrary code with user privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04 and Ubuntu 21.10. (CVE-2021-3872) It was discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possible execute arbitrary code with user privileges. (CVE-2021-3903) It was discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possible execute arbitrary code with user privileges. (CVE-2021-3927) It was discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possible execute arbitrary code with user privileges. (CVE-2021-3928) Update Instructions: Run `sudo pro fix USN-5147-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.4 vim-athena - 2:8.1.2269-1ubuntu5.4 xxd - 2:8.1.2269-1ubuntu5.4 vim-gtk - 2:8.1.2269-1ubuntu5.4 vim-gui-common - 2:8.1.2269-1ubuntu5.4 vim - 2:8.1.2269-1ubuntu5.4 vim-doc - 2:8.1.2269-1ubuntu5.4 vim-tiny - 2:8.1.2269-1ubuntu5.4 vim-runtime - 2:8.1.2269-1ubuntu5.4 vim-gtk3 - 2:8.1.2269-1ubuntu5.4 vim-nox - 2:8.1.2269-1ubuntu5.4 No subscription required Medium CVE-2017-17087 CVE-2019-20807 CVE-2021-3872 CVE-2021-3903 CVE-2021-3927 CVE-2021-3928 Ubuntu 20.04 LTS It was discovered that hivex incorrectly handled certain input. An attacker could use this vulnerability to cause a crash or obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5148-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhivex-bin - 1.3.18-2ubuntu0.1 libhivex-ocaml-dev - 1.3.18-2ubuntu0.1 libhivex-dev - 1.3.18-2ubuntu0.1 libhivex0 - 1.3.18-2ubuntu0.1 python3-hivex - 1.3.18-2ubuntu0.1 libwin-hivex-perl - 1.3.18-2ubuntu0.1 libhivex-ocaml - 1.3.18-2ubuntu0.1 ruby-hivex - 1.3.18-2ubuntu0.1 No subscription required Medium CVE-2021-3504 Ubuntu 20.04 LTS Kevin Backhouse discovered that AccountsService incorrectly handled memory when performing certain language setting operations. A local attacker could use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-5149-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: accountsservice - 0.6.55-0ubuntu12~20.04.5 gir1.2-accountsservice-1.0 - 0.6.55-0ubuntu12~20.04.5 libaccountsservice-doc - 0.6.55-0ubuntu12~20.04.5 libaccountsservice-dev - 0.6.55-0ubuntu12~20.04.5 libaccountsservice0 - 0.6.55-0ubuntu12~20.04.5 No subscription required High CVE-2021-3939 Ubuntu 20.04 LTS USN-5151-1 fixed several vulnerabilities in Mailman. This update provides the corresponding update for Ubuntu 20.04 ESM. Original advisory details: It was discovered that Mailman incorrectly handled certain URL. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-43331) It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2021-43332) Update Instructions: Run `sudo pro fix USN-5151-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mailman - 1:2.1.29-1ubuntu3.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-43331 CVE-2021-43332 Ubuntu 20.04 LTS It was discovered that LibreOffice incorrectly handled digital signatures. An attacker could possibly use this issue to create a specially crafted document that would display a validly signed indicator, contrary to expectations. Update Instructions: Run `sudo pro fix USN-5153-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.2 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.2 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.2 libreoffice - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.2 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.2 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.2 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.2 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.2 libridl-java - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.2 python3-access2base - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.2 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.2 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.2 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.2 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.2 libunoil-java - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.2 python3-uno - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.2 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.2 libjurt-java - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.2 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.2 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.2 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.2 ure - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.2 libjuh-java - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.2 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-25633 CVE-2021-25634 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2021-41159) It was discovered that FreeRDP incorrectly handled certain connections. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2021-41160) Update Instructions: Run `sudo pro fix USN-5154-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 freerdp2-shadow-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.2 libfreerdp2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 freerdp2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.2 freerdp2-wayland - 2.2.0+dfsg1-0ubuntu0.20.04.2 libwinpr2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.2 libfreerdp-shadow2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 libuwac0-0 - 2.2.0+dfsg1-0ubuntu0.20.04.2 freerdp2-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.2 libwinpr2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 libuwac0-dev - 2.2.0+dfsg1-0ubuntu0.20.04.2 libwinpr-tools2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 libfreerdp-shadow-subsystem2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 libfreerdp-client2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 winpr-utils - 2.2.0+dfsg1-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-41159 CVE-2021-41160 Ubuntu 20.04 LTS It was discovered that BlueZ incorrectly handled the Discoverable status when a device is powered down. This could result in devices being powered up discoverable, contrary to expectations. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. (CVE-2021-3658) It was discovered that BlueZ incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause BlueZ to consume resources, leading to a denial of service. (CVE-2021-41229) It was discovered that the BlueZ gatt server incorrectly handled disconnects. A remote attacker could possibly use this issue to cause BlueZ to crash, leading to a denial of service. (CVE-2021-43400) Update Instructions: Run `sudo pro fix USN-5155-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbluetooth3 - 5.53-0ubuntu3.4 bluez-tests - 5.53-0ubuntu3.4 bluez-obexd - 5.53-0ubuntu3.4 bluetooth - 5.53-0ubuntu3.4 bluez - 5.53-0ubuntu3.4 bluez-hcidump - 5.53-0ubuntu3.4 bluez-cups - 5.53-0ubuntu3.4 libbluetooth-dev - 5.53-0ubuntu3.4 No subscription required Medium CVE-2021-3658 CVE-2021-41229 CVE-2021-43400 Ubuntu 20.04 LTS It was discovered that ICU contains a double free issue. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5156-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: icu-devtools - 66.1-2ubuntu2.1 libicu66 - 66.1-2ubuntu2.1 libicu-dev - 66.1-2ubuntu2.1 icu-doc - 66.1-2ubuntu2.1 No subscription required Medium CVE-2021-30535 Ubuntu 20.04 LTS It was discovered that Postorius mishandled specially crafted input. An attacker could use this vulnerability that obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5157-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django-postorius - 1.2.4-1ubuntu0.1 No subscription required Medium CVE-2021-40347 Ubuntu 20.04 LTS It was discovered that Midnight Commander would not check server fingerprints when establishing an SFTP connection. If a remote attacker were able to intercept communications this flaw could be exploited to impersonate the SFTP server. Update Instructions: Run `sudo pro fix USN-5160-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mc-data - 3:4.8.24-2ubuntu1+esm1 mc - 3:4.8.24-2ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-36370 Ubuntu 20.04 LTS Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2021-3655) It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3744, CVE-2021-3764) It was discovered that the Aspeed Low Pin Count (LPC) Bus Controller implementation in the Linux kernel did not properly perform boundary checks in some situations, allowing out-of-bounds write access. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. In Ubuntu, this issue only affected systems running armhf kernels. (CVE-2021-42252) Update Instructions: Run `sudo pro fix USN-5161-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-headers-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-image-unsigned-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-modules-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-modules-extra-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 linux-cloud-tools-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-azure-5.11-headers-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-oracle-5.11-tools-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-image-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-image-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 linux-modules-extra-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-buildinfo-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-tools-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-tools-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 linux-buildinfo-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-aws-5.11-tools-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-modules-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-image-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-headers-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 linux-cloud-tools-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-azure-5.11-tools-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-oracle-5.11-headers-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-tools-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-headers-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-modules-extra-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-modules-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-aws-5.11-headers-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-buildinfo-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 No subscription required linux-gcp-5.11-headers-5.11.0-1023 - 5.11.0-1023.25~20.04.1 linux-modules-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 linux-gcp-5.11-tools-5.11.0-1023 - 5.11.0-1023.25~20.04.1 linux-headers-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 linux-image-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 linux-image-unsigned-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 linux-buildinfo-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 linux-tools-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 linux-modules-extra-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 No subscription required linux-tools-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-image-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-image-5.11.0-41-generic-64k - 5.11.0-41.45~20.04.1 linux-buildinfo-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-headers-5.11.0-41-generic-lpae - 5.11.0-41.45~20.04.1 linux-modules-5.11.0-41-generic-64k - 5.11.0-41.45~20.04.1 linux-image-5.11.0-41-generic-lpae - 5.11.0-41.45~20.04.1 linux-tools-5.11.0-41-generic-64k - 5.11.0-41.45~20.04.1 linux-image-unsigned-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-cloud-tools-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-headers-5.11.0-41-generic-64k - 5.11.0-41.45~20.04.1 linux-modules-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-hwe-5.11-cloud-tools-5.11.0-41 - 5.11.0-41.45~20.04.1 linux-image-unsigned-5.11.0-41-generic-64k - 5.11.0-41.45~20.04.1 linux-hwe-5.11-source-5.11.0 - 5.11.0-41.45~20.04.1 linux-image-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-tools-5.11.0-41-generic-lpae - 5.11.0-41.45~20.04.1 linux-headers-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-hwe-5.11-tools-host - 5.11.0-41.45~20.04.1 linux-hwe-5.11-tools-5.11.0-41 - 5.11.0-41.45~20.04.1 linux-hwe-5.11-cloud-tools-common - 5.11.0-41.45~20.04.1 linux-modules-extra-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-buildinfo-5.11.0-41-generic-lpae - 5.11.0-41.45~20.04.1 linux-modules-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-cloud-tools-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-hwe-5.11-tools-common - 5.11.0-41.45~20.04.1 linux-modules-5.11.0-41-generic-lpae - 5.11.0-41.45~20.04.1 linux-image-unsigned-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-hwe-5.11-headers-5.11.0-41 - 5.11.0-41.45~20.04.1 linux-headers-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-buildinfo-5.11.0-41-generic-64k - 5.11.0-41.45~20.04.1 linux-tools-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-buildinfo-5.11.0-41-generic - 5.11.0-41.45~20.04.1 No subscription required linux-headers-oracle - 5.11.0.1022.23~20.04.15 linux-tools-oracle - 5.11.0.1022.23~20.04.15 linux-oracle - 5.11.0.1022.23~20.04.15 linux-tools-oracle-edge - 5.11.0.1022.23~20.04.15 linux-oracle-edge - 5.11.0.1022.23~20.04.15 linux-image-oracle-edge - 5.11.0.1022.23~20.04.15 linux-headers-oracle-edge - 5.11.0.1022.23~20.04.15 linux-image-oracle - 5.11.0.1022.23~20.04.15 No subscription required linux-headers-aws - 5.11.0.1022.23~20.04.21 linux-image-aws - 5.11.0.1022.23~20.04.21 linux-modules-extra-aws-edge - 5.11.0.1022.23~20.04.21 linux-image-aws-edge - 5.11.0.1022.23~20.04.21 linux-aws-edge - 5.11.0.1022.23~20.04.21 linux-aws - 5.11.0.1022.23~20.04.21 linux-headers-aws-edge - 5.11.0.1022.23~20.04.21 linux-modules-extra-aws - 5.11.0.1022.23~20.04.21 linux-tools-aws - 5.11.0.1022.23~20.04.21 linux-tools-aws-edge - 5.11.0.1022.23~20.04.21 No subscription required linux-tools-azure-edge - 5.11.0.1022.23~20.04.22 linux-cloud-tools-azure - 5.11.0.1022.23~20.04.22 linux-tools-azure - 5.11.0.1022.23~20.04.22 linux-image-azure-edge - 5.11.0.1022.23~20.04.22 linux-cloud-tools-azure-edge - 5.11.0.1022.23~20.04.22 linux-modules-extra-azure - 5.11.0.1022.23~20.04.22 linux-azure - 5.11.0.1022.23~20.04.22 linux-image-azure - 5.11.0.1022.23~20.04.22 linux-headers-azure-edge - 5.11.0.1022.23~20.04.22 linux-azure-edge - 5.11.0.1022.23~20.04.22 linux-modules-extra-azure-edge - 5.11.0.1022.23~20.04.22 linux-headers-azure - 5.11.0.1022.23~20.04.22 No subscription required linux-image-gcp-edge - 5.11.0.1023.25~20.04.22 linux-tools-gcp-edge - 5.11.0.1023.25~20.04.22 linux-headers-gcp-edge - 5.11.0.1023.25~20.04.22 linux-tools-gcp - 5.11.0.1023.25~20.04.22 linux-modules-extra-gcp-edge - 5.11.0.1023.25~20.04.22 linux-gcp - 5.11.0.1023.25~20.04.22 linux-headers-gcp - 5.11.0.1023.25~20.04.22 linux-image-gcp - 5.11.0.1023.25~20.04.22 linux-modules-extra-gcp - 5.11.0.1023.25~20.04.22 linux-gcp-edge - 5.11.0.1023.25~20.04.22 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-headers-generic-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-image-virtual-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-headers-lowlatency-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-image-extra-virtual-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-image-lowlatency-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-virtual-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-image-generic-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-headers-generic-64k-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-generic-lpae-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-generic-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-tools-generic-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-tools-lowlatency-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-tools-virtual-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-tools-generic-64k-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-lowlatency-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-generic-64k-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-image-generic-64k-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-headers-virtual-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-image-generic-lpae-hwe-20.04 - 5.11.0.41.45~20.04.19 No subscription required Medium CVE-2021-3655 CVE-2021-3744 CVE-2021-3764 CVE-2021-42252 Ubuntu 20.04 LTS Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2021-3655) It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3744, CVE-2021-3764) It was discovered that the Aspeed Low Pin Count (LPC) Bus Controller implementation in the Linux kernel did not properly perform boundary checks in some situations, allowing out-of-bounds write access. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. In Ubuntu, this issue only affected systems running armhf kernels. (CVE-2021-42252) Jann Horn discovered that the SELinux subsystem in the Linux kernel did not properly handle subjective credentials for tasks in some situations. On systems where SELinux has been enabled, a local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-43057) Update Instructions: Run `sudo pro fix USN-5162-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.13.0-1020-oem - 5.13.0-1020.24 linux-oem-5.13-tools-host - 5.13.0-1020.24 linux-oem-5.13-tools-5.13.0-1020 - 5.13.0-1020.24 linux-headers-5.13.0-1020-oem - 5.13.0-1020.24 linux-image-5.13.0-1020-oem - 5.13.0-1020.24 linux-image-unsigned-5.13.0-1020-oem - 5.13.0-1020.24 linux-oem-5.13-headers-5.13.0-1020 - 5.13.0-1020.24 linux-tools-5.13.0-1020-oem - 5.13.0-1020.24 linux-modules-5.13.0-1020-oem - 5.13.0-1020.24 No subscription required linux-headers-oem-20.04c - 5.13.0.1020.24 linux-image-oem-20.04c - 5.13.0.1020.24 linux-tools-oem-20.04c - 5.13.0.1020.24 linux-oem-20.04c - 5.13.0.1020.24 No subscription required Medium CVE-2021-3655 CVE-2021-3744 CVE-2021-3764 CVE-2021-42252 CVE-2021-43057 Ubuntu 20.04 LTS Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2021-3655) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3744, CVE-2021-3764) Update Instructions: Run `sudo pro fix USN-5163-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-tools-5.4.0-1008 - 5.4.0-1008.9 linux-modules-extra-5.4.0-1008-ibm - 5.4.0-1008.9 linux-ibm-cloud-tools-common - 5.4.0-1008.9 linux-ibm-headers-5.4.0-1008 - 5.4.0-1008.9 linux-headers-5.4.0-1008-ibm - 5.4.0-1008.9 linux-ibm-source-5.4.0 - 5.4.0-1008.9 linux-ibm-tools-common - 5.4.0-1008.9 linux-buildinfo-5.4.0-1008-ibm - 5.4.0-1008.9 linux-image-unsigned-5.4.0-1008-ibm - 5.4.0-1008.9 linux-image-5.4.0-1008-ibm - 5.4.0-1008.9 linux-tools-5.4.0-1008-ibm - 5.4.0-1008.9 linux-modules-5.4.0-1008-ibm - 5.4.0-1008.9 No subscription required linux-tools-5.4.0-1022-bluefield - 5.4.0-1022.25 linux-bluefield-tools-5.4.0-1022 - 5.4.0-1022.25 linux-image-5.4.0-1022-bluefield - 5.4.0-1022.25 linux-bluefield-headers-5.4.0-1022 - 5.4.0-1022.25 linux-headers-5.4.0-1022-bluefield - 5.4.0-1022.25 linux-modules-5.4.0-1022-bluefield - 5.4.0-1022.25 linux-image-unsigned-5.4.0-1022-bluefield - 5.4.0-1022.25 linux-buildinfo-5.4.0-1022-bluefield - 5.4.0-1022.25 No subscription required linux-modules-extra-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-cloud-tools-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-buildinfo-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-tools-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-headers-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-gkeop-source-5.4.0 - 5.4.0-1027.28 linux-modules-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-image-unsigned-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-image-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-gkeop-headers-5.4.0-1027 - 5.4.0-1027.28 linux-gkeop-tools-5.4.0-1027 - 5.4.0-1027.28 linux-gkeop-cloud-tools-5.4.0-1027 - 5.4.0-1027.28 No subscription required linux-headers-5.4.0-1047-raspi - 5.4.0-1047.52 linux-raspi-tools-5.4.0-1047 - 5.4.0-1047.52 linux-tools-5.4.0-1047-raspi - 5.4.0-1047.52 linux-image-5.4.0-1047-raspi - 5.4.0-1047.52 linux-raspi-headers-5.4.0-1047 - 5.4.0-1047.52 linux-buildinfo-5.4.0-1047-raspi - 5.4.0-1047.52 linux-modules-5.4.0-1047-raspi - 5.4.0-1047.52 No subscription required linux-tools-5.4.0-1050-kvm - 5.4.0-1050.52 linux-modules-5.4.0-1050-kvm - 5.4.0-1050.52 linux-kvm-tools-5.4.0-1050 - 5.4.0-1050.52 linux-image-5.4.0-1050-kvm - 5.4.0-1050.52 linux-headers-5.4.0-1050-kvm - 5.4.0-1050.52 linux-image-unsigned-5.4.0-1050-kvm - 5.4.0-1050.52 linux-buildinfo-5.4.0-1050-kvm - 5.4.0-1050.52 linux-kvm-headers-5.4.0-1050 - 5.4.0-1050.52 No subscription required linux-image-unsigned-5.4.0-1056-gke - 5.4.0-1056.59 linux-headers-5.4.0-1056-gke - 5.4.0-1056.59 linux-modules-extra-5.4.0-1056-gke - 5.4.0-1056.59 linux-gke-headers-5.4.0-1056 - 5.4.0-1056.59 linux-tools-5.4.0-1056-gke - 5.4.0-1056.59 linux-image-5.4.0-1056-gke - 5.4.0-1056.59 linux-modules-5.4.0-1056-gke - 5.4.0-1056.59 linux-buildinfo-5.4.0-1056-gke - 5.4.0-1056.59 linux-gke-tools-5.4.0-1056 - 5.4.0-1056.59 No subscription required linux-tools-5.4.0-1058-gcp - 5.4.0-1058.62 linux-modules-extra-5.4.0-1058-gcp - 5.4.0-1058.62 linux-image-5.4.0-1058-oracle - 5.4.0-1058.62 linux-image-unsigned-5.4.0-1058-gcp - 5.4.0-1058.62 linux-modules-5.4.0-1058-oracle - 5.4.0-1058.62 linux-oracle-tools-5.4.0-1058 - 5.4.0-1058.62 linux-buildinfo-5.4.0-1058-oracle - 5.4.0-1058.62 linux-modules-5.4.0-1058-gcp - 5.4.0-1058.62 linux-oracle-headers-5.4.0-1058 - 5.4.0-1058.62 linux-image-5.4.0-1058-gcp - 5.4.0-1058.62 linux-gcp-headers-5.4.0-1058 - 5.4.0-1058.62 linux-gcp-tools-5.4.0-1058 - 5.4.0-1058.62 linux-headers-5.4.0-1058-gcp - 5.4.0-1058.62 linux-headers-5.4.0-1058-oracle - 5.4.0-1058.62 linux-buildinfo-5.4.0-1058-gcp - 5.4.0-1058.62 linux-tools-5.4.0-1058-oracle - 5.4.0-1058.62 linux-image-unsigned-5.4.0-1058-oracle - 5.4.0-1058.62 linux-modules-extra-5.4.0-1058-oracle - 5.4.0-1058.62 No subscription required linux-modules-5.4.0-1060-aws - 5.4.0-1060.63 linux-image-5.4.0-1060-aws - 5.4.0-1060.63 linux-modules-extra-5.4.0-1060-aws - 5.4.0-1060.63 linux-aws-tools-5.4.0-1060 - 5.4.0-1060.63 linux-tools-5.4.0-1060-aws - 5.4.0-1060.63 linux-buildinfo-5.4.0-1060-aws - 5.4.0-1060.63 linux-aws-cloud-tools-5.4.0-1060 - 5.4.0-1060.63 linux-headers-5.4.0-1060-aws - 5.4.0-1060.63 linux-aws-headers-5.4.0-1060 - 5.4.0-1060.63 linux-cloud-tools-5.4.0-1060-aws - 5.4.0-1060.63 No subscription required linux-tools-5.4.0-1064-azure - 5.4.0-1064.67 linux-modules-5.4.0-1064-azure - 5.4.0-1064.67 linux-cloud-tools-5.4.0-1064-azure - 5.4.0-1064.67 linux-buildinfo-5.4.0-1064-azure - 5.4.0-1064.67 linux-image-unsigned-5.4.0-1064-azure - 5.4.0-1064.67 linux-headers-5.4.0-1064-azure - 5.4.0-1064.67 linux-modules-extra-5.4.0-1064-azure - 5.4.0-1064.67 linux-azure-cloud-tools-5.4.0-1064 - 5.4.0-1064.67 linux-azure-tools-5.4.0-1064 - 5.4.0-1064.67 linux-azure-headers-5.4.0-1064 - 5.4.0-1064.67 linux-image-5.4.0-1064-azure - 5.4.0-1064.67 No subscription required linux-tools-5.4.0-91-lowlatency - 5.4.0-91.102 linux-tools-host - 5.4.0-91.102 linux-tools-common - 5.4.0-91.102 linux-modules-5.4.0-91-lowlatency - 5.4.0-91.102 linux-doc - 5.4.0-91.102 linux-headers-5.4.0-91 - 5.4.0-91.102 linux-buildinfo-5.4.0-91-generic - 5.4.0-91.102 linux-libc-dev - 5.4.0-91.102 linux-source-5.4.0 - 5.4.0-91.102 linux-image-unsigned-5.4.0-91-lowlatency - 5.4.0-91.102 linux-headers-5.4.0-91-lowlatency - 5.4.0-91.102 linux-cloud-tools-common - 5.4.0-91.102 linux-tools-5.4.0-91-generic - 5.4.0-91.102 linux-modules-5.4.0-91-generic - 5.4.0-91.102 linux-image-5.4.0-91-lowlatency - 5.4.0-91.102 linux-image-5.4.0-91-generic - 5.4.0-91.102 linux-buildinfo-5.4.0-91-lowlatency - 5.4.0-91.102 linux-modules-5.4.0-91-generic-lpae - 5.4.0-91.102 linux-tools-5.4.0-91-generic-lpae - 5.4.0-91.102 linux-cloud-tools-5.4.0-91 - 5.4.0-91.102 linux-headers-5.4.0-91-generic - 5.4.0-91.102 linux-modules-extra-5.4.0-91-generic - 5.4.0-91.102 linux-cloud-tools-5.4.0-91-lowlatency - 5.4.0-91.102 linux-tools-5.4.0-91 - 5.4.0-91.102 linux-image-unsigned-5.4.0-91-generic - 5.4.0-91.102 linux-image-5.4.0-91-generic-lpae - 5.4.0-91.102 linux-buildinfo-5.4.0-91-generic-lpae - 5.4.0-91.102 linux-headers-5.4.0-91-generic-lpae - 5.4.0-91.102 linux-cloud-tools-5.4.0-91-generic - 5.4.0-91.102 No subscription required linux-image-ibm - 5.4.0.1008.9 linux-tools-ibm-lts-20.04 - 5.4.0.1008.9 linux-modules-extra-ibm - 5.4.0.1008.9 linux-headers-ibm-lts-20.04 - 5.4.0.1008.9 linux-tools-ibm - 5.4.0.1008.9 linux-image-ibm-lts-20.04 - 5.4.0.1008.9 linux-ibm-lts-20.04 - 5.4.0.1008.9 linux-ibm - 5.4.0.1008.9 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1008.9 linux-headers-ibm - 5.4.0.1008.9 No subscription required linux-bluefield - 5.4.0.1022.23 linux-image-bluefield - 5.4.0.1022.23 linux-headers-bluefield - 5.4.0.1022.23 linux-tools-bluefield - 5.4.0.1022.23 No subscription required linux-cloud-tools-gkeop-5.4 - 5.4.0.1027.30 linux-image-gkeop - 5.4.0.1027.30 linux-gkeop-5.4 - 5.4.0.1027.30 linux-headers-gkeop-5.4 - 5.4.0.1027.30 linux-headers-gkeop - 5.4.0.1027.30 linux-image-gkeop-5.4 - 5.4.0.1027.30 linux-gkeop - 5.4.0.1027.30 linux-cloud-tools-gkeop - 5.4.0.1027.30 linux-modules-extra-gkeop-5.4 - 5.4.0.1027.30 linux-modules-extra-gkeop - 5.4.0.1027.30 linux-tools-gkeop - 5.4.0.1027.30 linux-tools-gkeop-5.4 - 5.4.0.1027.30 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1047.82 linux-raspi2 - 5.4.0.1047.82 linux-image-raspi-hwe-18.04 - 5.4.0.1047.82 linux-image-raspi2-hwe-18.04 - 5.4.0.1047.82 linux-tools-raspi - 5.4.0.1047.82 linux-headers-raspi2 - 5.4.0.1047.82 linux-headers-raspi2-hwe-18.04 - 5.4.0.1047.82 linux-headers-raspi-hwe-18.04 - 5.4.0.1047.82 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1047.82 linux-raspi2-hwe-18.04-edge - 5.4.0.1047.82 linux-raspi-hwe-18.04 - 5.4.0.1047.82 linux-tools-raspi2-hwe-18.04 - 5.4.0.1047.82 linux-raspi2-hwe-18.04 - 5.4.0.1047.82 linux-image-raspi-hwe-18.04-edge - 5.4.0.1047.82 linux-image-raspi2 - 5.4.0.1047.82 linux-tools-raspi-hwe-18.04 - 5.4.0.1047.82 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1047.82 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1047.82 linux-raspi-hwe-18.04-edge - 5.4.0.1047.82 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1047.82 linux-headers-raspi - 5.4.0.1047.82 linux-image-raspi - 5.4.0.1047.82 linux-tools-raspi2 - 5.4.0.1047.82 linux-raspi - 5.4.0.1047.82 No subscription required linux-kvm - 5.4.0.1050.49 linux-headers-kvm - 5.4.0.1050.49 linux-image-kvm - 5.4.0.1050.49 linux-tools-kvm - 5.4.0.1050.49 No subscription required linux-modules-extra-gke - 5.4.0.1056.66 linux-headers-gke - 5.4.0.1056.66 linux-tools-gke-5.4 - 5.4.0.1056.66 linux-modules-extra-gke-5.4 - 5.4.0.1056.66 linux-gke-5.4 - 5.4.0.1056.66 linux-image-gke-5.4 - 5.4.0.1056.66 linux-tools-gke - 5.4.0.1056.66 linux-gke - 5.4.0.1056.66 linux-image-gke - 5.4.0.1056.66 linux-headers-gke-5.4 - 5.4.0.1056.66 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1058.58 linux-oracle-lts-20.04 - 5.4.0.1058.58 linux-image-oracle-lts-20.04 - 5.4.0.1058.58 linux-headers-oracle-lts-20.04 - 5.4.0.1058.58 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1058.68 linux-gcp-lts-20.04 - 5.4.0.1058.68 linux-headers-gcp-lts-20.04 - 5.4.0.1058.68 linux-image-gcp-lts-20.04 - 5.4.0.1058.68 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1058.68 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1060.63 linux-headers-aws-lts-20.04 - 5.4.0.1060.63 linux-tools-aws-lts-20.04 - 5.4.0.1060.63 linux-aws-lts-20.04 - 5.4.0.1060.63 linux-image-aws-lts-20.04 - 5.4.0.1060.63 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1064.62 linux-azure-lts-20.04 - 5.4.0.1064.62 linux-image-azure-lts-20.04 - 5.4.0.1064.62 linux-headers-azure-lts-20.04 - 5.4.0.1064.62 linux-modules-extra-azure-lts-20.04 - 5.4.0.1064.62 linux-tools-azure-lts-20.04 - 5.4.0.1064.62 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.91.95 linux-cloud-tools-virtual - 5.4.0.91.95 linux-image-generic-hwe-18.04 - 5.4.0.91.95 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.91.95 linux-headers-generic-lpae - 5.4.0.91.95 linux-image-virtual - 5.4.0.91.95 linux-oem-osp1-tools-host - 5.4.0.91.95 linux-cloud-tools-lowlatency - 5.4.0.91.95 linux-image-generic - 5.4.0.91.95 linux-tools-lowlatency - 5.4.0.91.95 linux-image-oem - 5.4.0.91.95 linux-headers-generic-hwe-18.04 - 5.4.0.91.95 linux-oem-osp1 - 5.4.0.91.95 linux-headers-lowlatency-hwe-18.04 - 5.4.0.91.95 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.91.95 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.91.95 linux-image-generic-lpae-hwe-18.04 - 5.4.0.91.95 linux-crashdump - 5.4.0.91.95 linux-tools-lowlatency-hwe-18.04 - 5.4.0.91.95 linux-headers-virtual-hwe-18.04-edge - 5.4.0.91.95 linux-source - 5.4.0.91.95 linux-lowlatency - 5.4.0.91.95 linux-tools-virtual-hwe-18.04-edge - 5.4.0.91.95 linux-virtual - 5.4.0.91.95 linux-headers-virtual-hwe-18.04 - 5.4.0.91.95 linux-virtual-hwe-18.04 - 5.4.0.91.95 linux-tools-generic-lpae - 5.4.0.91.95 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.91.95 linux-tools-virtual - 5.4.0.91.95 linux-generic-lpae-hwe-18.04-edge - 5.4.0.91.95 linux-lowlatency-hwe-18.04-edge - 5.4.0.91.95 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.91.95 linux-generic-lpae-hwe-18.04 - 5.4.0.91.95 linux-generic-lpae - 5.4.0.91.95 linux-headers-oem - 5.4.0.91.95 linux-image-extra-virtual-hwe-18.04 - 5.4.0.91.95 linux-generic - 5.4.0.91.95 linux-tools-oem-osp1 - 5.4.0.91.95 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.91.95 linux-tools-generic-hwe-18.04-edge - 5.4.0.91.95 linux-image-lowlatency - 5.4.0.91.95 linux-image-virtual-hwe-18.04 - 5.4.0.91.95 linux-headers-lowlatency - 5.4.0.91.95 linux-image-generic-hwe-18.04-edge - 5.4.0.91.95 linux-generic-hwe-18.04-edge - 5.4.0.91.95 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.91.95 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.91.95 linux-oem - 5.4.0.91.95 linux-tools-generic - 5.4.0.91.95 linux-image-extra-virtual - 5.4.0.91.95 linux-cloud-tools-generic - 5.4.0.91.95 linux-image-oem-osp1 - 5.4.0.91.95 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.91.95 linux-oem-tools-host - 5.4.0.91.95 linux-tools-oem - 5.4.0.91.95 linux-headers-oem-osp1 - 5.4.0.91.95 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.91.95 linux-headers-generic-hwe-18.04-edge - 5.4.0.91.95 linux-headers-generic - 5.4.0.91.95 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.91.95 linux-image-lowlatency-hwe-18.04 - 5.4.0.91.95 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.91.95 linux-virtual-hwe-18.04-edge - 5.4.0.91.95 linux-headers-virtual - 5.4.0.91.95 linux-lowlatency-hwe-18.04 - 5.4.0.91.95 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.91.95 linux-generic-hwe-18.04 - 5.4.0.91.95 linux-image-generic-lpae - 5.4.0.91.95 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.91.95 linux-tools-generic-hwe-18.04 - 5.4.0.91.95 linux-tools-virtual-hwe-18.04 - 5.4.0.91.95 linux-image-virtual-hwe-18.04-edge - 5.4.0.91.95 No subscription required Medium CVE-2021-3655 CVE-2021-37159 CVE-2021-3744 CVE-2021-3764 Ubuntu 20.04 LTS It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) It was discovered that the SCTP protocol implementation in the Linux kernel did not properly verify VTAGs in some situations. A remote attacker could possibly use this to cause a denial of service (connection disassociation). (CVE-2021-3772) It was discovered that the AMD Radeon GPU driver in the Linux kernel did not properly validate writes in the debugfs file system. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42327) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) It was discovered that the KVM implementation for POWER8 processors in the Linux kernel did not properly keep track if a wakeup event could be resolved by a guest. An attacker in a guest VM could possibly use this to cause a denial of service (host OS crash). (CVE-2021-43056) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly validate MSG_CRYPTO messages in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43267) It was discovered that the ISDN CAPI implementation in the Linux kernel contained a race condition in certain situations that could trigger an array out-of-bounds bug. A privileged local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2021-43389) Update Instructions: Run `sudo pro fix USN-5165-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.14.0-1008-oem - 5.14.0-1008.8 linux-buildinfo-5.14.0-1008-oem - 5.14.0-1008.8 linux-tools-5.14.0-1008-oem - 5.14.0-1008.8 linux-image-unsigned-5.14.0-1008-oem - 5.14.0-1008.8 linux-modules-5.14.0-1008-oem - 5.14.0-1008.8 linux-image-5.14.0-1008-oem - 5.14.0-1008.8 linux-oem-5.14-tools-5.14.0-1008 - 5.14.0-1008.8 linux-oem-5.14-tools-host - 5.14.0-1008.8 linux-oem-5.14-headers-5.14.0-1008 - 5.14.0-1008.8 No subscription required linux-tools-oem-20.04d - 5.14.0.1008.8 linux-headers-oem-20.04d - 5.14.0.1008.8 linux-image-oem-20.04d - 5.14.0.1008.8 linux-oem-20.04d - 5.14.0.1008.8 No subscription required Medium CVE-2021-3760 CVE-2021-3772 CVE-2021-42327 CVE-2021-42739 CVE-2021-43056 CVE-2021-43267 CVE-2021-43389 Ubuntu 20.04 LTS Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5168-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.6 libnss3 - 2:3.49.1-1ubuntu1.6 libnss3-tools - 2:3.49.1-1ubuntu1.6 No subscription required High CVE-2021-43527 Ubuntu 20.04 LTS Tavis Ormandy discovered that NSS, included with Thunderbird, incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause Thunderbird to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5168-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-br - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bn - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-be - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bg - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ja - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sl - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sk - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-si - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-gnome-support - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sv - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sr - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sq - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hsb - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cy - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cs - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ca - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt-br - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pa - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ka - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ko - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-kk - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-kab - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pl - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-tw - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nn-no - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nb-no - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bn-bd - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-lt - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en-gb - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-uz - 1:78.14.0+build1-0ubuntu0.20.04.2 xul-ext-calendar-timezones - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-de - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-da - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-uk - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-dev - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-el - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en-us - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-rm - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ms - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ro - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-eu - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-et - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-hant - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-hans - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ru - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-es - 1:78.14.0+build1-0ubuntu0.20.04.2 xul-ext-gdata-provider - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fr - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-es-es - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ta-lk - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fy - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fa - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fi - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ast - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nl - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nn - 1:78.14.0+build1-0ubuntu0.20.04.2 xul-ext-lightning - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ga-ie - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fy-nl - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nb - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-mozsymbols - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-cn - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-gl - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ga - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-tr - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-gd - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-th - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ta - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-dsb - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-vi - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hy - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sv-se - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hr - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hu - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pa-in - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-he - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ar - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-af - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt-pt - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cak - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-is - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-it - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-mk - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-id - 1:78.14.0+build1-0ubuntu0.20.04.2 No subscription required High CVE-2021-43527 Ubuntu 20.04 LTS Matthias Gerstner discovered that there was a race condition in the mkhomedir tool shipped with the oddjob package. An authenticated attacker could use this to setup a symlink attack and change permissions on files on the host filesystem. Update Instructions: Run `sudo pro fix USN-5169-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: oddjob - 0.34.4-1ubuntu0.1~esm1 oddjob-mkhomedir - 0.34.4-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-10737 Ubuntu 20.04 LTS A security issue was discovered in MariaDB and this update includes new upstream MariaDB versions to fix the issue. MariaDB has been updated to 10.3.32 in Ubuntu 20.04 LTS and to 10.5.13 in Ubuntu 21.04 and Ubuntu 21.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Update Instructions: Run `sudo pro fix USN-5170-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.32-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.32-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.32-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.32-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.32-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.32-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.32-0ubuntu0.20.04.1 mariadb-client - 1:10.3.32-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.32-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.32-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.32-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.32-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.32-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.32-0ubuntu0.20.04.1 mariadb-server - 1:10.3.32-0ubuntu0.20.04.1 mariadb-common - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.32-0ubuntu0.20.04.1 mariadb-test - 1:10.3.32-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-35604 Ubuntu 20.04 LTS It was discovered that ntpd incorrectly handled memory when CMAC keys were used. A remote attacker could possibly use this issue to cause ntpd to crash resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5175-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ntp - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1+esm1 sntp - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1+esm1 ntp-doc - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1+esm1 ntpdate - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-15025 Ubuntu 20.04 LTS It was discovered that Inetutils did not properly check the response of ftp requests. A remote attacker could use this vulnerability to cause a crash or run programs in the user machine. Update Instructions: Run `sudo pro fix USN-5177-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: inetutils-tools - 2:1.9.4-11ubuntu0.1+esm1 inetutils-ftpd - 2:1.9.4-11ubuntu0.1+esm1 inetutils-talkd - 2:1.9.4-11ubuntu0.1+esm1 inetutils-traceroute - 2:1.9.4-11ubuntu0.1+esm1 inetutils-talk - 2:1.9.4-11ubuntu0.1+esm1 inetutils-telnetd - 2:1.9.4-11ubuntu0.1+esm1 inetutils-inetd - 2:1.9.4-11ubuntu0.1+esm1 inetutils-ping - 2:1.9.4-11ubuntu0.1+esm1 inetutils-syslogd - 2:1.9.4-11ubuntu0.1+esm1 inetutils-ftp - 2:1.9.4-11ubuntu0.1+esm1 inetutils-telnet - 2:1.9.4-11ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-40491 Ubuntu 20.04 LTS Sjoerd Job Postmus and TengMA discovered that Django incorrectly handled URLs with trailing newlines. A remote attacker could possibly use this issue to bypass certain access controls. Update Instructions: Run `sudo pro fix USN-5178-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.8 python-django-doc - 2:2.2.12-1ubuntu0.8 No subscription required Low CVE-2021-44420 Ubuntu 20.04 LTS It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processing a specially crafted gzip archive, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-28831) It was discovered that BusyBox incorrectly handled certain malformed LZMA archives. If a user or automated system were tricked into processing a specially crafted LZMA archive, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or possibly leak sensitive information. (CVE-2021-42374) Vera Mens, Uri Katz, Tal Keren, Sharon Brizinov, and Shachar Menashe discovered that BusyBox incorrectly handled certain awk patterns. If a user or automated system were tricked into processing a specially crafted awk pattern, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381, CVE-2021-42382, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386) Update Instructions: Run `sudo pro fix USN-5179-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: busybox - 1:1.30.1-4ubuntu6.4 busybox-syslogd - 1:1.30.1-4ubuntu6.4 udhcpd - 1:1.30.1-4ubuntu6.4 busybox-initramfs - 1:1.30.1-4ubuntu6.4 udhcpc - 1:1.30.1-4ubuntu6.4 busybox-static - 1:1.30.1-4ubuntu6.4 No subscription required Medium CVE-2021-28831 CVE-2021-42374 CVE-2021-42378 CVE-2021-42379 CVE-2021-42380 CVE-2021-42381 CVE-2021-42382 CVE-2021-42384 CVE-2021-42385 CVE-2021-42386 Ubuntu 20.04 LTS It was discovered that jQuery UI did not properly validate the values from untrusted sources. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. This issue affected only Ubuntu 18.04 ESM and Ubuntu 20.4 ESM. (CVE-2021-41184) It was discovered that jQuery UI checkboxradio widget did not properly decode certain values from HTML entities. An attacker could possibly use this issue to generate a cross-site scripting(XSS) attack, resulting in a crash or possibly execute arbitrary code. (CVE-2022-31160) Update Instructions: Run `sudo pro fix USN-5181-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-jquery-ui - 1.12.1+dfsg-5ubuntu0.20.04.1~esm3 libjs-jquery-ui - 1.12.1+dfsg-5ubuntu0.20.04.1~esm3 libjs-jquery-ui-docs - 1.12.1+dfsg-5ubuntu0.20.04.1~esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-41184 CVE-2022-31160 Ubuntu 20.04 LTS It was discovered that Roundcube Webmail allowed JavaScript code to be present in the CDATA of an HTML message. A remote attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-12625) It was discovered that Roundcube Webmail incorrectly processed login and logout POST requests. An attacker could possibly use this issue to launch a cross-site request forgery (CSRF) attack and force an authenticated user to be logged out. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-12626) It was discovered that Roundcube Webmail incorrectly processed new plugin names in rcube_plugin_api.php. An attacker could possibly use this issue to obtain sensitive information from local files or to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-12640) It was discovered that Roundcube Webmail did not sanitize shell metacharacters recovered from variables in its configuration settings. An attacker could possibly use this issue to execute arbitrary code in the server. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-12641) It was discovered that Roundcube Webmail incorrectly sanitized characters in the username template object. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-13964) It was discovered that Roundcube Webmail allowed preview of text/html content. A remote attacker could possibly use this issue to send a malicious XML attachment via an email message and execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-13965) Andrea Cardaci discovered that Roundcube Webmail did not properly sanitize HTML special characters when dealing with HTML messages that contained an SVG element in the XML namespace. A remote attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-15562) Lukasz Pilorz discovered that Roundcube Webmail did not properly sanitize HTML special characters when dealing with HTML messages that contained SVG documents. A remote attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-16145) Alex Birnberg discovered that Roundcube Webmail incorrectly sanitized characters in plain text e-mail messages that included link reference elements. A remote attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-35730) It was discovered that Roundcube Webmail did not properly sanitize HTML special characters in warning messages that contained an attachment's filename extension. A remote attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-44025) It was discovered that Roundcube Webmail incorrectly managed session variables related to search functionalities. A remote attacker could possibly use this issue to execute a SQL injection attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-44026) It was discovered that Roundcube Webmail did not properly sanitize HTML special characters when dealing with HTML messages that contained CSS content. A remote attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 18.04 ESM, Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. (CVE-2021-46144) Update Instructions: Run `sudo pro fix USN-5182-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: roundcube-pgsql - 1.4.3+dfsg.1-1ubuntu0.1~esm2 roundcube-mysql - 1.4.3+dfsg.1-1ubuntu0.1~esm2 roundcube-plugins - 1.4.3+dfsg.1-1ubuntu0.1~esm2 roundcube - 1.4.3+dfsg.1-1ubuntu0.1~esm2 roundcube-core - 1.4.3+dfsg.1-1ubuntu0.1~esm2 roundcube-sqlite3 - 1.4.3+dfsg.1-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-12625 CVE-2020-12626 CVE-2020-12640 CVE-2020-12641 CVE-2020-13964 CVE-2020-13965 CVE-2020-15562 CVE-2020-16145 CVE-2020-35730 CVE-2021-44025 CVE-2021-44026 CVE-2021-46144 Ubuntu 20.04 LTS It was discovered that libmysofa mishandled certain input. An attacker could use this vulnerability to cause a denial of service (crash). Update Instructions: Run `sudo pro fix USN-5184-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmysofa-utils - 1.0~dfsg0-1ubuntu0.1~esm1 libmysofa-dev - 1.0~dfsg0-1ubuntu0.1~esm1 libmysofa1 - 1.0~dfsg0-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-3756 Ubuntu 20.04 LTS It was discovered that MATIO incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5185-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmatio-doc - 1.5.17-3ubuntu0.1~esm1 libmatio9 - 1.5.17-3ubuntu0.1~esm1 libmatio-dev - 1.5.17-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-17533 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass CSP restrictions, or execute arbitrary code. (CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546) A security issue was discovered with the handling of WebExtension permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to create and install a service worker that wouldn't be uninstalled with the extension. (CVE-2021-43540) Update Instructions: Run `sudo pro fix USN-5186-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 95.0+build1-0ubuntu0.20.04.1 firefox - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 95.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 95.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 95.0+build1-0ubuntu0.20.04.1 firefox-dev - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 95.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-43536 CVE-2021-43537 CVE-2021-43538 CVE-2021-43539 CVE-2021-43540 CVE-2021-43541 CVE-2021-43542 CVE-2021-43543 CVE-2021-43545 CVE-2021-43546 Ubuntu 20.04 LTS USN-5186-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass CSP restrictions, or execute arbitrary code. (CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546) A security issue was discovered with the handling of WebExtension permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to create and install a service worker that wouldn't be uninstalled with the extension. (CVE-2021-43540) Update Instructions: Run `sudo pro fix USN-5186-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nn - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ne - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nb - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fa - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fi - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fr - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fy - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-or - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kab - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-oc - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cs - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ga - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gd - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gn - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gl - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gu - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pa - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pl - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cy - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pt - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-szl - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hi - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ms - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-he - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hy - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hr - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hu - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-it - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-as - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ar - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ia - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-az - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-id - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mai - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-af - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-is - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-vi - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-an - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bs - 95.0.1+build2-0ubuntu0.20.04.1 firefox - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ro - 95.0.1+build2-0ubuntu0.20.04.1 firefox-geckodriver - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ja - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ru - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-br - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bn - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-be - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bg - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sl - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sk - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-si - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sw - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sv - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sr - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sq - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ko - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kn - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-km - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kk - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ka - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-xh - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ca - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ku - 95.0.1+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lv - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lt - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-th - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 95.0.1+build2-0ubuntu0.20.04.1 firefox-dev - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-te - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cak - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ta - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lg - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-tr - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nso - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-de - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-da - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uk - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mr - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-my - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uz - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ml - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mn - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mk - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ur - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eu - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-et - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-es - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-csb - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-el - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eo - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-en - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zu - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ast - 95.0.1+build2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1955433 Ubuntu 20.04 LTS It was discovered that Glances incorrectly parsed untrusted XML data due to usage of xmlrpclib. An attacker could possibly use this to perform an External Entity (XXE) Injection and cause the host system to crash. Update Instructions: Run `sudo pro fix USN-5187-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: glances - 3.1.3-1ubuntu0.1~esm1 glances-doc - 3.1.3-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-23418 Ubuntu 20.04 LTS It was discovered that Keepalived incorrectly handled certain messages. An attacker could possibly use this issue to access-control bypass. Update Instructions: Run `sudo pro fix USN-5188-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: keepalived - 1:2.0.19-2ubuntu0.1 No subscription required Medium CVE-2021-44225 Ubuntu 20.04 LTS It was discovered that GraphicsMagick allowed reading arbitrary files via specially crafted images. An attacker could use this issue to expose sensitive information. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 ESM. (CVE-2019-12921) It was discovered that GraphicsMagick did not correctly handle memory allocations for error messages. An attacker could use this issue to corrupt memory or possibly execute arbitrary code. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 ESM. (CVE-2019-19950) It was discovered that GraphicsMagick did not correctly handle type limits. An attacker could use these issues to cause heap-based buffer overflows, leading to a denial of service (application crash) or possibly execute arbitrary code. These issues only affect Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 ESM. (CVE-2019-19951, CVE-2019-19953) It was discovered that GraphicsMagick did not correctly handle the signed integer limit in 32-bit applications. An attacker could use this issue to cause a heap-based buffer overflow, leading to a denial of service (application crash) or possibly execute arbitrary code. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 ESM. (CVE-2020-10938) It was discovered that GraphicsMagick did not properly magnify certain images. An attacker could use this issue to cause a heap-based buffer overflow, leading to a denial of service (application crash) or possibly execute arbitrary code. (CVE-2020-12672) Update Instructions: Run `sudo pro fix USN-5190-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgraphics-magick-perl - 1.4+really1.3.35-1ubuntu0.1~esm1 libgraphicsmagick-q16-3 - 1.4+really1.3.35-1ubuntu0.1~esm1 libgraphicsmagick1-dev - 1.4+really1.3.35-1ubuntu0.1~esm1 graphicsmagick - 1.4+really1.3.35-1ubuntu0.1~esm1 graphicsmagick-imagemagick-compat - 1.4+really1.3.35-1ubuntu0.1~esm1 graphicsmagick-libmagick-dev-compat - 1.4+really1.3.35-1ubuntu0.1~esm1 libgraphicsmagick++1-dev - 1.4+really1.3.35-1ubuntu0.1~esm1 libgraphicsmagick++-q16-12 - 1.4+really1.3.35-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-12921 CVE-2019-19950 CVE-2019-19951 CVE-2019-19953 CVE-2020-10938 CVE-2020-12672 Ubuntu 20.04 LTS It was discovered that Flatpak incorrectly handled certain AF_UNIX sockets. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement. Update Instructions: Run `sudo pro fix USN-5191-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libflatpak0 - 1.6.5-0ubuntu0.4 libflatpak-dev - 1.6.5-0ubuntu0.4 gir1.2-flatpak-1.0 - 1.6.5-0ubuntu0.4 libflatpak-doc - 1.6.5-0ubuntu0.4 flatpak - 1.6.5-0ubuntu0.4 flatpak-tests - 1.6.5-0ubuntu0.4 No subscription required Medium CVE-2021-41133 Ubuntu 20.04 LTS Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run programs via a special crafted input. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. Please see the following link for more information: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell Update Instructions: Run `sudo pro fix USN-5192-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4j2-java - 2.15.0-0.20.04.1 liblog4j2-java-doc - 2.15.0-0.20.04.1 No subscription required High CVE-2021-44228 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code and escalate privileges. Update Instructions: Run `sudo pro fix USN-5193-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.2 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.2 xwayland - 2:1.20.13-1ubuntu1~20.04.2 xdmx - 2:1.20.13-1ubuntu1~20.04.2 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.2 xvfb - 2:1.20.13-1ubuntu1~20.04.2 xnest - 2:1.20.13-1ubuntu1~20.04.2 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.2 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.2 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.2 xserver-common - 2:1.20.13-1ubuntu1~20.04.2 No subscription required Medium CVE-2021-4008 CVE-2021-4009 CVE-2021-4010 CVE-2021-4011 Ubuntu 20.04 LTS Denis Kasak discovered that Olm was not verifying the length of input being processed by the olm_pk_decrypt module, which introduced a stack-based buffer overflow vulnerability to the library. An attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5194-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libolm-dev - 3.1.3+dfsg-2ubuntu0.1~esm1 python3-olm - 3.1.3+dfsg-2ubuntu0.1~esm1 libolm3 - 3.1.3+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-34813 Ubuntu 20.04 LTS It was discovered that the Mumble client supported websites for public servers with arbitrary URL schemes. If a user were tricked into visiting a malicious website from the public server list, a remote attacker could possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5195-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mumble - 1.3.0+dfsg-1ubuntu0.1 mumble-server - 1.3.0+dfsg-1ubuntu0.1 No subscription required Medium CVE-2021-27229 Ubuntu 20.04 LTS It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. An attacker could use this vulnerability to cause a denial of service. Please see the following link for more information: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell Update Instructions: Run `sudo pro fix USN-5197-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4j2-java - 2.16.0-0.20.04.1 liblog4j2-java-doc - 2.16.0-0.20.04.1 No subscription required High CVE-2021-45046 CVE-2021-44228 Ubuntu 20.04 LTS It was discovered that HTMLDOC improperly handled malformed URIs from an input html file. An attacker could use this to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5198-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: htmldoc - 1.9.7-1ubuntu0.2 htmldoc-common - 1.9.7-1ubuntu0.2 No subscription required Medium CVE-2021-23180 Ubuntu 20.04 LTS It was discovered that the Python urllib http client could enter into an infinite loop when incorrectly handling certain server responses (100 Continue response). Specially crafted traffic from a malicious HTTP server could cause a denial of service (Dos) condition for a client. Update Instructions: Run `sudo pro fix USN-5201-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-full - 3.8.10-0ubuntu1~20.04.2 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.2 python3.8-venv - 3.8.10-0ubuntu1~20.04.2 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.2 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.2 idle-python3.8 - 3.8.10-0ubuntu1~20.04.2 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.2 python3.8 - 3.8.10-0ubuntu1~20.04.2 python3.8-doc - 3.8.10-0ubuntu1~20.04.2 python3.8-minimal - 3.8.10-0ubuntu1~20.04.2 python3.8-examples - 3.8.10-0ubuntu1~20.04.2 python3.8-dev - 3.8.10-0ubuntu1~20.04.2 libpython3.8 - 3.8.10-0ubuntu1~20.04.2 No subscription required python3.9-venv - 3.9.5-3ubuntu0~20.04.1 python3.9-doc - 3.9.5-3ubuntu0~20.04.1 idle-python3.9 - 3.9.5-3ubuntu0~20.04.1 python3.9-minimal - 3.9.5-3ubuntu0~20.04.1 python3.9-full - 3.9.5-3ubuntu0~20.04.1 libpython3.9-dev - 3.9.5-3ubuntu0~20.04.1 python3.9 - 3.9.5-3ubuntu0~20.04.1 libpython3.9-testsuite - 3.9.5-3ubuntu0~20.04.1 python3.9-dev - 3.9.5-3ubuntu0~20.04.1 libpython3.9-minimal - 3.9.5-3ubuntu0~20.04.1 python3.9-examples - 3.9.5-3ubuntu0~20.04.1 libpython3.9 - 3.9.5-3ubuntu0~20.04.1 libpython3.9-stdlib - 3.9.5-3ubuntu0~20.04.1 No subscription required Medium CVE-2021-3737 Ubuntu 20.04 LTS Varnavas Papaioannou discovered that the FTP client implementation in OpenJDK accepted alternate server IP addresses when connecting with FTP passive mode. An attacker controlling an FTP server that an application connects to could possibly use this to expose sensitive information (rudimentary port scans). This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-2341) Markus Loewe discovered that OpenJDK did not properly handle JAR files containing multiple manifest files. An attacker could possibly use this to bypass JAR signature verification. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-2369) Huixin Ma discovered that the Hotspot VM in OpenJDK did not properly perform range check elimination in some situations. An attacker could possibly use this to construct a Java class that could bypass Java sandbox restrictions. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-2388) Asaf Greenholts discovered that OpenJDK preferred certain weak ciphers by default. An attacker could possibly use this to expose sensitive information. (CVE-2021-35550) It was discovered that the Rich Text Format (RTF) Parser in OpenJDK did not properly restrict the amount of memory allocated in some situations. An attacker could use this to specially craft an RTF file that caused a denial of service. (CVE-2021-35556) It was discovered that the Rich Text Format (RTF) Reader in OpenJDK did not properly restrict the amount of memory allocated in some situations. An attacker could use this to specially craft an RTF file that caused a denial of service. (CVE-2021-35559) Markus Loewe discovered that the HashMap and HashSet implementations in OpenJDK did not properly validate load factors during deserialization. An attacker could use this to cause a denial of service (excessive memory consumption). (CVE-2021-35561) It was discovered that the Keytool component in OpenJDK did not properly handle certificates with validity ending dates in the far future. An attacker could use this to specially craft a certificate that when imported could corrupt a keystore. (CVE-2021-35564) Tristen Hayfield discovered that the HTTP server implementation in OpenJDK did not properly handle TLS session close in some situations. A remote attacker could possibly use this to cause a denial of service (application infinite loop). (CVE-2021-35565) Chuck Hunley discovered that the Kerberos implementation in OpenJDK did not correctly report subject principals when using Kerberos Constrained Delegation. An attacker could possibly use this to cause incorrect Kerberos tickets to be used. (CVE-2021-35567) it was discovered that the TLS implementation in OpenJDK did not properly handle TLS handshakes in certain situations where a Java application is acting as a TLS server. A remote attacker could possibly use this to cause a denial of service (application crash). (CVE-2021-35578) it was discovered that OpenJDK did not properly restrict the amount of memory allocated when processing BMP images. An attacker could use this to specially craft a BMP image file that could cause a denial of service. (CVE-2021-35586) It was discovered that the HotSpot VM in OpenJDK 8 did not properly perform validation of inner class index values in some situations. An attacker could use this to specially craft a class file that when loaded could cause a denial of service (Java VM crash). (CVE-2021-35588) Artem Smotrakov discovered that the TLS implementation in OpenJDK used non- constant time comparisons during TLS handshakes. A remote attacker could use this to expose sensitive information. (CVE-2021-35603) Update Instructions: Run `sudo pro fix USN-5202-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-doc - 11.0.13+8-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.13+8-0ubuntu1~20.04 openjdk-11-source - 11.0.13+8-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.13+8-0ubuntu1~20.04 openjdk-11-jdk - 11.0.13+8-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.13+8-0ubuntu1~20.04 openjdk-11-jre - 11.0.13+8-0ubuntu1~20.04 openjdk-11-demo - 11.0.13+8-0ubuntu1~20.04 No subscription required openjdk-8-source - 8u312-b07-0ubuntu1~20.04 openjdk-8-doc - 8u312-b07-0ubuntu1~20.04 openjdk-8-jdk - 8u312-b07-0ubuntu1~20.04 openjdk-8-jre-headless - 8u312-b07-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u312-b07-0ubuntu1~20.04 openjdk-8-jre - 8u312-b07-0ubuntu1~20.04 openjdk-8-jre-zero - 8u312-b07-0ubuntu1~20.04 openjdk-8-demo - 8u312-b07-0ubuntu1~20.04 No subscription required Medium CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35561 CVE-2021-35564 CVE-2021-35565 CVE-2021-35567 CVE-2021-35578 CVE-2021-35586 CVE-2021-35588 CVE-2021-35603 Ubuntu 20.04 LTS Hideki Okamoto and Guy Lederfein discovered that Apache Log4j 2 did not protect against infinite recursion in lookup evaluation. A remote attacker could possibly use this issue to cause Apache Log4j 2 to crash, leading to a denial of service. Please see the following link for more information: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell Update Instructions: Run `sudo pro fix USN-5203-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4j2-java - 2.17.0-0.20.04.1 liblog4j2-java-doc - 2.17.0-0.20.04.1 No subscription required Medium CVE-2021-45105 Ubuntu 20.04 LTS Chris Bailey discovered that Django incorrectly handled evaluating submitted passwords. A remote attacker could possibly use this issue to consume resources, resulting in a denial of service. (CVE-2021-45115) Dennis Brinkrolf discovered that Django incorrectly handled the dictsort template filter. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-45116) Dennis Brinkrolf discovered that Django incorrectly handled certain file names. A remote attacker could possibly use this issue to save files to arbitrary filesystem locations. (CVE-2021-45452) Update Instructions: Run `sudo pro fix USN-5204-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.9 python-django-doc - 2:2.2.12-1ubuntu0.9 No subscription required Medium CVE-2021-45115 CVE-2021-45116 CVE-2021-45452 Ubuntu 20.04 LTS It was discovered that Tcpreplay incorrectly handled certain specially crafted packet capture input when processed by tcpprep. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 ESM. (CVE-2018-13112) It was discovered that Tcpreplay incorrectly handled certain specially crafted packet capture input. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-17580, CVE-2018-17582) It was discovered that Tcpreplay incorrectly handled certain specially crafted packet capture input. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-17974, CVE-2018-18407) It was discovered that a use-after-free existed in Tcpreplay in the tcpbridge binary. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-18408) It was discovered that Tcpreplay incorrectly handled certain specially crafted packet capture input. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2018-20552, CVE-2018-20553) It was discovered that a heap-based buffer over-read that existed in Tcpreplay caused an application crash when tcprewrite or tcpreplay-edit received specially crafted packet capture input. An attacker could possibly use this to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-12740) It was discovered that Tcpreplay incorrectly handled certain specially crafted packet capture input when processed by tcpprep. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-24265, CVE-2020-24266) It was discovered that Tcpreplay incorrectly handled certain specially crafted packet capture input when processed by tcprewrite. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 ESM. (CVE-2022-27416) It was discovered that Tcpreplay did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted packet capture file, a remote attacker could possibly use this issue to cause Tcpreplay crash, resulting in a denial of service, or possibly read sensitive data. This issue only affected Ubuntu 18.04 ESM, Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. (CVE-2022-28487) Update Instructions: Run `sudo pro fix USN-5205-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tcpreplay - 4.3.2-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2018-13112 CVE-2018-17974 CVE-2018-18407 CVE-2018-18408 CVE-2018-17580 CVE-2018-17582 CVE-2018-20552 CVE-2018-20553 CVE-2020-12740 CVE-2020-24265 CVE-2020-24266 CVE-2022-27416 CVE-2022-28487 Ubuntu 20.04 LTS Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. Update Instructions: Run `sudo pro fix USN-5206-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.14.0-1013-oem - 5.14.0-1013.13 linux-tools-5.14.0-1013-oem - 5.14.0-1013.13 linux-headers-5.14.0-1013-oem - 5.14.0-1013.13 linux-image-5.14.0-1013-oem - 5.14.0-1013.13 linux-oem-5.14-tools-5.14.0-1013 - 5.14.0-1013.13 linux-oem-5.14-headers-5.14.0-1013 - 5.14.0-1013.13 linux-image-unsigned-5.14.0-1013-oem - 5.14.0-1013.13 linux-modules-5.14.0-1013-oem - 5.14.0-1013.13 linux-oem-5.14-tools-host - 5.14.0-1013.13 No subscription required linux-headers-oem-20.04d - 5.14.0.1013.13 linux-image-oem-20.04d - 5.14.0.1013.13 linux-tools-oem-20.04d - 5.14.0.1013.13 linux-oem-20.04d - 5.14.0.1013.13 No subscription required High CVE-2021-4002 Ubuntu 20.04 LTS Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. (CVE-2021-4002) It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. (CVE-2021-4001) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly validate MSG_CRYPTO messages in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43267) Update Instructions: Run `sudo pro fix USN-5207-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.10-tools-host - 5.10.0-1053.55 linux-oem-5.10-headers-5.10.0-1053 - 5.10.0-1053.55 linux-oem-5.10-tools-5.10.0-1053 - 5.10.0-1053.55 linux-tools-5.10.0-1053-oem - 5.10.0-1053.55 linux-headers-5.10.0-1053-oem - 5.10.0-1053.55 linux-image-5.10.0-1053-oem - 5.10.0-1053.55 linux-buildinfo-5.10.0-1053-oem - 5.10.0-1053.55 linux-image-unsigned-5.10.0-1053-oem - 5.10.0-1053.55 linux-modules-5.10.0-1053-oem - 5.10.0-1053.55 No subscription required linux-oem-20.04 - 5.10.0.1053.55 linux-oem-20.04-edge - 5.10.0.1053.55 linux-headers-oem-20.04b - 5.10.0.1053.55 linux-image-oem-20.04b - 5.10.0.1053.55 linux-image-oem-20.04 - 5.10.0.1053.55 linux-tools-oem-20.04-edge - 5.10.0.1053.55 linux-headers-oem-20.04-edge - 5.10.0.1053.55 linux-headers-oem-20.04 - 5.10.0.1053.55 linux-tools-oem-20.04 - 5.10.0.1053.55 linux-tools-oem-20.04b - 5.10.0.1053.55 linux-image-oem-20.04-edge - 5.10.0.1053.55 linux-oem-20.04b - 5.10.0.1053.55 No subscription required High CVE-2021-4001 CVE-2021-4002 CVE-2021-42739 CVE-2021-43267 Ubuntu 20.04 LTS Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. (CVE-2021-4002) It was discovered that a race condition existed in the overlay file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-20321) It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) It was discovered that an integer overflow could be triggered in the eBPF implementation in the Linux kernel when preallocating objects for stack maps. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-41864) It was discovered that the KVM implementation for POWER8 processors in the Linux kernel did not properly keep track if a wakeup event could be resolved by a guest. An attacker in a guest VM could possibly use this to cause a denial of service (host OS crash). (CVE-2021-43056) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly validate MSG_CRYPTO messages in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43267) It was discovered that the ISDN CAPI implementation in the Linux kernel contained a race condition in certain situations that could trigger an array out-of-bounds bug. A privileged local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2021-43389) Update Instructions: Run `sudo pro fix USN-5208-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-buildinfo-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-image-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-image-unsigned-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-modules-extra-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-headers-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-headers-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-azure-5.11-headers-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-oracle-5.11-headers-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-image-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-oracle-5.11-tools-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-modules-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-image-unsigned-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-modules-extra-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-cloud-tools-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-image-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-aws-5.11-tools-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-modules-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-cloud-tools-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-tools-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-buildinfo-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-modules-extra-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-headers-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-tools-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-aws-5.11-headers-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-modules-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-tools-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-azure-5.11-tools-5.11.0-1023 - 5.11.0-1023.24~20.04.1 No subscription required linux-buildinfo-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 linux-image-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 linux-image-unsigned-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 linux-gcp-5.11-headers-5.11.0-1024 - 5.11.0-1024.26~20.04.1 linux-headers-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 linux-gcp-5.11-tools-5.11.0-1024 - 5.11.0-1024.26~20.04.1 linux-modules-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 linux-modules-extra-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 linux-tools-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 No subscription required linux-tools-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-headers-5.11.0-44-generic-lpae - 5.11.0-44.48~20.04.2 linux-buildinfo-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-modules-extra-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-modules-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-tools-5.11.0-44-generic-64k - 5.11.0-44.48~20.04.2 linux-tools-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-image-unsigned-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-modules-5.11.0-44-generic-64k - 5.11.0-44.48~20.04.2 linux-modules-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-tools-5.11.0-44-generic-lpae - 5.11.0-44.48~20.04.2 linux-hwe-5.11-source-5.11.0 - 5.11.0-44.48~20.04.2 linux-image-5.11.0-44-generic-64k - 5.11.0-44.48~20.04.2 linux-headers-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-image-unsigned-5.11.0-44-generic-64k - 5.11.0-44.48~20.04.2 linux-image-5.11.0-44-generic-lpae - 5.11.0-44.48~20.04.2 linux-image-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-headers-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-headers-5.11.0-44-generic-64k - 5.11.0-44.48~20.04.2 linux-cloud-tools-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-buildinfo-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-image-unsigned-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-buildinfo-5.11.0-44-generic-lpae - 5.11.0-44.48~20.04.2 linux-hwe-5.11-tools-host - 5.11.0-44.48~20.04.2 linux-hwe-5.11-tools-5.11.0-44 - 5.11.0-44.48~20.04.2 linux-hwe-5.11-cloud-tools-common - 5.11.0-44.48~20.04.2 linux-image-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-hwe-5.11-tools-common - 5.11.0-44.48~20.04.2 linux-cloud-tools-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-hwe-5.11-cloud-tools-5.11.0-44 - 5.11.0-44.48~20.04.2 linux-hwe-5.11-headers-5.11.0-44 - 5.11.0-44.48~20.04.2 linux-modules-5.11.0-44-generic-lpae - 5.11.0-44.48~20.04.2 linux-buildinfo-5.11.0-44-generic-64k - 5.11.0-44.48~20.04.2 No subscription required linux-headers-oracle - 5.11.0.1023.24~20.04.16 linux-tools-oracle - 5.11.0.1023.24~20.04.16 linux-tools-oracle-edge - 5.11.0.1023.24~20.04.16 linux-oracle-edge - 5.11.0.1023.24~20.04.16 linux-image-oracle-edge - 5.11.0.1023.24~20.04.16 linux-headers-oracle-edge - 5.11.0.1023.24~20.04.16 linux-image-oracle - 5.11.0.1023.24~20.04.16 linux-oracle - 5.11.0.1023.24~20.04.16 No subscription required linux-cloud-tools-azure - 5.11.0.1023.24~20.04.23 linux-tools-azure - 5.11.0.1023.24~20.04.23 linux-headers-aws - 5.11.0.1023.24~20.04.23 linux-image-aws - 5.11.0.1023.24~20.04.23 linux-modules-extra-azure - 5.11.0.1023.24~20.04.23 linux-aws - 5.11.0.1023.24~20.04.23 linux-image-azure - 5.11.0.1023.24~20.04.23 linux-modules-extra-aws - 5.11.0.1023.24~20.04.23 linux-tools-aws - 5.11.0.1023.24~20.04.23 linux-azure - 5.11.0.1023.24~20.04.23 linux-headers-azure - 5.11.0.1023.24~20.04.23 No subscription required linux-modules-extra-gcp - 5.11.0.1024.26~20.04.24 linux-tools-gcp - 5.11.0.1024.26~20.04.24 linux-gcp - 5.11.0.1024.26~20.04.24 linux-headers-gcp - 5.11.0.1024.26~20.04.24 linux-image-gcp - 5.11.0.1024.26~20.04.24 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-headers-generic-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-tools-lowlatency-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-headers-lowlatency-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-image-extra-virtual-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-image-lowlatency-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-virtual-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-headers-generic-64k-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-generic-lpae-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-image-generic-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-tools-generic-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-image-virtual-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-generic-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-image-generic-lpae-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-tools-virtual-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-tools-generic-64k-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-lowlatency-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-generic-64k-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-image-generic-64k-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-headers-virtual-hwe-20.04 - 5.11.0.44.48~20.04.22 No subscription required High CVE-2021-20321 CVE-2021-3760 CVE-2021-4002 CVE-2021-41864 CVE-2021-43056 CVE-2021-43267 CVE-2021-43389 Ubuntu 20.04 LTS Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. (CVE-2021-4002) It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-26541) It was discovered that a race condition existed in the overlay file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-20321) It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) It was discovered that an integer overflow could be triggered in the eBPF implementation in the Linux kernel when preallocating objects for stack maps. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-41864) It was discovered that the KVM implementation for POWER8 processors in the Linux kernel did not properly keep track if a wakeup event could be resolved by a guest. An attacker in a guest VM could possibly use this to cause a denial of service (host OS crash). (CVE-2021-43056) It was discovered that the ISDN CAPI implementation in the Linux kernel contained a race condition in certain situations that could trigger an array out-of-bounds bug. A privileged local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2021-43389) Update Instructions: Run `sudo pro fix USN-5210-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1010-ibm - 5.4.0-1010.11 linux-headers-5.4.0-1010-ibm - 5.4.0-1010.11 linux-image-unsigned-5.4.0-1010-ibm - 5.4.0-1010.11 linux-modules-extra-5.4.0-1010-ibm - 5.4.0-1010.11 linux-modules-5.4.0-1010-ibm - 5.4.0-1010.11 linux-ibm-tools-5.4.0-1010 - 5.4.0-1010.11 linux-buildinfo-5.4.0-1010-ibm - 5.4.0-1010.11 linux-ibm-headers-5.4.0-1010 - 5.4.0-1010.11 linux-ibm-source-5.4.0 - 5.4.0-1010.11 linux-ibm-tools-common - 5.4.0-1010.11 linux-tools-5.4.0-1010-ibm - 5.4.0-1010.11 linux-ibm-cloud-tools-common - 5.4.0-1010.11 No subscription required linux-image-unsigned-5.4.0-1023-bluefield - 5.4.0-1023.26 linux-modules-5.4.0-1023-bluefield - 5.4.0-1023.26 linux-bluefield-headers-5.4.0-1023 - 5.4.0-1023.26 linux-bluefield-tools-5.4.0-1023 - 5.4.0-1023.26 linux-image-5.4.0-1023-bluefield - 5.4.0-1023.26 linux-buildinfo-5.4.0-1023-bluefield - 5.4.0-1023.26 linux-headers-5.4.0-1023-bluefield - 5.4.0-1023.26 linux-tools-5.4.0-1023-bluefield - 5.4.0-1023.26 No subscription required linux-cloud-tools-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-modules-extra-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-headers-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-gkeop-source-5.4.0 - 5.4.0-1029.30 linux-gkeop-headers-5.4.0-1029 - 5.4.0-1029.30 linux-image-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-tools-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-modules-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-buildinfo-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-gkeop-tools-5.4.0-1029 - 5.4.0-1029.30 linux-image-unsigned-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-gkeop-cloud-tools-5.4.0-1029 - 5.4.0-1029.30 No subscription required linux-headers-5.4.0-1048-raspi - 5.4.0-1048.53 linux-image-5.4.0-1048-raspi - 5.4.0-1048.53 linux-tools-5.4.0-1048-raspi - 5.4.0-1048.53 linux-raspi-tools-5.4.0-1048 - 5.4.0-1048.53 linux-raspi-headers-5.4.0-1048 - 5.4.0-1048.53 linux-modules-5.4.0-1048-raspi - 5.4.0-1048.53 linux-buildinfo-5.4.0-1048-raspi - 5.4.0-1048.53 No subscription required linux-kvm-tools-5.4.0-1051 - 5.4.0-1051.53 linux-headers-5.4.0-1051-kvm - 5.4.0-1051.53 linux-image-unsigned-5.4.0-1051-kvm - 5.4.0-1051.53 linux-modules-5.4.0-1051-kvm - 5.4.0-1051.53 linux-tools-5.4.0-1051-kvm - 5.4.0-1051.53 linux-image-5.4.0-1051-kvm - 5.4.0-1051.53 linux-buildinfo-5.4.0-1051-kvm - 5.4.0-1051.53 linux-kvm-headers-5.4.0-1051 - 5.4.0-1051.53 No subscription required linux-modules-extra-5.4.0-1057-gke - 5.4.0-1057.60 linux-buildinfo-5.4.0-1057-gke - 5.4.0-1057.60 linux-gke-headers-5.4.0-1057 - 5.4.0-1057.60 linux-modules-5.4.0-1057-gke - 5.4.0-1057.60 linux-image-unsigned-5.4.0-1057-gke - 5.4.0-1057.60 linux-headers-5.4.0-1057-gke - 5.4.0-1057.60 linux-gke-tools-5.4.0-1057 - 5.4.0-1057.60 linux-image-5.4.0-1057-gke - 5.4.0-1057.60 linux-tools-5.4.0-1057-gke - 5.4.0-1057.60 No subscription required linux-modules-5.4.0-1059-oracle - 5.4.0-1059.63 linux-tools-5.4.0-1059-oracle - 5.4.0-1059.63 linux-oracle-headers-5.4.0-1059 - 5.4.0-1059.63 linux-buildinfo-5.4.0-1059-gcp - 5.4.0-1059.63 linux-gcp-headers-5.4.0-1059 - 5.4.0-1059.63 linux-modules-extra-5.4.0-1059-oracle - 5.4.0-1059.63 linux-image-5.4.0-1059-oracle - 5.4.0-1059.63 linux-headers-5.4.0-1059-oracle - 5.4.0-1059.63 linux-image-unsigned-5.4.0-1059-gcp - 5.4.0-1059.63 linux-oracle-tools-5.4.0-1059 - 5.4.0-1059.63 linux-tools-5.4.0-1059-gcp - 5.4.0-1059.63 linux-image-unsigned-5.4.0-1059-oracle - 5.4.0-1059.63 linux-gcp-tools-5.4.0-1059 - 5.4.0-1059.63 linux-headers-5.4.0-1059-gcp - 5.4.0-1059.63 linux-image-5.4.0-1059-gcp - 5.4.0-1059.63 linux-buildinfo-5.4.0-1059-oracle - 5.4.0-1059.63 linux-modules-5.4.0-1059-gcp - 5.4.0-1059.63 linux-modules-extra-5.4.0-1059-gcp - 5.4.0-1059.63 No subscription required linux-cloud-tools-5.4.0-1061-aws - 5.4.0-1061.64 linux-aws-headers-5.4.0-1061 - 5.4.0-1061.64 linux-modules-5.4.0-1061-aws - 5.4.0-1061.64 linux-buildinfo-5.4.0-1061-aws - 5.4.0-1061.64 linux-aws-tools-5.4.0-1061 - 5.4.0-1061.64 linux-image-unsigned-5.4.0-1061-aws - 5.4.0-1061.64 linux-headers-5.4.0-1061-aws - 5.4.0-1061.64 linux-modules-extra-5.4.0-1061-aws - 5.4.0-1061.64 linux-aws-cloud-tools-5.4.0-1061 - 5.4.0-1061.64 linux-tools-5.4.0-1061-aws - 5.4.0-1061.64 No subscription required linux-buildinfo-5.4.0-1065-azure - 5.4.0-1065.68 linux-azure-headers-5.4.0-1065 - 5.4.0-1065.68 linux-image-unsigned-5.4.0-1065-azure - 5.4.0-1065.68 linux-modules-5.4.0-1065-azure - 5.4.0-1065.68 linux-azure-cloud-tools-5.4.0-1065 - 5.4.0-1065.68 linux-image-5.4.0-1065-azure - 5.4.0-1065.68 linux-azure-tools-5.4.0-1065 - 5.4.0-1065.68 linux-tools-5.4.0-1065-azure - 5.4.0-1065.68 linux-cloud-tools-5.4.0-1065-azure - 5.4.0-1065.68 linux-modules-extra-5.4.0-1065-azure - 5.4.0-1065.68 linux-headers-5.4.0-1065-azure - 5.4.0-1065.68 No subscription required linux-headers-5.4.0-92-generic - 5.4.0-92.103 linux-tools-common - 5.4.0-92.103 linux-modules-5.4.0-92-generic-lpae - 5.4.0-92.103 linux-modules-5.4.0-92-lowlatency - 5.4.0-92.103 linux-buildinfo-5.4.0-92-generic - 5.4.0-92.103 linux-tools-host - 5.4.0-92.103 linux-modules-extra-5.4.0-92-generic - 5.4.0-92.103 linux-doc - 5.4.0-92.103 linux-headers-5.4.0-92 - 5.4.0-92.103 linux-tools-5.4.0-92-generic - 5.4.0-92.103 linux-headers-5.4.0-92-lowlatency - 5.4.0-92.103 linux-modules-5.4.0-92-generic - 5.4.0-92.103 linux-libc-dev - 5.4.0-92.103 linux-tools-5.4.0-92-lowlatency - 5.4.0-92.103 linux-buildinfo-5.4.0-92-lowlatency - 5.4.0-92.103 linux-image-5.4.0-92-generic - 5.4.0-92.103 linux-buildinfo-5.4.0-92-generic-lpae - 5.4.0-92.103 linux-tools-5.4.0-92-generic-lpae - 5.4.0-92.103 linux-cloud-tools-5.4.0-92-lowlatency - 5.4.0-92.103 linux-image-5.4.0-92-lowlatency - 5.4.0-92.103 linux-cloud-tools-5.4.0-92-generic - 5.4.0-92.103 linux-cloud-tools-common - 5.4.0-92.103 linux-source-5.4.0 - 5.4.0-92.103 linux-cloud-tools-5.4.0-92 - 5.4.0-92.103 linux-image-unsigned-5.4.0-92-generic - 5.4.0-92.103 linux-headers-5.4.0-92-generic-lpae - 5.4.0-92.103 linux-image-5.4.0-92-generic-lpae - 5.4.0-92.103 linux-image-unsigned-5.4.0-92-lowlatency - 5.4.0-92.103 linux-tools-5.4.0-92 - 5.4.0-92.103 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1010.11 linux-modules-extra-ibm - 5.4.0.1010.11 linux-image-ibm - 5.4.0.1010.11 linux-headers-ibm-lts-20.04 - 5.4.0.1010.11 linux-image-ibm-lts-20.04 - 5.4.0.1010.11 linux-ibm-lts-20.04 - 5.4.0.1010.11 linux-ibm - 5.4.0.1010.11 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1010.11 linux-headers-ibm - 5.4.0.1010.11 linux-tools-ibm - 5.4.0.1010.11 No subscription required linux-image-bluefield - 5.4.0.1023.24 linux-tools-bluefield - 5.4.0.1023.24 linux-bluefield - 5.4.0.1023.24 linux-headers-bluefield - 5.4.0.1023.24 No subscription required linux-cloud-tools-gkeop-5.4 - 5.4.0.1029.32 linux-image-gkeop - 5.4.0.1029.32 linux-gkeop-5.4 - 5.4.0.1029.32 linux-headers-gkeop - 5.4.0.1029.32 linux-image-gkeop-5.4 - 5.4.0.1029.32 linux-gkeop - 5.4.0.1029.32 linux-cloud-tools-gkeop - 5.4.0.1029.32 linux-modules-extra-gkeop-5.4 - 5.4.0.1029.32 linux-headers-gkeop-5.4 - 5.4.0.1029.32 linux-modules-extra-gkeop - 5.4.0.1029.32 linux-tools-gkeop - 5.4.0.1029.32 linux-tools-gkeop-5.4 - 5.4.0.1029.32 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1048.83 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1048.83 linux-raspi2 - 5.4.0.1048.83 linux-image-raspi-hwe-18.04 - 5.4.0.1048.83 linux-image-raspi2-hwe-18.04 - 5.4.0.1048.83 linux-tools-raspi - 5.4.0.1048.83 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1048.83 linux-headers-raspi-hwe-18.04 - 5.4.0.1048.83 linux-headers-raspi2-hwe-18.04 - 5.4.0.1048.83 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1048.83 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1048.83 linux-headers-raspi - 5.4.0.1048.83 linux-raspi2-hwe-18.04-edge - 5.4.0.1048.83 linux-image-raspi-hwe-18.04-edge - 5.4.0.1048.83 linux-raspi-hwe-18.04 - 5.4.0.1048.83 linux-tools-raspi2-hwe-18.04 - 5.4.0.1048.83 linux-raspi2-hwe-18.04 - 5.4.0.1048.83 linux-image-raspi2 - 5.4.0.1048.83 linux-tools-raspi-hwe-18.04 - 5.4.0.1048.83 linux-raspi-hwe-18.04-edge - 5.4.0.1048.83 linux-raspi - 5.4.0.1048.83 linux-image-raspi - 5.4.0.1048.83 linux-tools-raspi2 - 5.4.0.1048.83 linux-headers-raspi2 - 5.4.0.1048.83 No subscription required linux-kvm - 5.4.0.1051.50 linux-headers-kvm - 5.4.0.1051.50 linux-tools-kvm - 5.4.0.1051.50 linux-image-kvm - 5.4.0.1051.50 No subscription required linux-modules-extra-gke - 5.4.0.1057.67 linux-tools-gke-5.4 - 5.4.0.1057.67 linux-modules-extra-gke-5.4 - 5.4.0.1057.67 linux-gke-5.4 - 5.4.0.1057.67 linux-tools-gke - 5.4.0.1057.67 linux-gke - 5.4.0.1057.67 linux-headers-gke - 5.4.0.1057.67 linux-image-gke - 5.4.0.1057.67 linux-headers-gke-5.4 - 5.4.0.1057.67 linux-image-gke-5.4 - 5.4.0.1057.67 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1059.59 linux-headers-oracle-lts-20.04 - 5.4.0.1059.59 linux-oracle-lts-20.04 - 5.4.0.1059.59 linux-image-oracle-lts-20.04 - 5.4.0.1059.59 No subscription required linux-gcp-lts-20.04 - 5.4.0.1059.69 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1059.69 linux-headers-gcp-lts-20.04 - 5.4.0.1059.69 linux-tools-gcp-lts-20.04 - 5.4.0.1059.69 linux-image-gcp-lts-20.04 - 5.4.0.1059.69 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1061.64 linux-tools-aws-lts-20.04 - 5.4.0.1061.64 linux-image-aws-lts-20.04 - 5.4.0.1061.64 linux-headers-aws-lts-20.04 - 5.4.0.1061.64 linux-aws-lts-20.04 - 5.4.0.1061.64 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1065.63 linux-azure-lts-20.04 - 5.4.0.1065.63 linux-image-azure-lts-20.04 - 5.4.0.1065.63 linux-modules-extra-azure-lts-20.04 - 5.4.0.1065.63 linux-tools-azure-lts-20.04 - 5.4.0.1065.63 linux-headers-azure-lts-20.04 - 5.4.0.1065.63 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.92.96 linux-cloud-tools-virtual - 5.4.0.92.96 linux-image-generic-hwe-18.04 - 5.4.0.92.96 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.92.96 linux-image-virtual - 5.4.0.92.96 linux-cloud-tools-lowlatency - 5.4.0.92.96 linux-image-generic - 5.4.0.92.96 linux-tools-lowlatency - 5.4.0.92.96 linux-image-oem - 5.4.0.92.96 linux-lowlatency-hwe-18.04-edge - 5.4.0.92.96 linux-image-extra-virtual-hwe-18.04 - 5.4.0.92.96 linux-headers-lowlatency-hwe-18.04 - 5.4.0.92.96 linux-virtual-hwe-18.04-edge - 5.4.0.92.96 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.92.96 linux-image-oem-osp1 - 5.4.0.92.96 linux-image-generic-lpae-hwe-18.04 - 5.4.0.92.96 linux-crashdump - 5.4.0.92.96 linux-tools-lowlatency-hwe-18.04 - 5.4.0.92.96 linux-headers-generic-hwe-18.04 - 5.4.0.92.96 linux-headers-virtual-hwe-18.04-edge - 5.4.0.92.96 linux-source - 5.4.0.92.96 linux-lowlatency - 5.4.0.92.96 linux-tools-generic-lpae - 5.4.0.92.96 linux-cloud-tools-generic - 5.4.0.92.96 linux-tools-virtual-hwe-18.04-edge - 5.4.0.92.96 linux-virtual - 5.4.0.92.96 linux-headers-virtual-hwe-18.04 - 5.4.0.92.96 linux-virtual-hwe-18.04 - 5.4.0.92.96 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.92.96 linux-tools-virtual - 5.4.0.92.96 linux-generic-lpae-hwe-18.04-edge - 5.4.0.92.96 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.92.96 linux-generic-lpae - 5.4.0.92.96 linux-headers-oem - 5.4.0.92.96 linux-generic - 5.4.0.92.96 linux-tools-oem-osp1 - 5.4.0.92.96 linux-tools-generic-hwe-18.04-edge - 5.4.0.92.96 linux-oem - 5.4.0.92.96 linux-image-virtual-hwe-18.04 - 5.4.0.92.96 linux-lowlatency-hwe-18.04 - 5.4.0.92.96 linux-headers-lowlatency - 5.4.0.92.96 linux-image-generic-hwe-18.04-edge - 5.4.0.92.96 linux-generic-hwe-18.04-edge - 5.4.0.92.96 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.92.96 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.92.96 linux-tools-generic - 5.4.0.92.96 linux-image-extra-virtual - 5.4.0.92.96 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.92.96 linux-oem-tools-host - 5.4.0.92.96 linux-tools-oem - 5.4.0.92.96 linux-headers-oem-osp1 - 5.4.0.92.96 linux-generic-lpae-hwe-18.04 - 5.4.0.92.96 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.92.96 linux-headers-generic-hwe-18.04-edge - 5.4.0.92.96 linux-headers-generic - 5.4.0.92.96 linux-oem-osp1-tools-host - 5.4.0.92.96 linux-headers-generic-lpae - 5.4.0.92.96 linux-oem-osp1 - 5.4.0.92.96 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.92.96 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.92.96 linux-image-lowlatency-hwe-18.04 - 5.4.0.92.96 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.92.96 linux-headers-virtual - 5.4.0.92.96 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.92.96 linux-tools-virtual-hwe-18.04 - 5.4.0.92.96 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.92.96 linux-generic-hwe-18.04 - 5.4.0.92.96 linux-image-generic-lpae - 5.4.0.92.96 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.92.96 linux-image-lowlatency - 5.4.0.92.96 linux-tools-generic-hwe-18.04 - 5.4.0.92.96 linux-image-virtual-hwe-18.04-edge - 5.4.0.92.96 No subscription required High CVE-2020-26541 CVE-2021-20321 CVE-2021-3760 CVE-2021-4002 CVE-2021-41864 CVE-2021-43056 CVE-2021-43389 Ubuntu 20.04 LTS USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused failures to boot in environments with AMD Secure Encrypted Virtualization (SEV) enabled. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. (CVE-2021-4002) It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-26541) It was discovered that a race condition existed in the overlay file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-20321) It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) It was discovered that an integer overflow could be triggered in the eBPF implementation in the Linux kernel when preallocating objects for stack maps. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-41864) It was discovered that the KVM implementation for POWER8 processors in the Linux kernel did not properly keep track if a wakeup event could be resolved by a guest. An attacker in a guest VM could possibly use this to cause a denial of service (host OS crash). (CVE-2021-43056) It was discovered that the ISDN CAPI implementation in the Linux kernel contained a race condition in certain situations that could trigger an array out-of-bounds bug. A privileged local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2021-43389) Update Instructions: Run `sudo pro fix USN-5210-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1060-gcp - 5.4.0-1060.64 linux-gcp-tools-5.4.0-1060 - 5.4.0-1060.64 linux-headers-5.4.0-1060-gcp - 5.4.0-1060.64 linux-image-unsigned-5.4.0-1060-gcp - 5.4.0-1060.64 linux-modules-extra-5.4.0-1060-gcp - 5.4.0-1060.64 linux-modules-5.4.0-1060-gcp - 5.4.0-1060.64 linux-buildinfo-5.4.0-1060-gcp - 5.4.0-1060.64 linux-gcp-headers-5.4.0-1060 - 5.4.0-1060.64 linux-image-5.4.0-1060-gcp - 5.4.0-1060.64 No subscription required linux-tools-common - 5.4.0-94.106 linux-image-unsigned-5.4.0-94-lowlatency - 5.4.0-94.106 linux-tools-host - 5.4.0-94.106 linux-doc - 5.4.0-94.106 linux-headers-5.4.0-94 - 5.4.0-94.106 linux-image-5.4.0-94-lowlatency - 5.4.0-94.106 linux-tools-5.4.0-94-generic - 5.4.0-94.106 linux-image-5.4.0-94-generic - 5.4.0-94.106 linux-buildinfo-5.4.0-94-generic-lpae - 5.4.0-94.106 linux-buildinfo-5.4.0-94-lowlatency - 5.4.0-94.106 linux-image-unsigned-5.4.0-94-generic - 5.4.0-94.106 linux-source-5.4.0 - 5.4.0-94.106 linux-headers-5.4.0-94-generic-lpae - 5.4.0-94.106 linux-cloud-tools-5.4.0-94-lowlatency - 5.4.0-94.106 linux-modules-5.4.0-94-generic - 5.4.0-94.106 linux-modules-5.4.0-94-lowlatency - 5.4.0-94.106 linux-buildinfo-5.4.0-94-generic - 5.4.0-94.106 linux-cloud-tools-5.4.0-94-generic - 5.4.0-94.106 linux-headers-5.4.0-94-generic - 5.4.0-94.106 linux-cloud-tools-common - 5.4.0-94.106 linux-tools-5.4.0-94-generic-lpae - 5.4.0-94.106 linux-libc-dev - 5.4.0-94.106 linux-cloud-tools-5.4.0-94 - 5.4.0-94.106 linux-modules-5.4.0-94-generic-lpae - 5.4.0-94.106 linux-tools-5.4.0-94-lowlatency - 5.4.0-94.106 linux-headers-5.4.0-94-lowlatency - 5.4.0-94.106 linux-tools-5.4.0-94 - 5.4.0-94.106 linux-modules-extra-5.4.0-94-generic - 5.4.0-94.106 linux-image-5.4.0-94-generic-lpae - 5.4.0-94.106 No subscription required linux-gcp-lts-20.04 - 5.4.0.1060.70 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1060.70 linux-headers-gcp-lts-20.04 - 5.4.0.1060.70 linux-image-gcp-lts-20.04 - 5.4.0.1060.70 linux-tools-gcp-lts-20.04 - 5.4.0.1060.70 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.94.98 linux-cloud-tools-virtual - 5.4.0.94.98 linux-image-generic-hwe-18.04 - 5.4.0.94.98 linux-tools-oem - 5.4.0.94.98 linux-headers-generic-lpae - 5.4.0.94.98 linux-image-virtual - 5.4.0.94.98 linux-oem-osp1-tools-host - 5.4.0.94.98 linux-image-generic - 5.4.0.94.98 linux-tools-lowlatency - 5.4.0.94.98 linux-image-oem - 5.4.0.94.98 linux-tools-virtual-hwe-18.04 - 5.4.0.94.98 linux-headers-generic-hwe-18.04 - 5.4.0.94.98 linux-headers-lowlatency-hwe-18.04 - 5.4.0.94.98 linux-lowlatency-hwe-18.04-edge - 5.4.0.94.98 linux-image-extra-virtual-hwe-18.04 - 5.4.0.94.98 linux-image-oem-osp1 - 5.4.0.94.98 linux-image-generic-lpae-hwe-18.04 - 5.4.0.94.98 linux-crashdump - 5.4.0.94.98 linux-tools-lowlatency-hwe-18.04 - 5.4.0.94.98 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.94.98 linux-headers-virtual-hwe-18.04-edge - 5.4.0.94.98 linux-source - 5.4.0.94.98 linux-lowlatency - 5.4.0.94.98 linux-tools-virtual-hwe-18.04-edge - 5.4.0.94.98 linux-tools-generic-lpae - 5.4.0.94.98 linux-cloud-tools-generic - 5.4.0.94.98 linux-virtual - 5.4.0.94.98 linux-headers-virtual-hwe-18.04 - 5.4.0.94.98 linux-virtual-hwe-18.04 - 5.4.0.94.98 linux-virtual-hwe-18.04-edge - 5.4.0.94.98 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.94.98 linux-tools-virtual - 5.4.0.94.98 linux-generic-lpae-hwe-18.04-edge - 5.4.0.94.98 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.94.98 linux-generic-lpae - 5.4.0.94.98 linux-headers-oem - 5.4.0.94.98 linux-generic - 5.4.0.94.98 linux-tools-oem-osp1 - 5.4.0.94.98 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.94.98 linux-tools-generic-hwe-18.04-edge - 5.4.0.94.98 linux-image-virtual-hwe-18.04 - 5.4.0.94.98 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.94.98 linux-oem-tools-host - 5.4.0.94.98 linux-headers-lowlatency - 5.4.0.94.98 linux-generic-hwe-18.04-edge - 5.4.0.94.98 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.94.98 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.94.98 linux-oem - 5.4.0.94.98 linux-tools-generic - 5.4.0.94.98 linux-image-extra-virtual - 5.4.0.94.98 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.94.98 linux-cloud-tools-lowlatency - 5.4.0.94.98 linux-headers-oem-osp1 - 5.4.0.94.98 linux-generic-lpae-hwe-18.04 - 5.4.0.94.98 linux-tools-generic-hwe-18.04 - 5.4.0.94.98 linux-headers-generic-hwe-18.04-edge - 5.4.0.94.98 linux-headers-generic - 5.4.0.94.98 linux-oem-osp1 - 5.4.0.94.98 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.94.98 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.94.98 linux-image-lowlatency-hwe-18.04 - 5.4.0.94.98 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.94.98 linux-headers-virtual - 5.4.0.94.98 linux-lowlatency-hwe-18.04 - 5.4.0.94.98 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.94.98 linux-generic-hwe-18.04 - 5.4.0.94.98 linux-image-generic-lpae - 5.4.0.94.98 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.94.98 linux-image-lowlatency - 5.4.0.94.98 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.94.98 linux-image-generic-hwe-18.04-edge - 5.4.0.94.98 linux-image-virtual-hwe-18.04-edge - 5.4.0.94.98 No subscription required None https://launchpad.net/bugs/1956575 Ubuntu 20.04 LTS It was discovered that the Apache HTTP Server incorrectly handled certain forward proxy requests. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly perform a Server Side Request Forgery attack. (CVE-2021-44224) It was discovered that the Apache HTTP Server Lua module incorrectly handled memory in the multipart parser. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-44790) Update Instructions: Run `sudo pro fix USN-5212-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.9 libapache2-mod-md - 2.4.41-4ubuntu3.9 apache2-utils - 2.4.41-4ubuntu3.9 apache2-dev - 2.4.41-4ubuntu3.9 apache2-suexec-pristine - 2.4.41-4ubuntu3.9 apache2-suexec-custom - 2.4.41-4ubuntu3.9 apache2 - 2.4.41-4ubuntu3.9 apache2-doc - 2.4.41-4ubuntu3.9 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.9 apache2-ssl-dev - 2.4.41-4ubuntu3.9 apache2-bin - 2.4.41-4ubuntu3.9 No subscription required Medium CVE-2021-44224 CVE-2021-44790 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5213-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.34.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.34.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.34.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.34.3-0ubuntu0.20.04.1 webkit2gtk-driver - 2.34.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.34.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.34.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.34.3-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.34.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.34.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-30887 CVE-2021-30890 Ubuntu 20.04 LTS It was discovered that Cacti was incorrectly validating permissions for user accounts that had been recently disabled. An authenticated attacker could possibly use this to obtain unauthorized access to application and system data. (CVE-2020-13230) It was discovered that Cacti was incorrectly performing authorization checks in auth_profile.php. A remote unauthenticated attacker could use this to perform a CSRF attack and set a new admin email or make other changes. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-13231) It was discovered that Cacti incorrectly handled user provided input sent through request parameters to the color.php script. A remote authenticated attacker could use this issue to perform SQL injection attacks. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-14295) It was discovered that Cacti did not properly escape file input fields when performing template import operations for various themes. An authenticated attacker could use this to perform XSS attacks. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-14424) It was discovered that Cacti incorrectly handled user provided input sent through request parameters to the data_debug.php script. A remote authenticated attacker could use this issue to perform SQL injection attacks. This issue only affected Ubuntu 20.04 ESM. (CVE-2020-35701) Update Instructions: Run `sudo pro fix USN-5214-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cacti - 1.2.10+ds1-1ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-13230 CVE-2020-13231 CVE-2020-14295 CVE-2020-14424 CVE-2020-35701 Ubuntu 20.04 LTS Srikantha Prathi discovered that NLTK incorrectly handled specially crafted input. An attacker could use this vulnerability to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5215-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-nltk - 3.4.5-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-3828 Ubuntu 20.04 LTS It was discovered that hosted-git-info incorrectly handled certain inputs. A remote attacker could use this to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5216-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-hosted-git-info - 2.8.5-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-23362 Ubuntu 20.04 LTS It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4090) It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4204) Update Instructions: Run `sudo pro fix USN-5217-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.14.0-1018-oem - 5.14.0-1018.19 linux-modules-5.14.0-1018-oem - 5.14.0-1018.19 linux-image-5.14.0-1018-oem - 5.14.0-1018.19 linux-headers-5.14.0-1018-oem - 5.14.0-1018.19 linux-buildinfo-5.14.0-1018-oem - 5.14.0-1018.19 linux-tools-5.14.0-1018-oem - 5.14.0-1018.19 linux-oem-5.14-tools-host - 5.14.0-1018.19 linux-oem-5.14-headers-5.14.0-1018 - 5.14.0-1018.19 linux-oem-5.14-tools-5.14.0-1018 - 5.14.0-1018.19 No subscription required linux-headers-oem-20.04d - 5.14.0.1018.16 linux-image-oem-20.04d - 5.14.0.1018.16 linux-tools-oem-20.04d - 5.14.0.1018.16 linux-oem-20.04d - 5.14.0.1018.16 No subscription required High CVE-2021-4090 CVE-2021-4204 https://launchpad.net/bugs/1956585 Ubuntu 20.04 LTS Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. (CVE-2021-4002) It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4204) It was discovered that a race condition existed in the overlay file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-20321) It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) It was discovered that an integer overflow could be triggered in the eBPF implementation in the Linux kernel when preallocating objects for stack maps. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-41864) It was discovered that the KVM implementation for POWER8 processors in the Linux kernel did not properly keep track if a wakeup event could be resolved by a guest. An attacker in a guest VM could possibly use this to cause a denial of service (host OS crash). (CVE-2021-43056) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly validate MSG_CRYPTO messages in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43267) It was discovered that the ISDN CAPI implementation in the Linux kernel contained a race condition in certain situations that could trigger an array out-of-bounds bug. A privileged local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2021-43389) Update Instructions: Run `sudo pro fix USN-5218-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.13.0-1026-oem - 5.13.0-1026.32 linux-oem-5.13-tools-host - 5.13.0-1026.32 linux-buildinfo-5.13.0-1026-oem - 5.13.0-1026.32 linux-image-unsigned-5.13.0-1026-oem - 5.13.0-1026.32 linux-oem-5.13-tools-5.13.0-1026 - 5.13.0-1026.32 linux-oem-5.13-headers-5.13.0-1026 - 5.13.0-1026.32 linux-tools-5.13.0-1026-oem - 5.13.0-1026.32 linux-headers-5.13.0-1026-oem - 5.13.0-1026.32 linux-image-5.13.0-1026-oem - 5.13.0-1026.32 No subscription required linux-image-oem-20.04c - 5.13.0.1026.29 linux-tools-oem-20.04c - 5.13.0.1026.29 linux-headers-oem-20.04c - 5.13.0.1026.29 linux-oem-20.04c - 5.13.0.1026.29 No subscription required High CVE-2021-20321 CVE-2021-3760 CVE-2021-4002 CVE-2021-41864 CVE-2021-43056 CVE-2021-43267 CVE-2021-43389 CVE-2021-4204 https://launchpad.net/bugs/1956585 Ubuntu 20.04 LTS It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5219-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.10.0-1055-oem - 5.10.0-1055.58 linux-image-unsigned-5.10.0-1055-oem - 5.10.0-1055.58 linux-image-5.10.0-1055-oem - 5.10.0-1055.58 linux-oem-5.10-headers-5.10.0-1055 - 5.10.0-1055.58 linux-modules-5.10.0-1055-oem - 5.10.0-1055.58 linux-oem-5.10-tools-5.10.0-1055 - 5.10.0-1055.58 linux-tools-5.10.0-1055-oem - 5.10.0-1055.58 linux-oem-5.10-tools-host - 5.10.0-1055.58 linux-headers-5.10.0-1055-oem - 5.10.0-1055.58 No subscription required linux-headers-oem-20.04 - 5.10.0.1055.56 linux-tools-oem-20.04b - 5.10.0.1055.56 linux-image-oem-20.04b - 5.10.0.1055.56 linux-tools-oem-20.04 - 5.10.0.1055.56 linux-oem-20.04-edge - 5.10.0.1055.56 linux-image-oem-20.04-edge - 5.10.0.1055.56 linux-oem-20.04 - 5.10.0.1055.56 linux-image-oem-20.04 - 5.10.0.1055.56 linux-oem-20.04b - 5.10.0.1055.56 linux-tools-oem-20.04-edge - 5.10.0.1055.56 linux-headers-oem-20.04-edge - 5.10.0.1055.56 linux-headers-oem-20.04b - 5.10.0.1055.56 No subscription required linux-azure-5.11-cloud-tools-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-buildinfo-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-headers-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-modules-extra-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-cloud-tools-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-modules-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 linux-image-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-tools-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 linux-azure-5.11-headers-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-oracle-5.11-tools-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-image-unsigned-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-headers-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 linux-image-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-aws-5.11-tools-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-buildinfo-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-modules-extra-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-modules-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-modules-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-modules-extra-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 linux-oracle-5.11-headers-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-headers-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-image-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 linux-tools-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-image-unsigned-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-aws-5.11-headers-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-tools-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-cloud-tools-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 linux-azure-5.11-tools-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-buildinfo-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 No subscription required linux-modules-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 linux-tools-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 linux-headers-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 linux-buildinfo-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 linux-image-unsigned-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 linux-image-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 linux-gcp-5.11-headers-5.11.0-1026 - 5.11.0-1026.29~20.04.1 linux-gcp-5.11-tools-5.11.0-1026 - 5.11.0-1026.29~20.04.1 linux-modules-extra-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 No subscription required linux-headers-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-image-5.11.0-46-generic-lpae - 5.11.0-46.51~20.04.1 linux-image-unsigned-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-image-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-headers-5.11.0-46-generic-64k - 5.11.0-46.51~20.04.1 linux-modules-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-modules-extra-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-buildinfo-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-buildinfo-5.11.0-46-generic-lpae - 5.11.0-46.51~20.04.1 linux-image-unsigned-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-hwe-5.11-cloud-tools-5.11.0-46 - 5.11.0-46.51~20.04.1 linux-hwe-5.11-source-5.11.0 - 5.11.0-46.51~20.04.1 linux-modules-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-tools-5.11.0-46-generic-lpae - 5.11.0-46.51~20.04.1 linux-hwe-5.11-tools-host - 5.11.0-46.51~20.04.1 linux-image-unsigned-5.11.0-46-generic-64k - 5.11.0-46.51~20.04.1 linux-image-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-hwe-5.11-headers-5.11.0-46 - 5.11.0-46.51~20.04.1 linux-tools-5.11.0-46-generic-64k - 5.11.0-46.51~20.04.1 linux-hwe-5.11-tools-5.11.0-46 - 5.11.0-46.51~20.04.1 linux-buildinfo-5.11.0-46-generic-64k - 5.11.0-46.51~20.04.1 linux-hwe-5.11-cloud-tools-common - 5.11.0-46.51~20.04.1 linux-buildinfo-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-modules-5.11.0-46-generic-64k - 5.11.0-46.51~20.04.1 linux-image-5.11.0-46-generic-64k - 5.11.0-46.51~20.04.1 linux-modules-5.11.0-46-generic-lpae - 5.11.0-46.51~20.04.1 linux-hwe-5.11-tools-common - 5.11.0-46.51~20.04.1 linux-tools-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-headers-5.11.0-46-generic-lpae - 5.11.0-46.51~20.04.1 linux-cloud-tools-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-headers-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-cloud-tools-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-tools-5.11.0-46-generic - 5.11.0-46.51~20.04.1 No subscription required linux-headers-oracle - 5.11.0.1025.27~20.04.18 linux-image-oracle - 5.11.0.1025.27~20.04.18 linux-tools-oracle - 5.11.0.1025.27~20.04.18 linux-oracle - 5.11.0.1025.27~20.04.18 No subscription required linux-cloud-tools-azure - 5.11.0.1025.27~20.04.24 linux-tools-azure - 5.11.0.1025.27~20.04.24 linux-headers-aws - 5.11.0.1025.27~20.04.24 linux-image-aws - 5.11.0.1025.27~20.04.24 linux-azure - 5.11.0.1025.27~20.04.24 linux-modules-extra-azure - 5.11.0.1025.27~20.04.24 linux-aws - 5.11.0.1025.27~20.04.24 linux-modules-extra-aws - 5.11.0.1025.27~20.04.24 linux-tools-aws - 5.11.0.1025.27~20.04.24 linux-image-azure - 5.11.0.1025.27~20.04.24 linux-headers-azure - 5.11.0.1025.27~20.04.24 No subscription required linux-tools-gcp - 5.11.0.1026.29~20.04.25 linux-gcp - 5.11.0.1026.29~20.04.25 linux-headers-gcp - 5.11.0.1026.29~20.04.25 linux-image-gcp - 5.11.0.1026.29~20.04.25 linux-modules-extra-gcp - 5.11.0.1026.29~20.04.25 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-headers-generic-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-headers-lowlatency-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-image-extra-virtual-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-headers-virtual-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-image-lowlatency-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-virtual-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-headers-generic-64k-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-generic-lpae-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-generic-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-image-generic-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-tools-generic-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-tools-lowlatency-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-image-generic-lpae-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-tools-virtual-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-tools-generic-64k-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-lowlatency-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-generic-64k-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-image-generic-64k-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-image-virtual-hwe-20.04 - 5.11.0.46.51~20.04.23 No subscription required High CVE-2021-4204 https://launchpad.net/bugs/1956585 Ubuntu 20.04 LTS It was discovered that Composer did not properly sanitize URLs for Mercurial repositories in the root composer.json and package source download URLs. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5220-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: composer - 1.10.1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-29472 Ubuntu 20.04 LTS It was discovered that Redis incorrectly handled certain specially crafted Lua scripts. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-32626) It was discovered that Redis incorrectly handled some malformed requests when using Redis Lua Debugger. A remote attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-32672) It was discovered that Redis incorrectly handled certain Redis Standard Protocol (RESP) requests. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-32675) It was discovered that Redis incorrectly handled some configuration parameters with specially crafted network payloads. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Vulnerabilities CVE-2021-32627 and CVE-2021-41099 only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-32627, CVE-2021-32628, CVE-2021-32687, CVE-2021-41099). It was discovered that Redis incorrectly handled memory when processing certain input in 32-bit systems. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. One vulnerability (CVE-2021-32761) only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM and another vulnerability (CVE-2021-21309) only affected Ubuntu 18.04 ESM. (CVE-2021-32761, CVE-2021-21309). Update Instructions: Run `sudo pro fix USN-5221-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: redis-sentinel - 5:5.0.7-2ubuntu0.1+esm1 redis-server - 5:5.0.7-2ubuntu0.1+esm1 redis - 5:5.0.7-2ubuntu0.1+esm1 redis-tools - 5:5.0.7-2ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-32626 CVE-2021-32627 CVE-2021-32628 CVE-2021-32672 CVE-2021-32675 CVE-2021-32687 CVE-2021-41099 CVE-2021-32761 CVE-2021-21309 Ubuntu 20.04 LTS It was discovered that Apache Log4j 2 was vulnerable to remote code execution (RCE) attack when configured to use a JDBC Appender with a JNDI LDAP data source URI. A remote attacker could possibly use this issue to cause a crash, leading to a denial of service. (CVE-2021-44832) Hideki Okamoto and Guy Lederfein discovered that Apache Log4j 2 did not protect against infinite recursion in lookup evaluation. A remote attacker could possibly use this issue to cause Apache Log4j 2 to crash, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-45105) Update Instructions: Run `sudo pro fix USN-5222-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4j2-java - 2.17.1-0.20.04.1 liblog4j2-java-doc - 2.17.1-0.20.04.1 No subscription required Medium CVE-2021-44832 CVE-2021-45105 Ubuntu 20.04 LTS It was discovered that Apache Log4j 1.2 was vulnerable to deserialization of untrusted data if the configuration file was editable. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5223-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4j1.2-java-doc - 1.2.17-9ubuntu0.1 liblog4j1.2-java - 1.2.17-9ubuntu0.1 No subscription required Medium CVE-2021-4104 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5224-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.5 ghostscript-x - 9.50~dfsg-5ubuntu4.5 libgs-dev - 9.50~dfsg-5ubuntu4.5 ghostscript-doc - 9.50~dfsg-5ubuntu4.5 libgs9 - 9.50~dfsg-5ubuntu4.5 libgs9-common - 9.50~dfsg-5ubuntu4.5 No subscription required Medium CVE-2021-45944 CVE-2021-45949 Ubuntu 20.04 LTS It was discovered that lxml incorrectly handled certain XML and HTML files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5225-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-lxml - 4.5.0-1ubuntu0.5 python-lxml - 4.5.0-1ubuntu0.5 python-lxml-doc - 4.5.0-1ubuntu0.5 No subscription required Medium CVE-2021-43818 Ubuntu 20.04 LTS It was discovered that systemd-tmpfiles employed uncontrolled recursion when removing deeply nested directory hierarchies. A local attacker could exploit this to cause systemd-tmpfiles to crash or have other unspecified impacts. Update Instructions: Run `sudo pro fix USN-5226-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: systemd-tests - 245.4-4ubuntu3.15 systemd-coredump - 245.4-4ubuntu3.15 systemd - 245.4-4ubuntu3.15 libsystemd0 - 245.4-4ubuntu3.15 systemd-container - 245.4-4ubuntu3.15 libnss-myhostname - 245.4-4ubuntu3.15 libudev1 - 245.4-4ubuntu3.15 systemd-timesyncd - 245.4-4ubuntu3.15 libsystemd-dev - 245.4-4ubuntu3.15 libnss-systemd - 245.4-4ubuntu3.15 systemd-journal-remote - 245.4-4ubuntu3.15 libpam-systemd - 245.4-4ubuntu3.15 libnss-mymachines - 245.4-4ubuntu3.15 libnss-resolve - 245.4-4ubuntu3.15 systemd-sysv - 245.4-4ubuntu3.15 udev - 245.4-4ubuntu3.15 libudev-dev - 245.4-4ubuntu3.15 No subscription required Medium CVE-2021-3997 Ubuntu 20.04 LTS It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. (CVE-2021-23437) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-34552) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-22815) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. (CVE-2022-22816) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-22817) Update Instructions: Run `sudo pro fix USN-5227-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.5 python-pil-doc - 7.0.0-4ubuntu0.5 python3-pil - 7.0.0-4ubuntu0.5 No subscription required Medium CVE-2021-23437 CVE-2021-34552 CVE-2022-22815 CVE-2022-22816 CVE-2022-22817 Ubuntu 20.04 LTS USN-5227-1 fixed vulnerabilities in Pillow. It was discovered that the fix for CVE-2022-22817 was incomplete. This update fixes the problem. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. (CVE-2021-23437) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-34552) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-22815) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. (CVE-2022-22816) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-22817) Update Instructions: Run `sudo pro fix USN-5227-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.6 python-pil-doc - 7.0.0-4ubuntu0.6 python3-pil - 7.0.0-4ubuntu0.6 No subscription required Medium CVE-2022-22817 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information across domains, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5229-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 96.0+build2-0ubuntu0.20.04.1 firefox - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 96.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 96.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 96.0+build2-0ubuntu0.20.04.1 firefox-dev - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 96.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739 CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743 CVE-2022-22745 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751 CVE-2022-22752 Ubuntu 20.04 LTS It was discovered that App::cpanminus did not properly verify CHECKSUMS files. An attacker could possibly use this issue to bypass signature verification, gaining access to sensitive data or possibly executing unauthorized code. Update Instructions: Run `sudo pro fix USN-5230-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cpanminus - 1.7044-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-16154 Ubuntu 20.04 LTS It was discovered that 389 Directory Server presented to users, during authentication, an error message which could be used to discover if a certain LDAP DN existed or not. A remote unauthenticated attacker could possibly use this to check the existence of an entry in a LDAP database and expose sensitive information. This issue affected only Ubuntu 20.04 ESM. (CVE-2020-35518) It was discovered that 389 Directory Server was incorrectly validating data used to access memory addresses. An authenticated attacker using a Syncrepl client could use this issue with a specially crafted query to cause 389 Directory Server to crash, resulting in a denial of service. (CVE-2021-3514) Update Instructions: Run `sudo pro fix USN-5231-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: 389-ds-base - 1.4.3.6-2ubuntu0.1~esm1 cockpit-389-ds - 1.4.3.6-2ubuntu0.1~esm1 389-ds-base-libs - 1.4.3.6-2ubuntu0.1~esm1 python3-lib389 - 1.4.3.6-2ubuntu0.1~esm1 389-ds-base-dev - 1.4.3.6-2ubuntu0.1~esm1 389-ds - 1.4.3.6-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-35518 CVE-2021-3514 Ubuntu 20.04 LTS Jakub Żoczek discovered that certain Fail2ban actions handled whois responses in an insecure way. If Fail2ban was configured to use certain mail actions like 'mail-whois' on a target system, a remote attacker who was able to control whois responses to this target system could possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5232-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: fail2ban - 0.11.1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-32749 Ubuntu 20.04 LTS It was discovered that ClamAV incorrectly handled memory when the CL_SCAN_GENERAL_COLLECT_METADATA scan option was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5233-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.103.5+dfsg-1~20.04.1 clamav-testfiles - 0.103.5+dfsg-1~20.04.1 clamav-base - 0.103.5+dfsg-1~20.04.1 clamav - 0.103.5+dfsg-1~20.04.1 clamav-daemon - 0.103.5+dfsg-1~20.04.1 clamav-milter - 0.103.5+dfsg-1~20.04.1 clamav-docs - 0.103.5+dfsg-1~20.04.1 clamav-freshclam - 0.103.5+dfsg-1~20.04.1 libclamav9 - 0.103.5+dfsg-1~20.04.1 clamdscan - 0.103.5+dfsg-1~20.04.1 No subscription required Medium CVE-2022-20698 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. (CVE-2021-41816) It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a regular expression denial of service. (CVE-2021-41817) It was discovered that Ruby incorrectly handled certain cookie names. An attacker could possibly use this issue to access or expose sensitive information. (CVE-2021-41819) Update Instructions: Run `sudo pro fix USN-5235-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.6 ruby2.7-doc - 2.7.0-5ubuntu1.6 libruby2.7 - 2.7.0-5ubuntu1.6 ruby2.7-dev - 2.7.0-5ubuntu1.6 No subscription required Medium CVE-2021-41816 CVE-2021-41817 CVE-2021-41819 Ubuntu 20.04 LTS It was discovered that MediaInfoLib incorrectly handled certain specially crafted files. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-26797) It was discovered that MediaInfoLib incorrectly handled certain specially crafted MpegPs files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-15395) Update Instructions: Run `sudo pro fix USN-5237-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmediainfo-dev - 19.09+dfsg-2ubuntu0.1~esm1 python3-mediainfodll - 19.09+dfsg-2ubuntu0.1~esm1 libmediainfo0v5 - 19.09+dfsg-2ubuntu0.1~esm1 libmediainfo-doc - 19.09+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-15395 CVE-2020-26797 Ubuntu 20.04 LTS It was discovered that PostgreSQL JDBC Driver incorrectly handled certain requests from external entities. A remote attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5238-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpostgresql-jdbc-java - 42.2.10-1ubuntu0.1~esm1 libpostgresql-jdbc-java-doc - 42.2.10-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-13692 Ubuntu 20.04 LTS It was discovered that HttpClient mishandled certain input. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5239-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhttpmime-java - 4.5.11-1ubuntu0.1~esm1 libhttpclient-java - 4.5.11-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-13956 Ubuntu 20.04 LTS William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5240-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.10.0-1057-oem - 5.10.0-1057.61 linux-tools-5.10.0-1057-oem - 5.10.0-1057.61 linux-image-5.10.0-1057-oem - 5.10.0-1057.61 linux-image-unsigned-5.10.0-1057-oem - 5.10.0-1057.61 linux-oem-5.10-headers-5.10.0-1057 - 5.10.0-1057.61 linux-oem-5.10-tools-5.10.0-1057 - 5.10.0-1057.61 linux-headers-5.10.0-1057-oem - 5.10.0-1057.61 linux-oem-5.10-tools-host - 5.10.0-1057.61 linux-modules-5.10.0-1057-oem - 5.10.0-1057.61 No subscription required linux-headers-oem-20.04 - 5.10.0.1057.57 linux-oem-20.04-edge - 5.10.0.1057.57 linux-oem-20.04 - 5.10.0.1057.57 linux-tools-oem-20.04b - 5.10.0.1057.57 linux-image-oem-20.04b - 5.10.0.1057.57 linux-tools-oem-20.04-edge - 5.10.0.1057.57 linux-oem-20.04b - 5.10.0.1057.57 linux-tools-oem-20.04 - 5.10.0.1057.57 linux-headers-oem-20.04b - 5.10.0.1057.57 linux-image-oem-20.04-edge - 5.10.0.1057.57 linux-image-oem-20.04 - 5.10.0.1057.57 linux-headers-oem-20.04-edge - 5.10.0.1057.57 No subscription required linux-image-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-modules-extra-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-tools-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-aws-5.11-tools-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-headers-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-cloud-tools-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-modules-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-image-unsigned-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-headers-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-aws-5.11-headers-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-tools-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-image-unsigned-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-buildinfo-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-modules-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-modules-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-buildinfo-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-tools-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-image-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-headers-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-modules-extra-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-azure-5.11-tools-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-cloud-tools-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-modules-extra-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-azure-5.11-headers-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-oracle-5.11-headers-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-image-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-buildinfo-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-oracle-5.11-tools-5.11.0-1027 - 5.11.0-1027.30~20.04.1 No subscription required linux-gcp-5.11-headers-5.11.0-1028 - 5.11.0-1028.32~20.04.1 linux-image-unsigned-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 linux-headers-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 linux-buildinfo-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 linux-image-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 linux-modules-extra-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 linux-modules-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 linux-gcp-5.11-tools-5.11.0-1028 - 5.11.0-1028.32~20.04.1 linux-tools-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 No subscription required linux-headers-oracle - 5.11.0.1027.30~20.04.19 linux-tools-oracle - 5.11.0.1027.30~20.04.19 linux-image-oracle - 5.11.0.1027.30~20.04.19 linux-oracle - 5.11.0.1027.30~20.04.19 No subscription required linux-cloud-tools-azure - 5.11.0.1027.30~20.04.25 linux-image-aws - 5.11.0.1027.30~20.04.25 linux-azure - 5.11.0.1027.30~20.04.25 linux-image-azure - 5.11.0.1027.30~20.04.25 linux-headers-azure - 5.11.0.1027.30~20.04.25 linux-headers-aws - 5.11.0.1027.30~20.04.25 linux-tools-aws - 5.11.0.1027.30~20.04.25 linux-modules-extra-aws - 5.11.0.1027.30~20.04.25 linux-tools-azure - 5.11.0.1027.30~20.04.25 linux-modules-extra-azure - 5.11.0.1027.30~20.04.25 linux-aws - 5.11.0.1027.30~20.04.25 No subscription required linux-modules-extra-gcp - 5.11.0.1028.32~20.04.26 linux-gcp - 5.11.0.1028.32~20.04.26 linux-image-gcp - 5.11.0.1028.32~20.04.26 linux-tools-gcp - 5.11.0.1028.32~20.04.26 linux-headers-gcp - 5.11.0.1028.32~20.04.26 No subscription required linux-oem-5.13-headers-5.13.0-1028 - 5.13.0-1028.35 linux-oem-5.13-tools-5.13.0-1028 - 5.13.0-1028.35 linux-image-unsigned-5.13.0-1028-oem - 5.13.0-1028.35 linux-buildinfo-5.13.0-1028-oem - 5.13.0-1028.35 linux-modules-5.13.0-1028-oem - 5.13.0-1028.35 linux-oem-5.13-tools-host - 5.13.0-1028.35 linux-headers-5.13.0-1028-oem - 5.13.0-1028.35 linux-tools-5.13.0-1028-oem - 5.13.0-1028.35 linux-image-5.13.0-1028-oem - 5.13.0-1028.35 No subscription required linux-tools-oem-20.04c - 5.13.0.1028.30 linux-image-oem-20.04c - 5.13.0.1028.30 linux-oem-20.04c - 5.13.0.1028.30 linux-headers-oem-20.04c - 5.13.0.1028.30 No subscription required linux-headers-5.14.0-1020-oem - 5.14.0-1020.22 linux-modules-5.14.0-1020-oem - 5.14.0-1020.22 linux-image-5.14.0-1020-oem - 5.14.0-1020.22 linux-oem-5.14-tools-host - 5.14.0-1020.22 linux-oem-5.14-headers-5.14.0-1020 - 5.14.0-1020.22 linux-oem-5.14-tools-5.14.0-1020 - 5.14.0-1020.22 linux-tools-5.14.0-1020-oem - 5.14.0-1020.22 linux-buildinfo-5.14.0-1020-oem - 5.14.0-1020.22 linux-image-unsigned-5.14.0-1020-oem - 5.14.0-1020.22 No subscription required linux-tools-oem-20.04d - 5.14.0.1020.17 linux-image-oem-20.04d - 5.14.0.1020.17 linux-oem-20.04d - 5.14.0.1020.17 linux-headers-oem-20.04d - 5.14.0.1020.17 No subscription required linux-ibm-tools-5.4.0-1012 - 5.4.0-1012.13 linux-ibm-headers-5.4.0-1012 - 5.4.0-1012.13 linux-headers-5.4.0-1012-ibm - 5.4.0-1012.13 linux-ibm-cloud-tools-common - 5.4.0-1012.13 linux-ibm-tools-common - 5.4.0-1012.13 linux-ibm-source-5.4.0 - 5.4.0-1012.13 linux-modules-5.4.0-1012-ibm - 5.4.0-1012.13 linux-buildinfo-5.4.0-1012-ibm - 5.4.0-1012.13 linux-modules-extra-5.4.0-1012-ibm - 5.4.0-1012.13 linux-tools-5.4.0-1012-ibm - 5.4.0-1012.13 linux-image-5.4.0-1012-ibm - 5.4.0-1012.13 linux-image-unsigned-5.4.0-1012-ibm - 5.4.0-1012.13 No subscription required linux-bluefield-headers-5.4.0-1025 - 5.4.0-1025.28 linux-image-unsigned-5.4.0-1025-bluefield - 5.4.0-1025.28 linux-headers-5.4.0-1025-bluefield - 5.4.0-1025.28 linux-modules-5.4.0-1025-bluefield - 5.4.0-1025.28 linux-bluefield-tools-5.4.0-1025 - 5.4.0-1025.28 linux-image-5.4.0-1025-bluefield - 5.4.0-1025.28 linux-buildinfo-5.4.0-1025-bluefield - 5.4.0-1025.28 linux-tools-5.4.0-1025-bluefield - 5.4.0-1025.28 No subscription required linux-gkeop-headers-5.4.0-1031 - 5.4.0-1031.32 linux-headers-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-image-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-buildinfo-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-image-unsigned-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-gkeop-tools-5.4.0-1031 - 5.4.0-1031.32 linux-tools-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-modules-extra-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-gkeop-cloud-tools-5.4.0-1031 - 5.4.0-1031.32 linux-modules-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-gkeop-source-5.4.0 - 5.4.0-1031.32 linux-cloud-tools-5.4.0-1031-gkeop - 5.4.0-1031.32 No subscription required linux-headers-5.4.0-1050-raspi - 5.4.0-1050.56 linux-image-5.4.0-1050-raspi - 5.4.0-1050.56 linux-raspi-tools-5.4.0-1050 - 5.4.0-1050.56 linux-raspi-headers-5.4.0-1050 - 5.4.0-1050.56 linux-buildinfo-5.4.0-1050-raspi - 5.4.0-1050.56 linux-modules-5.4.0-1050-raspi - 5.4.0-1050.56 linux-tools-5.4.0-1050-raspi - 5.4.0-1050.56 No subscription required linux-image-5.4.0-1053-kvm - 5.4.0-1053.55 linux-headers-5.4.0-1053-kvm - 5.4.0-1053.55 linux-tools-5.4.0-1053-kvm - 5.4.0-1053.55 linux-image-unsigned-5.4.0-1053-kvm - 5.4.0-1053.55 linux-buildinfo-5.4.0-1053-kvm - 5.4.0-1053.55 linux-kvm-tools-5.4.0-1053 - 5.4.0-1053.55 linux-modules-5.4.0-1053-kvm - 5.4.0-1053.55 linux-kvm-headers-5.4.0-1053 - 5.4.0-1053.55 No subscription required linux-image-5.4.0-1059-gke - 5.4.0-1059.62 linux-modules-extra-5.4.0-1059-gke - 5.4.0-1059.62 linux-headers-5.4.0-1059-gke - 5.4.0-1059.62 linux-buildinfo-5.4.0-1059-gke - 5.4.0-1059.62 linux-image-unsigned-5.4.0-1059-gke - 5.4.0-1059.62 linux-tools-5.4.0-1059-gke - 5.4.0-1059.62 linux-modules-5.4.0-1059-gke - 5.4.0-1059.62 linux-gke-headers-5.4.0-1059 - 5.4.0-1059.62 linux-gke-tools-5.4.0-1059 - 5.4.0-1059.62 No subscription required linux-buildinfo-5.4.0-1061-oracle - 5.4.0-1061.65 linux-image-unsigned-5.4.0-1061-oracle - 5.4.0-1061.65 linux-modules-5.4.0-1061-oracle - 5.4.0-1061.65 linux-image-5.4.0-1061-oracle - 5.4.0-1061.65 linux-modules-extra-5.4.0-1061-oracle - 5.4.0-1061.65 linux-tools-5.4.0-1061-oracle - 5.4.0-1061.65 linux-oracle-tools-5.4.0-1061 - 5.4.0-1061.65 linux-headers-5.4.0-1061-oracle - 5.4.0-1061.65 linux-oracle-headers-5.4.0-1061 - 5.4.0-1061.65 No subscription required linux-headers-5.4.0-1062-gcp - 5.4.0-1062.66 linux-buildinfo-5.4.0-1062-gcp - 5.4.0-1062.66 linux-image-unsigned-5.4.0-1062-gcp - 5.4.0-1062.66 linux-image-5.4.0-1062-gcp - 5.4.0-1062.66 linux-tools-5.4.0-1062-gcp - 5.4.0-1062.66 linux-gcp-headers-5.4.0-1062 - 5.4.0-1062.66 linux-modules-5.4.0-1062-gcp - 5.4.0-1062.66 linux-gcp-tools-5.4.0-1062 - 5.4.0-1062.66 linux-modules-extra-5.4.0-1062-gcp - 5.4.0-1062.66 No subscription required linux-buildinfo-5.4.0-1063-aws - 5.4.0-1063.66 linux-aws-tools-5.4.0-1063 - 5.4.0-1063.66 linux-cloud-tools-5.4.0-1063-aws - 5.4.0-1063.66 linux-image-unsigned-5.4.0-1063-aws - 5.4.0-1063.66 linux-modules-extra-5.4.0-1063-aws - 5.4.0-1063.66 linux-aws-headers-5.4.0-1063 - 5.4.0-1063.66 linux-modules-5.4.0-1063-aws - 5.4.0-1063.66 linux-tools-5.4.0-1063-aws - 5.4.0-1063.66 linux-aws-cloud-tools-5.4.0-1063 - 5.4.0-1063.66 linux-headers-5.4.0-1063-aws - 5.4.0-1063.66 No subscription required linux-headers-5.4.0-1067-azure - 5.4.0-1067.70 linux-azure-headers-5.4.0-1067 - 5.4.0-1067.70 linux-azure-cloud-tools-5.4.0-1067 - 5.4.0-1067.70 linux-modules-5.4.0-1067-azure - 5.4.0-1067.70 linux-image-unsigned-5.4.0-1067-azure - 5.4.0-1067.70 linux-azure-tools-5.4.0-1067 - 5.4.0-1067.70 linux-modules-extra-5.4.0-1067-azure - 5.4.0-1067.70 linux-image-5.4.0-1067-azure - 5.4.0-1067.70 linux-tools-5.4.0-1067-azure - 5.4.0-1067.70 linux-buildinfo-5.4.0-1067-azure - 5.4.0-1067.70 linux-cloud-tools-5.4.0-1067-azure - 5.4.0-1067.70 No subscription required linux-modules-5.4.0-96-lowlatency - 5.4.0-96.109 linux-tools-5.4.0-96-generic-lpae - 5.4.0-96.109 linux-headers-5.4.0-96-lowlatency - 5.4.0-96.109 linux-cloud-tools-5.4.0-96-lowlatency - 5.4.0-96.109 linux-source-5.4.0 - 5.4.0-96.109 linux-headers-5.4.0-96-generic - 5.4.0-96.109 linux-headers-5.4.0-96-generic-lpae - 5.4.0-96.109 linux-cloud-tools-common - 5.4.0-96.109 linux-image-5.4.0-96-generic-lpae - 5.4.0-96.109 linux-tools-5.4.0-96-lowlatency - 5.4.0-96.109 linux-buildinfo-5.4.0-96-lowlatency - 5.4.0-96.109 linux-cloud-tools-5.4.0-96-generic - 5.4.0-96.109 linux-modules-5.4.0-96-generic - 5.4.0-96.109 linux-modules-5.4.0-96-generic-lpae - 5.4.0-96.109 linux-buildinfo-5.4.0-96-generic - 5.4.0-96.109 linux-image-unsigned-5.4.0-96-lowlatency - 5.4.0-96.109 linux-libc-dev - 5.4.0-96.109 linux-tools-5.4.0-96 - 5.4.0-96.109 linux-modules-extra-5.4.0-96-generic - 5.4.0-96.109 linux-buildinfo-5.4.0-96-generic-lpae - 5.4.0-96.109 linux-image-5.4.0-96-lowlatency - 5.4.0-96.109 linux-tools-host - 5.4.0-96.109 linux-headers-5.4.0-96 - 5.4.0-96.109 linux-tools-common - 5.4.0-96.109 linux-doc - 5.4.0-96.109 linux-image-5.4.0-96-generic - 5.4.0-96.109 linux-tools-5.4.0-96-generic - 5.4.0-96.109 linux-cloud-tools-5.4.0-96 - 5.4.0-96.109 linux-image-unsigned-5.4.0-96-generic - 5.4.0-96.109 No subscription required linux-tools-ibm - 5.4.0.1012.13 linux-image-ibm-lts-20.04 - 5.4.0.1012.13 linux-tools-ibm-lts-20.04 - 5.4.0.1012.13 linux-ibm-lts-20.04 - 5.4.0.1012.13 linux-image-ibm - 5.4.0.1012.13 linux-ibm - 5.4.0.1012.13 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1012.13 linux-headers-ibm - 5.4.0.1012.13 linux-headers-ibm-lts-20.04 - 5.4.0.1012.13 linux-modules-extra-ibm - 5.4.0.1012.13 No subscription required linux-headers-bluefield - 5.4.0.1025.26 linux-bluefield - 5.4.0.1025.26 linux-image-bluefield - 5.4.0.1025.26 linux-tools-bluefield - 5.4.0.1025.26 No subscription required linux-cloud-tools-gkeop-5.4 - 5.4.0.1031.34 linux-image-gkeop - 5.4.0.1031.34 linux-headers-gkeop-5.4 - 5.4.0.1031.34 linux-image-gkeop-5.4 - 5.4.0.1031.34 linux-modules-extra-gkeop - 5.4.0.1031.34 linux-tools-gkeop-5.4 - 5.4.0.1031.34 linux-headers-gkeop - 5.4.0.1031.34 linux-tools-gkeop - 5.4.0.1031.34 linux-gkeop-5.4 - 5.4.0.1031.34 linux-cloud-tools-gkeop - 5.4.0.1031.34 linux-modules-extra-gkeop-5.4 - 5.4.0.1031.34 linux-gkeop - 5.4.0.1031.34 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1050.84 linux-image-raspi-hwe-18.04 - 5.4.0.1050.84 linux-headers-raspi2-hwe-18.04 - 5.4.0.1050.84 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1050.84 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1050.84 linux-headers-raspi - 5.4.0.1050.84 linux-tools-raspi2-hwe-18.04 - 5.4.0.1050.84 linux-image-raspi-hwe-18.04-edge - 5.4.0.1050.84 linux-headers-raspi2 - 5.4.0.1050.84 linux-raspi-hwe-18.04 - 5.4.0.1050.84 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1050.84 linux-raspi-hwe-18.04-edge - 5.4.0.1050.84 linux-tools-raspi2 - 5.4.0.1050.84 linux-raspi2 - 5.4.0.1050.84 linux-image-raspi2-hwe-18.04 - 5.4.0.1050.84 linux-tools-raspi - 5.4.0.1050.84 linux-raspi2-hwe-18.04 - 5.4.0.1050.84 linux-tools-raspi-hwe-18.04 - 5.4.0.1050.84 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1050.84 linux-image-raspi - 5.4.0.1050.84 linux-raspi - 5.4.0.1050.84 linux-headers-raspi-hwe-18.04 - 5.4.0.1050.84 linux-raspi2-hwe-18.04-edge - 5.4.0.1050.84 linux-image-raspi2 - 5.4.0.1050.84 No subscription required linux-kvm - 5.4.0.1053.52 linux-image-kvm - 5.4.0.1053.52 linux-tools-kvm - 5.4.0.1053.52 linux-headers-kvm - 5.4.0.1053.52 No subscription required linux-tools-gke-5.4 - 5.4.0.1059.69 linux-tools-gke - 5.4.0.1059.69 linux-headers-gke-5.4 - 5.4.0.1059.69 linux-modules-extra-gke-5.4 - 5.4.0.1059.69 linux-image-gke-5.4 - 5.4.0.1059.69 linux-gke - 5.4.0.1059.69 linux-gke-5.4 - 5.4.0.1059.69 linux-image-gke - 5.4.0.1059.69 linux-headers-gke - 5.4.0.1059.69 linux-modules-extra-gke - 5.4.0.1059.69 No subscription required linux-image-oracle-lts-20.04 - 5.4.0.1061.61 linux-headers-oracle-lts-20.04 - 5.4.0.1061.61 linux-tools-oracle-lts-20.04 - 5.4.0.1061.61 linux-oracle-lts-20.04 - 5.4.0.1061.61 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1062.72 linux-gcp-lts-20.04 - 5.4.0.1062.72 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1062.72 linux-headers-gcp-lts-20.04 - 5.4.0.1062.72 linux-image-gcp-lts-20.04 - 5.4.0.1062.72 No subscription required linux-headers-aws-lts-20.04 - 5.4.0.1063.65 linux-aws-lts-20.04 - 5.4.0.1063.65 linux-modules-extra-aws-lts-20.04 - 5.4.0.1063.65 linux-tools-aws-lts-20.04 - 5.4.0.1063.65 linux-image-aws-lts-20.04 - 5.4.0.1063.65 No subscription required linux-azure-lts-20.04 - 5.4.0.1067.65 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1067.65 linux-tools-azure-lts-20.04 - 5.4.0.1067.65 linux-headers-azure-lts-20.04 - 5.4.0.1067.65 linux-image-azure-lts-20.04 - 5.4.0.1067.65 linux-modules-extra-azure-lts-20.04 - 5.4.0.1067.65 No subscription required linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.96.100 linux-image-virtual - 5.4.0.96.100 linux-tools-lowlatency - 5.4.0.96.100 linux-tools-virtual-hwe-18.04 - 5.4.0.96.100 linux-headers-lowlatency-hwe-18.04 - 5.4.0.96.100 linux-lowlatency-hwe-18.04-edge - 5.4.0.96.100 linux-image-generic-lpae-hwe-18.04 - 5.4.0.96.100 linux-headers-generic-hwe-18.04 - 5.4.0.96.100 linux-source - 5.4.0.96.100 linux-cloud-tools-generic - 5.4.0.96.100 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.96.100 linux-generic - 5.4.0.96.100 linux-generic-hwe-18.04-edge - 5.4.0.96.100 linux-generic-lpae-hwe-18.04 - 5.4.0.96.100 linux-headers-generic-hwe-18.04-edge - 5.4.0.96.100 linux-virtual-hwe-18.04-edge - 5.4.0.96.100 linux-image-lowlatency - 5.4.0.96.100 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.96.100 linux-image-oem-osp1 - 5.4.0.96.100 linux-crashdump - 5.4.0.96.100 linux-headers-virtual-hwe-18.04-edge - 5.4.0.96.100 linux-headers-virtual-hwe-18.04 - 5.4.0.96.100 linux-generic-lpae-hwe-18.04-edge - 5.4.0.96.100 linux-generic-lpae - 5.4.0.96.100 linux-tools-oem-osp1 - 5.4.0.96.100 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.96.100 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.96.100 linux-image-generic-hwe-18.04-edge - 5.4.0.96.100 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.96.100 linux-oem - 5.4.0.96.100 linux-image-extra-virtual - 5.4.0.96.100 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.96.100 linux-headers-virtual - 5.4.0.96.100 linux-lowlatency-hwe-18.04 - 5.4.0.96.100 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.96.100 linux-image-generic-lpae - 5.4.0.96.100 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.96.100 linux-image-virtual-hwe-18.04-edge - 5.4.0.96.100 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.96.100 linux-image-generic-hwe-18.04 - 5.4.0.96.100 linux-image-oem - 5.4.0.96.100 linux-tools-lowlatency-hwe-18.04 - 5.4.0.96.100 linux-lowlatency - 5.4.0.96.100 linux-tools-virtual - 5.4.0.96.100 linux-virtual - 5.4.0.96.100 linux-tools-generic - 5.4.0.96.100 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.96.100 linux-headers-oem - 5.4.0.96.100 linux-tools-generic-hwe-18.04-edge - 5.4.0.96.100 linux-image-virtual-hwe-18.04 - 5.4.0.96.100 linux-oem-tools-host - 5.4.0.96.100 linux-headers-lowlatency - 5.4.0.96.100 linux-tools-virtual-hwe-18.04-edge - 5.4.0.96.100 linux-oem-osp1 - 5.4.0.96.100 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.96.100 linux-image-lowlatency-hwe-18.04 - 5.4.0.96.100 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.96.100 linux-cloud-tools-virtual - 5.4.0.96.100 linux-headers-generic-lpae - 5.4.0.96.100 linux-oem-osp1-tools-host - 5.4.0.96.100 linux-image-generic - 5.4.0.96.100 linux-image-extra-virtual-hwe-18.04 - 5.4.0.96.100 linux-tools-generic-lpae - 5.4.0.96.100 linux-virtual-hwe-18.04 - 5.4.0.96.100 linux-tools-oem - 5.4.0.96.100 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.96.100 linux-cloud-tools-lowlatency - 5.4.0.96.100 linux-headers-oem-osp1 - 5.4.0.96.100 linux-headers-generic - 5.4.0.96.100 linux-generic-hwe-18.04 - 5.4.0.96.100 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.96.100 linux-tools-generic-hwe-18.04 - 5.4.0.96.100 No subscription required High CVE-2022-0185 Ubuntu 20.04 LTS David Bouman discovered that AIDE incorrectly handled base64 operations. A local attacker could use this issue to cause AIDE to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5243-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aide-dynamic - 0.16.1-1ubuntu0.1 aide-common - 0.16.1-1ubuntu0.1 aide-xen - 0.16.1-1ubuntu0.1 aide - 0.16.1-1ubuntu0.1 No subscription required Medium CVE-2021-45417 Ubuntu 20.04 LTS USN-5244-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Daniel Onaca discovered that DBus contained a use-after-free vulnerability, caused by the incorrect handling of usernames sharing the same UID. An attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5244-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dbus-1-doc - 1.12.16-2ubuntu2.2 dbus - 1.12.16-2ubuntu2.2 libdbus-1-dev - 1.12.16-2ubuntu2.2 dbus-user-session - 1.12.16-2ubuntu2.2 dbus-x11 - 1.12.16-2ubuntu2.2 dbus-tests - 1.12.16-2ubuntu2.2 libdbus-1-3 - 1.12.16-2ubuntu2.2 No subscription required Low CVE-2020-35512 Ubuntu 20.04 LTS It was discovered that Apache Maven followed repositories that are defined in a dependency's Project Object Model (pom) even if the repositories weren't encrypted (http protocol). An attacker could use this vulnerability to take over a repository, execute arbitrary code or cause a denial of service. Update Instructions: Run `sudo pro fix USN-5245-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: maven - 3.6.3-1ubuntu0.1~esm1 libmaven3-core-java - 3.6.3-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-26291 Ubuntu 20.04 LTS It was discovered that vim incorrectly handled parsing of filenames in its search functionality. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. This issue only affected Ubuntu 21.10. (CVE-2021-3973) It was discovered that vim incorrectly handled memory when opening and searching the contents of certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2021-3974) It was discovered that vim incorrectly handled memory when opening and editing certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. (CVE-2021-3984) It was discovered that vim incorrectly handled memory when opening and editing certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. (CVE-2021-4019) It was discovered that vim incorrectly handled memory when opening and editing certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges.(CVE-2021-4069) Update Instructions: Run `sudo pro fix USN-5247-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.6 vim-athena - 2:8.1.2269-1ubuntu5.6 xxd - 2:8.1.2269-1ubuntu5.6 vim-gtk - 2:8.1.2269-1ubuntu5.6 vim-gui-common - 2:8.1.2269-1ubuntu5.6 vim - 2:8.1.2269-1ubuntu5.6 vim-doc - 2:8.1.2269-1ubuntu5.6 vim-tiny - 2:8.1.2269-1ubuntu5.6 vim-runtime - 2:8.1.2269-1ubuntu5.6 vim-gtk3 - 2:8.1.2269-1ubuntu5.6 vim-nox - 2:8.1.2269-1ubuntu5.6 No subscription required Medium CVE-2021-3973 CVE-2021-3974 CVE-2021-3984 CVE-2021-4019 CVE-2021-4069 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, conduct header splitting attacks, conduct spoofing attacks, bypass security restrictions, confuse the user, or execute arbitrary code. (CVE-2021-4129, CVE-2021-4140, CVE-2021-29981, CVE-2021-29982, CVE-2021-29987, CVE-2021-29991, CVE-2021-38495, CVE-2021-38496, CVE-2021-38497, CVE-2021-38498, CVE-2021-38500, CVE-2021-38501, CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509, CVE-2021-43534, CVE-2021-43535, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43656, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751) It was discovered that Thunderbird ignored the configuration to require STARTTLS for an SMTP connection. A person-in-the-middle could potentially exploit this to perform a downgrade attack in order to intercept messages or take control of a session. (CVE-2021-38502) It was discovered that JavaScript was unexpectedly enabled in the composition area. An attacker could potentially exploit this in combination with another vulnerability, with unspecified impacts. (CVE-2021-43528) A buffer overflow was discovered in the Matrix chat library bundled with Thunderbird. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2021-44538) It was discovered that Thunderbird's OpenPGP integration only considered the inner signed message when checking signature validity in a message that contains an additional outer MIME layer. An attacker could potentially exploit this to trick the user into thinking that a message has a valid signature. (CVE-2021-4126) Update Instructions: Run `sudo pro fix USN-5248-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:91.5.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:91.5.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:91.5.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:91.5.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-4126 CVE-2021-4129 CVE-2021-4140 CVE-2021-29981 CVE-2021-29982 CVE-2021-29987 CVE-2021-29991 CVE-2021-38495 CVE-2021-38496 CVE-2021-38497 CVE-2021-38498 CVE-2021-38500 CVE-2021-38501 CVE-2021-38502 CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 CVE-2021-43528 CVE-2021-43534 CVE-2021-43535 CVE-2021-43536 CVE-2021-43537 CVE-2021-43538 CVE-2021-43539 CVE-2021-43541 CVE-2021-43542 CVE-2021-43543 CVE-2021-43545 CVE-2021-43546 CVE-2021-44538 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739 CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743 CVE-2022-22745 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751 Ubuntu 20.04 LTS It was discovered that USBView allowed unprivileged users to run usbview as root. A local attacker could use this vulnerability to gain administrative privileges or cause a denial of service. Update Instructions: Run `sudo pro fix USN-5249-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: usbview - 2.0-21-g6fe2f4f-2ubuntu0.20.04.1 No subscription required High CVE-2022-23220 Ubuntu 20.04 LTS Zhuowei Zhang discovered that stringSwan incorrectly handled EAP authentication. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly bypass client and server authentication. Update Instructions: Run `sudo pro fix USN-5250-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: strongswan-nm - 5.8.2-1ubuntu3.4 strongswan-scepclient - 5.8.2-1ubuntu3.4 libcharon-extra-plugins - 5.8.2-1ubuntu3.4 libcharon-standard-plugins - 5.8.2-1ubuntu3.4 libstrongswan-extra-plugins - 5.8.2-1ubuntu3.4 strongswan-charon - 5.8.2-1ubuntu3.4 libstrongswan - 5.8.2-1ubuntu3.4 strongswan-swanctl - 5.8.2-1ubuntu3.4 libstrongswan-standard-plugins - 5.8.2-1ubuntu3.4 strongswan-starter - 5.8.2-1ubuntu3.4 libcharon-extauth-plugins - 5.8.2-1ubuntu3.4 charon-systemd - 5.8.2-1ubuntu3.4 strongswan - 5.8.2-1ubuntu3.4 strongswan-tnc-server - 5.8.2-1ubuntu3.4 strongswan-tnc-client - 5.8.2-1ubuntu3.4 strongswan-tnc-base - 5.8.2-1ubuntu3.4 charon-cmd - 5.8.2-1ubuntu3.4 strongswan-libcharon - 5.8.2-1ubuntu3.4 strongswan-pki - 5.8.2-1ubuntu3.4 strongswan-tnc-ifmap - 5.8.2-1ubuntu3.4 strongswan-tnc-pdp - 5.8.2-1ubuntu3.4 No subscription required High CVE-2021-45079 Ubuntu 20.04 LTS It was discovered that GEGL incorrectly filtered and escaped file path input data when using the C system() function for execution of the ImageMagick convert command. An attacker could possibly use this to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5251-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgegl-dev - 0.4.22-3ubuntu0.1~esm1 gir1.2-gegl-0.4 - 0.4.22-3ubuntu0.1~esm1 gegl - 0.4.22-3ubuntu0.1~esm1 libgegl-doc - 0.4.22-3ubuntu0.1~esm1 libgegl-common - 0.4.22-3ubuntu0.1~esm1 libgegl-0.4-0 - 0.4.22-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-45463 Ubuntu 20.04 LTS It was discovered that the PolicyKit pkexec tool incorrectly handled command-line arguments. A local attacker could use this issue to escalate privileges to an administrator. Update Instructions: Run `sudo pro fix USN-5252-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: policykit-1-doc - 0.105-26ubuntu1.2 libpolkit-gobject-1-dev - 0.105-26ubuntu1.2 libpolkit-agent-1-0 - 0.105-26ubuntu1.2 libpolkit-agent-1-dev - 0.105-26ubuntu1.2 policykit-1 - 0.105-26ubuntu1.2 gir1.2-polkit-1.0 - 0.105-26ubuntu1.2 libpolkit-gobject-1-0 - 0.105-26ubuntu1.2 No subscription required High CVE-2021-4034 Ubuntu 20.04 LTS It was discovered that Rack insecurely handled session ids. An unauthenticated remote attacker could possibly use this issue to perform a timing attack and hijack sessions. (CVE-2019-16782) It was discovered that Rack was incorrectly handling cookies during parsing, not validating them or performing the necessary integrity checks. An attacker could possibly use this issue to overwrite existing cookie data and gain control over a remote system's behaviour. This issue only affected Ubuntu 14.04 ESM. (CVE-2020-8184) It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an application using Rack, a remote attacker could possibly use this issue to cause a denial of service. This issue was only fixed in Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2022-30122) It was discovered that Rack was not properly escaping untrusted data when performing logging operations, which could cause shell escaped sequences to be written to a terminal. If a user or automated system were tricked into sending a specially crafted request to an application using Rack, a remote attacker could possibly use this issue to execute arbitrary code in the machine running the application. This issue was only fixed in Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2022-30123) Update Instructions: Run `sudo pro fix USN-5253-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rack - 2.0.7-2ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-16782 CVE-2020-8184 CVE-2022-30122 CVE-2022-30123 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5255-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.34.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.34.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.34.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.34.4-0ubuntu0.20.04.1 webkit2gtk-driver - 2.34.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.34.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.34.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.34.4-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.34.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.34.4-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-30934 CVE-2021-30936 CVE-2021-30951 CVE-2021-30952 CVE-2021-30953 CVE-2021-30954 CVE-2021-30984 Ubuntu 20.04 LTS USN-5256-1 fixed several vulnerabilities in uriparser. This update provides the corresponding update for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. Original advisory details: It was discovered that uriparser incorrectly handled certain memory operations. An attacker could use this to cause a denial of service. (CVE-2021-46141, CVE-2021-46142) Update Instructions: Run `sudo pro fix USN-5256-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liburiparser-doc - 0.9.3-2ubuntu0.1~esm2 liburiparser-dev - 0.9.3-2ubuntu0.1~esm2 liburiparser1 - 0.9.3-2ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-46141 CVE-2021-46142 Ubuntu 20.04 LTS USN-5257-1 fixed several vulnerabilities in ldns. This update provides the corresponding update for Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. Original advisory details: It was discovered that ldns incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-19860, CVE-2020-19861) Update Instructions: Run `sudo pro fix USN-5257-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldns-dev - 1.7.0-4.1ubuntu1+esm1 libldns2 - 1.7.0-4.1ubuntu1+esm1 python3-ldns - 1.7.0-4.1ubuntu1+esm1 ldnsutils - 1.7.0-4.1ubuntu1+esm1 python-ldns - 1.7.0-4.1ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-19860 CVE-2020-19861 Ubuntu 20.04 LTS Stuart Nevans Locke discovered that WeeChat's relay plugin insecurely handled malformed websocket frames. A remote attacker in control of a server could possibly use this issue to cause denial of service in a client. (CVE-2021-40516) Stuart Nevans Locke discovered that WeeChat insecurely handled certain IRC messages. A remote attacker in control of a server could possibly use this issue to cause denial of service in a client. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2020-9760) Stuart Nevans Locke discovered that WeeChat insecurely handled certain IRC messages. A remote unauthenticated attacker could possibly use these issues to cause denial of service in a client. These issues only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2020-9759, CVE-2020-8955) Joseph Bisch discovered that WeeChat's logger incorrectly handled certain memory operations when handling log file names. A remote attacker could possibly use this issue to cause denial of service in a client. This issue only affected Ubuntu 16.04 ESM. (CVE-2017-14727) Update Instructions: Run `sudo pro fix USN-5258-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: weechat-python - 2.8-1ubuntu0.1~esm1 weechat-dev - 2.8-1ubuntu0.1~esm1 weechat-plugins - 2.8-1ubuntu0.1~esm1 weechat-guile - 2.8-1ubuntu0.1~esm1 weechat-core - 2.8-1ubuntu0.1~esm1 weechat-tcl - 2.8-1ubuntu0.1~esm1 weechat-ruby - 2.8-1ubuntu0.1~esm1 weechat-curses - 2.8-1ubuntu0.1~esm1 weechat-doc - 2.8-1ubuntu0.1~esm1 weechat-php - 2.8-1ubuntu0.1~esm1 weechat-perl - 2.8-1ubuntu0.1~esm1 weechat - 2.8-1ubuntu0.1~esm1 weechat-lua - 2.8-1ubuntu0.1~esm1 weechat-headless - 2.8-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2017-14727 CVE-2020-8955 CVE-2020-9759 CVE-2020-9760 CVE-2021-40516 Ubuntu 20.04 LTS Orange Tsai discovered that the Samba vfs_fruit module incorrectly handled certain memory operations. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code as root. (CVE-2021-44142) Michael Hanselmann discovered that Samba incorrectly created directories. In certain configurations, a remote attacker could possibly create a directory on the server outside of the shared directory. (CVE-2021-43566) Kees van Vloten discovered that Samba incorrectly handled certain aliased SPN checks. A remote attacker could possibly use this issue to impersonate services. (CVE-2022-0336) Update Instructions: Run `sudo pro fix USN-5260-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: registry-tools - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-testsuite - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba - 2:4.13.17~dfsg-0ubuntu0.21.04.1 libnss-winbind - 2:4.13.17~dfsg-0ubuntu0.21.04.1 libpam-winbind - 2:4.13.17~dfsg-0ubuntu0.21.04.1 winbind - 2:4.13.17~dfsg-0ubuntu0.21.04.1 smbclient - 2:4.13.17~dfsg-0ubuntu0.21.04.1 libwbclient0 - 2:4.13.17~dfsg-0ubuntu0.21.04.1 libwbclient-dev - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-common-bin - 2:4.13.17~dfsg-0ubuntu0.21.04.1 libsmbclient - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-dsdb-modules - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-dev - 2:4.13.17~dfsg-0ubuntu0.21.04.1 libsmbclient-dev - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-vfs-modules - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-common - 2:4.13.17~dfsg-0ubuntu0.21.04.1 ctdb - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-libs - 2:4.13.17~dfsg-0ubuntu0.21.04.1 python3-samba - 2:4.13.17~dfsg-0ubuntu0.21.04.1 No subscription required High CVE-2021-43566 CVE-2021-44142 CVE-2022-0336 Ubuntu 20.04 LTS Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-27820) It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3640) Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3752) It was discovered that the SCTP protocol implementation in the Linux kernel did not properly verify VTAGs in some situations. A remote attacker could possibly use this to cause a denial of service (connection disassociation). (CVE-2021-3772) It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. (CVE-2021-4001) It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4090) Felix Wilhelm discovered that the KVM implementation in the Linux kernel did not properly handle exit events from AMD Secure Encrypted Virtualization-Encrypted State (SEV-ES) guest VMs. An attacker in a guest VM could use this to cause a denial of service (host kernel crash) or possibly execute arbitrary code in the host kernel. (CVE-2021-4093) Lin Ma discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4202) It was discovered that the AMD Radeon GPU driver in the Linux kernel did not properly validate writes in the debugfs file system. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42327) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) Update Instructions: Run `sudo pro fix USN-5265-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-image-unsigned-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-modules-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-headers-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-buildinfo-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-modules-extra-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-oracle-5.11-headers-5.11.0-1028 - 5.11.0-1028.31~20.04.1 linux-oracle-5.11-tools-5.11.0-1028 - 5.11.0-1028.31~20.04.1 linux-image-unsigned-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-cloud-tools-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-buildinfo-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-aws-5.11-tools-5.11.0-1028 - 5.11.0-1028.31~20.04.1 linux-image-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-tools-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-modules-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-tools-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-headers-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1028 - 5.11.0-1028.31~20.04.1 linux-aws-5.11-headers-5.11.0-1028 - 5.11.0-1028.31~20.04.1 No subscription required linux-headers-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-azure-5.11-cloud-tools-5.11.0-1028 - 5.11.0-1028.31~20.04.2 linux-buildinfo-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-azure-5.11-headers-5.11.0-1028 - 5.11.0-1028.31~20.04.2 linux-image-unsigned-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-modules-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-modules-extra-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-tools-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-image-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-azure-5.11-tools-5.11.0-1028 - 5.11.0-1028.31~20.04.2 linux-cloud-tools-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 No subscription required linux-image-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 linux-image-unsigned-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 linux-gcp-5.11-headers-5.11.0-1029 - 5.11.0-1029.33~20.04.3 linux-tools-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 linux-gcp-5.11-tools-5.11.0-1029 - 5.11.0-1029.33~20.04.3 linux-modules-extra-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 linux-modules-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 linux-buildinfo-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 linux-headers-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 No subscription required linux-headers-oracle - 5.11.0.1028.31~20.04.20 linux-tools-oracle - 5.11.0.1028.31~20.04.20 linux-image-oracle - 5.11.0.1028.31~20.04.20 linux-oracle - 5.11.0.1028.31~20.04.20 No subscription required linux-cloud-tools-azure - 5.11.0.1028.31~20.04.26 linux-tools-azure - 5.11.0.1028.31~20.04.26 linux-headers-aws - 5.11.0.1028.31~20.04.26 linux-image-aws - 5.11.0.1028.31~20.04.26 linux-modules-extra-azure - 5.11.0.1028.31~20.04.26 linux-aws - 5.11.0.1028.31~20.04.26 linux-modules-extra-aws - 5.11.0.1028.31~20.04.26 linux-image-azure - 5.11.0.1028.31~20.04.26 linux-tools-aws - 5.11.0.1028.31~20.04.26 linux-azure - 5.11.0.1028.31~20.04.26 linux-headers-azure - 5.11.0.1028.31~20.04.26 No subscription required linux-tools-gcp - 5.11.0.1029.33~20.04.27 linux-gcp - 5.11.0.1029.33~20.04.27 linux-headers-gcp - 5.11.0.1029.33~20.04.27 linux-image-gcp - 5.11.0.1029.33~20.04.27 linux-modules-extra-gcp - 5.11.0.1029.33~20.04.27 No subscription required linux-headers-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 linux-image-unsigned-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 linux-cloud-tools-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 linux-tools-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 linux-aws-5.13-tools-5.13.0-1012 - 5.13.0-1012.13~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1012 - 5.13.0-1012.13~20.04.1 linux-aws-5.13-headers-5.13.0-1012 - 5.13.0-1012.13~20.04.1 linux-modules-extra-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 linux-modules-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 linux-buildinfo-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 No subscription required linux-image-5.13.0-1029-oem - 5.13.0-1029.36 linux-oem-5.13-headers-5.13.0-1029 - 5.13.0-1029.36 linux-modules-5.13.0-1029-oem - 5.13.0-1029.36 linux-oem-5.13-tools-host - 5.13.0-1029.36 linux-image-unsigned-5.13.0-1029-oem - 5.13.0-1029.36 linux-buildinfo-5.13.0-1029-oem - 5.13.0-1029.36 linux-tools-5.13.0-1029-oem - 5.13.0-1029.36 linux-oem-5.13-tools-5.13.0-1029 - 5.13.0-1029.36 linux-headers-5.13.0-1029-oem - 5.13.0-1029.36 No subscription required linux-cloud-tools-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-hwe-5.13-cloud-tools-common - 5.13.0-28.31~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-28.31~20.04.1 linux-headers-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-tools-5.13.0-28-generic-64k - 5.13.0-28.31~20.04.1 linux-cloud-tools-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-modules-5.13.0-28-generic-lpae - 5.13.0-28.31~20.04.1 linux-headers-5.13.0-28-generic-lpae - 5.13.0-28.31~20.04.1 linux-modules-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-hwe-5.13-tools-5.13.0-28 - 5.13.0-28.31~20.04.1 linux-image-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-buildinfo-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-image-unsigned-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-image-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-hwe-5.13-headers-5.13.0-28 - 5.13.0-28.31~20.04.1 linux-buildinfo-5.13.0-28-generic-lpae - 5.13.0-28.31~20.04.1 linux-buildinfo-5.13.0-28-generic-64k - 5.13.0-28.31~20.04.1 linux-image-unsigned-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-image-unsigned-5.13.0-28-generic-64k - 5.13.0-28.31~20.04.1 linux-modules-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-image-5.13.0-28-generic-64k - 5.13.0-28.31~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-28.31~20.04.1 linux-tools-5.13.0-28-generic-lpae - 5.13.0-28.31~20.04.1 linux-tools-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-28 - 5.13.0-28.31~20.04.1 linux-modules-5.13.0-28-generic-64k - 5.13.0-28.31~20.04.1 linux-buildinfo-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-tools-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-image-5.13.0-28-generic-lpae - 5.13.0-28.31~20.04.1 linux-modules-extra-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-headers-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-28.31~20.04.1 linux-headers-5.13.0-28-generic-64k - 5.13.0-28.31~20.04.1 No subscription required linux-modules-extra-aws-edge - 5.13.0.1012.13~20.04.4 linux-image-aws-edge - 5.13.0.1012.13~20.04.4 linux-aws-edge - 5.13.0.1012.13~20.04.4 linux-headers-aws-edge - 5.13.0.1012.13~20.04.4 linux-tools-aws-edge - 5.13.0.1012.13~20.04.4 No subscription required linux-tools-oem-20.04c - 5.13.0.1029.31 linux-image-oem-20.04c - 5.13.0.1029.31 linux-oem-20.04c - 5.13.0.1029.31 linux-headers-oem-20.04c - 5.13.0.1029.31 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-headers-generic-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-image-virtual-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-headers-lowlatency-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-image-extra-virtual-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-virtual-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-headers-generic-64k-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-generic-lpae-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-image-lowlatency-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-generic-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-tools-generic-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-headers-virtual-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-tools-lowlatency-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-image-generic-lpae-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-tools-virtual-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-image-generic-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-tools-generic-64k-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-lowlatency-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-generic-64k-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-image-generic-64k-hwe-20.04 - 5.13.0.28.31~20.04.15 No subscription required Medium CVE-2020-27820 CVE-2021-3640 CVE-2021-3752 CVE-2021-3772 CVE-2021-4001 CVE-2021-4090 CVE-2021-4093 CVE-2021-4202 CVE-2021-42327 CVE-2021-42739 Ubuntu 20.04 LTS It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-22600) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) Update Instructions: Run `sudo pro fix USN-5266-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1061-gke - 5.4.0-1061.64 linux-gke-tools-5.4.0-1061 - 5.4.0-1061.64 linux-gke-headers-5.4.0-1061 - 5.4.0-1061.64 linux-modules-5.4.0-1061-gke - 5.4.0-1061.64 linux-buildinfo-5.4.0-1061-gke - 5.4.0-1061.64 linux-headers-5.4.0-1061-gke - 5.4.0-1061.64 linux-modules-extra-5.4.0-1061-gke - 5.4.0-1061.64 linux-image-5.4.0-1061-gke - 5.4.0-1061.64 linux-tools-5.4.0-1061-gke - 5.4.0-1061.64 No subscription required linux-modules-extra-gke - 5.4.0.1061.71 linux-image-gke - 5.4.0.1061.71 linux-gke-5.4 - 5.4.0.1061.71 linux-headers-gke - 5.4.0.1061.71 linux-headers-gke-5.4 - 5.4.0.1061.71 linux-image-gke-5.4 - 5.4.0.1061.71 linux-tools-gke-5.4 - 5.4.0.1061.71 linux-modules-extra-gke-5.4 - 5.4.0.1061.71 linux-gke - 5.4.0.1061.71 linux-tools-gke - 5.4.0.1061.71 No subscription required Medium CVE-2021-22600 CVE-2021-42739 Ubuntu 20.04 LTS It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3640) Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3752) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) Update Instructions: Run `sudo pro fix USN-5267-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1013-ibm - 5.4.0-1013.14 linux-ibm-tools-5.4.0-1013 - 5.4.0-1013.14 linux-modules-5.4.0-1013-ibm - 5.4.0-1013.14 linux-image-5.4.0-1013-ibm - 5.4.0-1013.14 linux-ibm-headers-5.4.0-1013 - 5.4.0-1013.14 linux-ibm-source-5.4.0 - 5.4.0-1013.14 linux-ibm-tools-common - 5.4.0-1013.14 linux-image-unsigned-5.4.0-1013-ibm - 5.4.0-1013.14 linux-ibm-cloud-tools-common - 5.4.0-1013.14 linux-headers-5.4.0-1013-ibm - 5.4.0-1013.14 linux-tools-5.4.0-1013-ibm - 5.4.0-1013.14 linux-buildinfo-5.4.0-1013-ibm - 5.4.0-1013.14 No subscription required linux-bluefield-headers-5.4.0-1026 - 5.4.0-1026.29 linux-bluefield-tools-5.4.0-1026 - 5.4.0-1026.29 linux-modules-5.4.0-1026-bluefield - 5.4.0-1026.29 linux-image-5.4.0-1026-bluefield - 5.4.0-1026.29 linux-buildinfo-5.4.0-1026-bluefield - 5.4.0-1026.29 linux-headers-5.4.0-1026-bluefield - 5.4.0-1026.29 linux-image-unsigned-5.4.0-1026-bluefield - 5.4.0-1026.29 linux-tools-5.4.0-1026-bluefield - 5.4.0-1026.29 No subscription required linux-gkeop-tools-5.4.0-1032 - 5.4.0-1032.33 linux-gkeop-headers-5.4.0-1032 - 5.4.0-1032.33 linux-headers-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-buildinfo-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-cloud-tools-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-gkeop-source-5.4.0 - 5.4.0-1032.33 linux-image-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-modules-extra-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-image-unsigned-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-gkeop-cloud-tools-5.4.0-1032 - 5.4.0-1032.33 linux-modules-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-tools-5.4.0-1032-gkeop - 5.4.0-1032.33 No subscription required linux-headers-5.4.0-1054-kvm - 5.4.0-1054.56 linux-image-unsigned-5.4.0-1054-kvm - 5.4.0-1054.56 linux-kvm-tools-5.4.0-1054 - 5.4.0-1054.56 linux-tools-5.4.0-1054-kvm - 5.4.0-1054.56 linux-buildinfo-5.4.0-1054-kvm - 5.4.0-1054.56 linux-modules-5.4.0-1054-kvm - 5.4.0-1054.56 linux-image-5.4.0-1054-kvm - 5.4.0-1054.56 linux-kvm-headers-5.4.0-1054 - 5.4.0-1054.56 No subscription required linux-oracle-tools-5.4.0-1062 - 5.4.0-1062.66 linux-modules-extra-5.4.0-1062-oracle - 5.4.0-1062.66 linux-oracle-headers-5.4.0-1062 - 5.4.0-1062.66 linux-headers-5.4.0-1062-oracle - 5.4.0-1062.66 linux-modules-5.4.0-1062-oracle - 5.4.0-1062.66 linux-image-unsigned-5.4.0-1062-oracle - 5.4.0-1062.66 linux-tools-5.4.0-1062-oracle - 5.4.0-1062.66 linux-buildinfo-5.4.0-1062-oracle - 5.4.0-1062.66 linux-image-5.4.0-1062-oracle - 5.4.0-1062.66 No subscription required linux-gcp-tools-5.4.0-1063 - 5.4.0-1063.67 linux-image-unsigned-5.4.0-1063-gcp - 5.4.0-1063.67 linux-tools-5.4.0-1063-gcp - 5.4.0-1063.67 linux-modules-extra-5.4.0-1063-gcp - 5.4.0-1063.67 linux-image-5.4.0-1063-gcp - 5.4.0-1063.67 linux-headers-5.4.0-1063-gcp - 5.4.0-1063.67 linux-buildinfo-5.4.0-1063-gcp - 5.4.0-1063.67 linux-modules-5.4.0-1063-gcp - 5.4.0-1063.67 linux-gcp-headers-5.4.0-1063 - 5.4.0-1063.67 No subscription required linux-image-unsigned-5.4.0-1064-aws - 5.4.0-1064.67 linux-aws-headers-5.4.0-1064 - 5.4.0-1064.67 linux-headers-5.4.0-1064-aws - 5.4.0-1064.67 linux-buildinfo-5.4.0-1064-aws - 5.4.0-1064.67 linux-image-5.4.0-1064-aws - 5.4.0-1064.67 linux-aws-tools-5.4.0-1064 - 5.4.0-1064.67 linux-cloud-tools-5.4.0-1064-aws - 5.4.0-1064.67 linux-modules-extra-5.4.0-1064-aws - 5.4.0-1064.67 linux-aws-cloud-tools-5.4.0-1064 - 5.4.0-1064.67 linux-tools-5.4.0-1064-aws - 5.4.0-1064.67 linux-modules-5.4.0-1064-aws - 5.4.0-1064.67 No subscription required linux-azure-tools-5.4.0-1068 - 5.4.0-1068.71 linux-azure-headers-5.4.0-1068 - 5.4.0-1068.71 linux-azure-cloud-tools-5.4.0-1068 - 5.4.0-1068.71 linux-modules-extra-5.4.0-1068-azure - 5.4.0-1068.71 linux-buildinfo-5.4.0-1068-azure - 5.4.0-1068.71 linux-modules-5.4.0-1068-azure - 5.4.0-1068.71 linux-headers-5.4.0-1068-azure - 5.4.0-1068.71 linux-tools-5.4.0-1068-azure - 5.4.0-1068.71 linux-image-5.4.0-1068-azure - 5.4.0-1068.71 linux-cloud-tools-5.4.0-1068-azure - 5.4.0-1068.71 linux-image-unsigned-5.4.0-1068-azure - 5.4.0-1068.71 No subscription required linux-tools-common - 5.4.0-97.110 linux-modules-5.4.0-97-generic - 5.4.0-97.110 linux-image-unsigned-5.4.0-97-generic - 5.4.0-97.110 linux-modules-5.4.0-97-generic-lpae - 5.4.0-97.110 linux-headers-5.4.0-97-generic - 5.4.0-97.110 linux-tools-host - 5.4.0-97.110 linux-doc - 5.4.0-97.110 linux-headers-5.4.0-97 - 5.4.0-97.110 linux-headers-5.4.0-97-generic-lpae - 5.4.0-97.110 linux-tools-5.4.0-97-generic-lpae - 5.4.0-97.110 linux-libc-dev - 5.4.0-97.110 linux-cloud-tools-5.4.0-97-generic - 5.4.0-97.110 linux-tools-5.4.0-97-generic - 5.4.0-97.110 linux-image-5.4.0-97-lowlatency - 5.4.0-97.110 linux-cloud-tools-common - 5.4.0-97.110 linux-headers-5.4.0-97-lowlatency - 5.4.0-97.110 linux-image-5.4.0-97-generic-lpae - 5.4.0-97.110 linux-buildinfo-5.4.0-97-generic-lpae - 5.4.0-97.110 linux-buildinfo-5.4.0-97-generic - 5.4.0-97.110 linux-tools-5.4.0-97-lowlatency - 5.4.0-97.110 linux-image-unsigned-5.4.0-97-lowlatency - 5.4.0-97.110 linux-modules-extra-5.4.0-97-generic - 5.4.0-97.110 linux-source-5.4.0 - 5.4.0-97.110 linux-modules-5.4.0-97-lowlatency - 5.4.0-97.110 linux-cloud-tools-5.4.0-97 - 5.4.0-97.110 linux-buildinfo-5.4.0-97-lowlatency - 5.4.0-97.110 linux-cloud-tools-5.4.0-97-lowlatency - 5.4.0-97.110 linux-image-5.4.0-97-generic - 5.4.0-97.110 linux-tools-5.4.0-97 - 5.4.0-97.110 No subscription required linux-image-ibm - 5.4.0.1013.14 linux-tools-ibm-lts-20.04 - 5.4.0.1013.14 linux-headers-ibm-lts-20.04 - 5.4.0.1013.14 linux-tools-ibm - 5.4.0.1013.14 linux-headers-ibm - 5.4.0.1013.14 linux-modules-extra-ibm - 5.4.0.1013.14 linux-ibm-lts-20.04 - 5.4.0.1013.14 linux-image-ibm-lts-20.04 - 5.4.0.1013.14 linux-ibm - 5.4.0.1013.14 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1013.14 No subscription required linux-bluefield - 5.4.0.1026.27 linux-image-bluefield - 5.4.0.1026.27 linux-headers-bluefield - 5.4.0.1026.27 linux-tools-bluefield - 5.4.0.1026.27 No subscription required linux-headers-gkeop - 5.4.0.1032.35 linux-cloud-tools-gkeop-5.4 - 5.4.0.1032.35 linux-image-gkeop - 5.4.0.1032.35 linux-gkeop-5.4 - 5.4.0.1032.35 linux-image-gkeop-5.4 - 5.4.0.1032.35 linux-gkeop - 5.4.0.1032.35 linux-cloud-tools-gkeop - 5.4.0.1032.35 linux-tools-gkeop-5.4 - 5.4.0.1032.35 linux-modules-extra-gkeop-5.4 - 5.4.0.1032.35 linux-headers-gkeop-5.4 - 5.4.0.1032.35 linux-modules-extra-gkeop - 5.4.0.1032.35 linux-tools-gkeop - 5.4.0.1032.35 No subscription required linux-kvm - 5.4.0.1054.53 linux-headers-kvm - 5.4.0.1054.53 linux-image-kvm - 5.4.0.1054.53 linux-tools-kvm - 5.4.0.1054.53 No subscription required linux-oracle-lts-20.04 - 5.4.0.1062.62 linux-headers-oracle-lts-20.04 - 5.4.0.1062.62 linux-tools-oracle-lts-20.04 - 5.4.0.1062.62 linux-image-oracle-lts-20.04 - 5.4.0.1062.62 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1063.73 linux-gcp-lts-20.04 - 5.4.0.1063.73 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1063.73 linux-headers-gcp-lts-20.04 - 5.4.0.1063.73 linux-image-gcp-lts-20.04 - 5.4.0.1063.73 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1064.66 linux-image-aws-lts-20.04 - 5.4.0.1064.66 linux-headers-aws-lts-20.04 - 5.4.0.1064.66 linux-tools-aws-lts-20.04 - 5.4.0.1064.66 linux-aws-lts-20.04 - 5.4.0.1064.66 No subscription required linux-azure-lts-20.04 - 5.4.0.1068.66 linux-tools-azure-lts-20.04 - 5.4.0.1068.66 linux-image-azure-lts-20.04 - 5.4.0.1068.66 linux-modules-extra-azure-lts-20.04 - 5.4.0.1068.66 linux-headers-azure-lts-20.04 - 5.4.0.1068.66 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1068.66 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.97.101 linux-cloud-tools-virtual - 5.4.0.97.101 linux-image-generic-hwe-18.04 - 5.4.0.97.101 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.97.101 linux-headers-generic-lpae - 5.4.0.97.101 linux-image-virtual - 5.4.0.97.101 linux-oem-osp1-tools-host - 5.4.0.97.101 linux-image-generic - 5.4.0.97.101 linux-tools-lowlatency - 5.4.0.97.101 linux-tools-virtual-hwe-18.04 - 5.4.0.97.101 linux-headers-lowlatency-hwe-18.04 - 5.4.0.97.101 linux-image-oem-osp1 - 5.4.0.97.101 linux-image-generic-lpae-hwe-18.04 - 5.4.0.97.101 linux-crashdump - 5.4.0.97.101 linux-tools-lowlatency-hwe-18.04 - 5.4.0.97.101 linux-headers-generic-hwe-18.04 - 5.4.0.97.101 linux-headers-virtual-hwe-18.04-edge - 5.4.0.97.101 linux-source - 5.4.0.97.101 linux-lowlatency - 5.4.0.97.101 linux-tools-virtual-hwe-18.04-edge - 5.4.0.97.101 linux-virtual - 5.4.0.97.101 linux-headers-virtual-hwe-18.04 - 5.4.0.97.101 linux-virtual-hwe-18.04 - 5.4.0.97.101 linux-tools-generic-lpae - 5.4.0.97.101 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.97.101 linux-tools-virtual - 5.4.0.97.101 linux-generic-lpae-hwe-18.04-edge - 5.4.0.97.101 linux-lowlatency-hwe-18.04-edge - 5.4.0.97.101 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.97.101 linux-generic-lpae - 5.4.0.97.101 linux-headers-oem - 5.4.0.97.101 linux-image-extra-virtual-hwe-18.04 - 5.4.0.97.101 linux-generic - 5.4.0.97.101 linux-tools-oem-osp1 - 5.4.0.97.101 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.97.101 linux-image-lowlatency - 5.4.0.97.101 linux-tools-generic-hwe-18.04-edge - 5.4.0.97.101 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.97.101 linux-cloud-tools-lowlatency - 5.4.0.97.101 linux-headers-lowlatency - 5.4.0.97.101 linux-image-generic-hwe-18.04-edge - 5.4.0.97.101 linux-generic-hwe-18.04-edge - 5.4.0.97.101 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.97.101 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.97.101 linux-oem - 5.4.0.97.101 linux-tools-generic - 5.4.0.97.101 linux-image-extra-virtual - 5.4.0.97.101 linux-cloud-tools-generic - 5.4.0.97.101 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.97.101 linux-oem-tools-host - 5.4.0.97.101 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.97.101 linux-tools-oem - 5.4.0.97.101 linux-headers-oem-osp1 - 5.4.0.97.101 linux-generic-lpae-hwe-18.04 - 5.4.0.97.101 linux-headers-generic-hwe-18.04-edge - 5.4.0.97.101 linux-headers-generic - 5.4.0.97.101 linux-oem-osp1 - 5.4.0.97.101 linux-image-virtual-hwe-18.04 - 5.4.0.97.101 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.97.101 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.97.101 linux-image-lowlatency-hwe-18.04 - 5.4.0.97.101 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.97.101 linux-virtual-hwe-18.04-edge - 5.4.0.97.101 linux-headers-virtual - 5.4.0.97.101 linux-image-oem - 5.4.0.97.101 linux-lowlatency-hwe-18.04 - 5.4.0.97.101 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.97.101 linux-generic-hwe-18.04 - 5.4.0.97.101 linux-image-generic-lpae - 5.4.0.97.101 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.97.101 linux-tools-generic-hwe-18.04 - 5.4.0.97.101 linux-image-virtual-hwe-18.04-edge - 5.4.0.97.101 No subscription required Medium CVE-2021-3640 CVE-2021-3752 CVE-2021-42739 Ubuntu 20.04 LTS USN-5267-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused the kernel to freeze when accessing CIFS shares in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3640) Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3752) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) Update Instructions: Run `sudo pro fix USN-5267-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1014-ibm - 5.4.0-1014.15 linux-buildinfo-5.4.0-1014-ibm - 5.4.0-1014.15 linux-image-unsigned-5.4.0-1014-ibm - 5.4.0-1014.15 linux-tools-5.4.0-1014-ibm - 5.4.0-1014.15 linux-image-5.4.0-1014-ibm - 5.4.0-1014.15 linux-ibm-tools-5.4.0-1014 - 5.4.0-1014.15 linux-ibm-source-5.4.0 - 5.4.0-1014.15 linux-ibm-headers-5.4.0-1014 - 5.4.0-1014.15 linux-ibm-tools-common - 5.4.0-1014.15 linux-headers-5.4.0-1014-ibm - 5.4.0-1014.15 linux-ibm-cloud-tools-common - 5.4.0-1014.15 linux-modules-5.4.0-1014-ibm - 5.4.0-1014.15 No subscription required linux-headers-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-gkeop-headers-5.4.0-1033 - 5.4.0-1033.34 linux-modules-extra-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-image-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-modules-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-gkeop-source-5.4.0 - 5.4.0-1033.34 linux-buildinfo-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-image-unsigned-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-gkeop-tools-5.4.0-1033 - 5.4.0-1033.34 linux-cloud-tools-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-gkeop-cloud-tools-5.4.0-1033 - 5.4.0-1033.34 linux-tools-5.4.0-1033-gkeop - 5.4.0-1033.34 No subscription required linux-image-unsigned-5.4.0-1055-kvm - 5.4.0-1055.57 linux-image-5.4.0-1055-kvm - 5.4.0-1055.57 linux-kvm-tools-5.4.0-1055 - 5.4.0-1055.57 linux-buildinfo-5.4.0-1055-kvm - 5.4.0-1055.57 linux-modules-5.4.0-1055-kvm - 5.4.0-1055.57 linux-headers-5.4.0-1055-kvm - 5.4.0-1055.57 linux-tools-5.4.0-1055-kvm - 5.4.0-1055.57 linux-kvm-headers-5.4.0-1055 - 5.4.0-1055.57 No subscription required linux-buildinfo-5.4.0-1062-gke - 5.4.0-1062.65 linux-modules-5.4.0-1062-gke - 5.4.0-1062.65 linux-gke-headers-5.4.0-1062 - 5.4.0-1062.65 linux-headers-5.4.0-1062-gke - 5.4.0-1062.65 linux-image-unsigned-5.4.0-1062-gke - 5.4.0-1062.65 linux-image-5.4.0-1062-gke - 5.4.0-1062.65 linux-tools-5.4.0-1062-gke - 5.4.0-1062.65 linux-gke-tools-5.4.0-1062 - 5.4.0-1062.65 linux-modules-extra-5.4.0-1062-gke - 5.4.0-1062.65 No subscription required linux-modules-extra-5.4.0-1063-oracle - 5.4.0-1063.67 linux-oracle-tools-5.4.0-1063 - 5.4.0-1063.67 linux-image-5.4.0-1063-oracle - 5.4.0-1063.67 linux-modules-5.4.0-1063-oracle - 5.4.0-1063.67 linux-oracle-headers-5.4.0-1063 - 5.4.0-1063.67 linux-headers-5.4.0-1063-oracle - 5.4.0-1063.67 linux-tools-5.4.0-1063-oracle - 5.4.0-1063.67 linux-buildinfo-5.4.0-1063-oracle - 5.4.0-1063.67 linux-image-unsigned-5.4.0-1063-oracle - 5.4.0-1063.67 No subscription required linux-modules-5.4.0-1064-gcp - 5.4.0-1064.68 linux-tools-5.4.0-1064-gcp - 5.4.0-1064.68 linux-gcp-tools-5.4.0-1064 - 5.4.0-1064.68 linux-modules-extra-5.4.0-1064-gcp - 5.4.0-1064.68 linux-image-unsigned-5.4.0-1064-gcp - 5.4.0-1064.68 linux-image-5.4.0-1064-gcp - 5.4.0-1064.68 linux-gcp-headers-5.4.0-1064 - 5.4.0-1064.68 linux-headers-5.4.0-1064-gcp - 5.4.0-1064.68 linux-buildinfo-5.4.0-1064-gcp - 5.4.0-1064.68 No subscription required linux-buildinfo-5.4.0-1065-aws - 5.4.0-1065.68 linux-modules-extra-5.4.0-1065-aws - 5.4.0-1065.68 linux-cloud-tools-5.4.0-1065-aws - 5.4.0-1065.68 linux-image-5.4.0-1065-aws - 5.4.0-1065.68 linux-headers-5.4.0-1065-aws - 5.4.0-1065.68 linux-aws-tools-5.4.0-1065 - 5.4.0-1065.68 linux-aws-headers-5.4.0-1065 - 5.4.0-1065.68 linux-aws-cloud-tools-5.4.0-1065 - 5.4.0-1065.68 linux-tools-5.4.0-1065-aws - 5.4.0-1065.68 linux-image-unsigned-5.4.0-1065-aws - 5.4.0-1065.68 linux-modules-5.4.0-1065-aws - 5.4.0-1065.68 No subscription required linux-cloud-tools-5.4.0-1069-azure - 5.4.0-1069.72 linux-buildinfo-5.4.0-1069-azure - 5.4.0-1069.72 linux-image-unsigned-5.4.0-1069-azure - 5.4.0-1069.72 linux-azure-cloud-tools-5.4.0-1069 - 5.4.0-1069.72 linux-headers-5.4.0-1069-azure - 5.4.0-1069.72 linux-azure-tools-5.4.0-1069 - 5.4.0-1069.72 linux-image-5.4.0-1069-azure - 5.4.0-1069.72 linux-modules-extra-5.4.0-1069-azure - 5.4.0-1069.72 linux-modules-5.4.0-1069-azure - 5.4.0-1069.72 linux-azure-headers-5.4.0-1069 - 5.4.0-1069.72 linux-tools-5.4.0-1069-azure - 5.4.0-1069.72 No subscription required linux-cloud-tools-5.4.0-99 - 5.4.0-99.112 linux-tools-common - 5.4.0-99.112 linux-tools-5.4.0-99-generic - 5.4.0-99.112 linux-modules-5.4.0-99-lowlatency - 5.4.0-99.112 linux-tools-host - 5.4.0-99.112 linux-buildinfo-5.4.0-99-generic-lpae - 5.4.0-99.112 linux-buildinfo-5.4.0-99-generic - 5.4.0-99.112 linux-doc - 5.4.0-99.112 linux-image-5.4.0-99-generic - 5.4.0-99.112 linux-headers-5.4.0-99 - 5.4.0-99.112 linux-buildinfo-5.4.0-99-lowlatency - 5.4.0-99.112 linux-headers-5.4.0-99-generic - 5.4.0-99.112 linux-libc-dev - 5.4.0-99.112 linux-source-5.4.0 - 5.4.0-99.112 linux-image-5.4.0-99-generic-lpae - 5.4.0-99.112 linux-headers-5.4.0-99-generic-lpae - 5.4.0-99.112 linux-headers-5.4.0-99-lowlatency - 5.4.0-99.112 linux-tools-5.4.0-99-lowlatency - 5.4.0-99.112 linux-modules-5.4.0-99-generic-lpae - 5.4.0-99.112 linux-cloud-tools-5.4.0-99-lowlatency - 5.4.0-99.112 linux-cloud-tools-common - 5.4.0-99.112 linux-tools-5.4.0-99-generic-lpae - 5.4.0-99.112 linux-modules-extra-5.4.0-99-generic - 5.4.0-99.112 linux-modules-5.4.0-99-generic - 5.4.0-99.112 linux-image-5.4.0-99-lowlatency - 5.4.0-99.112 linux-image-unsigned-5.4.0-99-generic - 5.4.0-99.112 linux-cloud-tools-5.4.0-99-generic - 5.4.0-99.112 linux-image-unsigned-5.4.0-99-lowlatency - 5.4.0-99.112 linux-tools-5.4.0-99 - 5.4.0-99.112 No subscription required linux-image-ibm - 5.4.0.1014.15 linux-headers-ibm-lts-20.04 - 5.4.0.1014.15 linux-tools-ibm - 5.4.0.1014.15 linux-ibm-lts-20.04 - 5.4.0.1014.15 linux-image-ibm-lts-20.04 - 5.4.0.1014.15 linux-modules-extra-ibm - 5.4.0.1014.15 linux-ibm - 5.4.0.1014.15 linux-tools-ibm-lts-20.04 - 5.4.0.1014.15 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1014.15 linux-headers-ibm - 5.4.0.1014.15 No subscription required linux-headers-gkeop - 5.4.0.1033.36 linux-cloud-tools-gkeop-5.4 - 5.4.0.1033.36 linux-image-gkeop - 5.4.0.1033.36 linux-modules-extra-gkeop-5.4 - 5.4.0.1033.36 linux-gkeop-5.4 - 5.4.0.1033.36 linux-image-gkeop-5.4 - 5.4.0.1033.36 linux-gkeop - 5.4.0.1033.36 linux-cloud-tools-gkeop - 5.4.0.1033.36 linux-headers-gkeop-5.4 - 5.4.0.1033.36 linux-modules-extra-gkeop - 5.4.0.1033.36 linux-tools-gkeop - 5.4.0.1033.36 linux-tools-gkeop-5.4 - 5.4.0.1033.36 No subscription required linux-kvm - 5.4.0.1055.54 linux-headers-kvm - 5.4.0.1055.54 linux-image-kvm - 5.4.0.1055.54 linux-tools-kvm - 5.4.0.1055.54 No subscription required linux-modules-extra-gke - 5.4.0.1062.72 linux-headers-gke-5.4 - 5.4.0.1062.72 linux-modules-extra-gke-5.4 - 5.4.0.1062.72 linux-gke-5.4 - 5.4.0.1062.72 linux-tools-gke - 5.4.0.1062.72 linux-gke - 5.4.0.1062.72 linux-headers-gke - 5.4.0.1062.72 linux-image-gke - 5.4.0.1062.72 linux-image-gke-5.4 - 5.4.0.1062.72 linux-tools-gke-5.4 - 5.4.0.1062.72 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1063.63 linux-headers-oracle-lts-20.04 - 5.4.0.1063.63 linux-image-oracle-lts-20.04 - 5.4.0.1063.63 linux-oracle-lts-20.04 - 5.4.0.1063.63 No subscription required linux-gcp-lts-20.04 - 5.4.0.1064.74 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1064.74 linux-headers-gcp-lts-20.04 - 5.4.0.1064.74 linux-image-gcp-lts-20.04 - 5.4.0.1064.74 linux-tools-gcp-lts-20.04 - 5.4.0.1064.74 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1065.67 linux-image-aws-lts-20.04 - 5.4.0.1065.67 linux-headers-aws-lts-20.04 - 5.4.0.1065.67 linux-tools-aws-lts-20.04 - 5.4.0.1065.67 linux-aws-lts-20.04 - 5.4.0.1065.67 No subscription required linux-azure-lts-20.04 - 5.4.0.1069.67 linux-image-azure-lts-20.04 - 5.4.0.1069.67 linux-modules-extra-azure-lts-20.04 - 5.4.0.1069.67 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1069.67 linux-tools-azure-lts-20.04 - 5.4.0.1069.67 linux-headers-azure-lts-20.04 - 5.4.0.1069.67 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.99.103 linux-cloud-tools-virtual - 5.4.0.99.103 linux-image-generic-hwe-18.04 - 5.4.0.99.103 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.99.103 linux-headers-generic-lpae - 5.4.0.99.103 linux-image-virtual - 5.4.0.99.103 linux-oem-osp1-tools-host - 5.4.0.99.103 linux-image-generic - 5.4.0.99.103 linux-tools-lowlatency - 5.4.0.99.103 linux-image-oem - 5.4.0.99.103 linux-tools-virtual-hwe-18.04 - 5.4.0.99.103 linux-headers-lowlatency-hwe-18.04 - 5.4.0.99.103 linux-lowlatency-hwe-18.04-edge - 5.4.0.99.103 linux-image-extra-virtual-hwe-18.04 - 5.4.0.99.103 linux-image-oem-osp1 - 5.4.0.99.103 linux-image-generic-lpae-hwe-18.04 - 5.4.0.99.103 linux-crashdump - 5.4.0.99.103 linux-headers-generic-hwe-18.04 - 5.4.0.99.103 linux-headers-virtual-hwe-18.04-edge - 5.4.0.99.103 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.99.103 linux-source - 5.4.0.99.103 linux-lowlatency - 5.4.0.99.103 linux-tools-virtual-hwe-18.04-edge - 5.4.0.99.103 linux-cloud-tools-generic - 5.4.0.99.103 linux-oem - 5.4.0.99.103 linux-headers-generic - 5.4.0.99.103 linux-headers-virtual-hwe-18.04 - 5.4.0.99.103 linux-tools-generic - 5.4.0.99.103 linux-virtual-hwe-18.04 - 5.4.0.99.103 linux-tools-generic-lpae - 5.4.0.99.103 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.99.103 linux-tools-virtual - 5.4.0.99.103 linux-generic-lpae-hwe-18.04-edge - 5.4.0.99.103 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.99.103 linux-generic-lpae-hwe-18.04 - 5.4.0.99.103 linux-generic-lpae - 5.4.0.99.103 linux-headers-oem - 5.4.0.99.103 linux-generic - 5.4.0.99.103 linux-tools-oem-osp1 - 5.4.0.99.103 linux-virtual - 5.4.0.99.103 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.99.103 linux-image-virtual-hwe-18.04 - 5.4.0.99.103 linux-headers-lowlatency - 5.4.0.99.103 linux-generic-hwe-18.04-edge - 5.4.0.99.103 linux-tools-generic-hwe-18.04-edge - 5.4.0.99.103 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.99.103 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.99.103 linux-image-generic-lpae - 5.4.0.99.103 linux-image-extra-virtual - 5.4.0.99.103 linux-oem-tools-host - 5.4.0.99.103 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.99.103 linux-cloud-tools-lowlatency - 5.4.0.99.103 linux-tools-oem - 5.4.0.99.103 linux-headers-oem-osp1 - 5.4.0.99.103 linux-headers-generic-hwe-18.04-edge - 5.4.0.99.103 linux-image-lowlatency - 5.4.0.99.103 linux-oem-osp1 - 5.4.0.99.103 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.99.103 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.99.103 linux-image-lowlatency-hwe-18.04 - 5.4.0.99.103 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.99.103 linux-virtual-hwe-18.04-edge - 5.4.0.99.103 linux-headers-virtual - 5.4.0.99.103 linux-lowlatency-hwe-18.04 - 5.4.0.99.103 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.99.103 linux-generic-hwe-18.04 - 5.4.0.99.103 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.99.103 linux-tools-generic-hwe-18.04 - 5.4.0.99.103 linux-image-generic-hwe-18.04-edge - 5.4.0.99.103 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.99.103 linux-tools-lowlatency-hwe-18.04 - 5.4.0.99.103 linux-image-virtual-hwe-18.04-edge - 5.4.0.99.103 No subscription required None https://launchpad.net/bugs/1959665 Ubuntu 20.04 LTS USN-5267-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding updates for the Linux kernel for Raspberry Pi devices. Original advisory details: It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3640) Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3752) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) Update Instructions: Run `sudo pro fix USN-5267-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1052-raspi - 5.4.0-1052.58 linux-modules-5.4.0-1052-raspi - 5.4.0-1052.58 linux-image-5.4.0-1052-raspi - 5.4.0-1052.58 linux-buildinfo-5.4.0-1052-raspi - 5.4.0-1052.58 linux-raspi-tools-5.4.0-1052 - 5.4.0-1052.58 linux-tools-5.4.0-1052-raspi - 5.4.0-1052.58 linux-raspi-headers-5.4.0-1052 - 5.4.0-1052.58 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1052.86 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1052.86 linux-raspi-hwe-18.04-edge - 5.4.0.1052.86 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1052.86 linux-raspi-hwe-18.04 - 5.4.0.1052.86 linux-tools-raspi - 5.4.0.1052.86 linux-image-raspi - 5.4.0.1052.86 linux-tools-raspi2-hwe-18.04 - 5.4.0.1052.86 linux-tools-raspi2 - 5.4.0.1052.86 linux-raspi2-hwe-18.04 - 5.4.0.1052.86 linux-raspi2 - 5.4.0.1052.86 linux-headers-raspi2 - 5.4.0.1052.86 linux-headers-raspi2-hwe-18.04 - 5.4.0.1052.86 linux-image-raspi2 - 5.4.0.1052.86 linux-image-raspi-hwe-18.04-edge - 5.4.0.1052.86 linux-tools-raspi-hwe-18.04 - 5.4.0.1052.86 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1052.86 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1052.86 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1052.86 linux-raspi - 5.4.0.1052.86 linux-headers-raspi - 5.4.0.1052.86 linux-headers-raspi-hwe-18.04 - 5.4.0.1052.86 linux-image-raspi-hwe-18.04 - 5.4.0.1052.86 linux-image-raspi2-hwe-18.04 - 5.4.0.1052.86 No subscription required Medium CVE-2021-3640 CVE-2021-3752 CVE-2021-42739 Ubuntu 20.04 LTS Keryn Knight discovered that Django incorrectly handled certain template tags. A remote attacker could possibly use this issue to perform a cross-site scripting attack. (CVE-2022-22818) Alan Ryan discovered that Django incorrectly handled file uploads. A remote attacker could possibly use this issue to cause Django to hang, resulting in a denial of service. (CVE-2022-23833) Update Instructions: Run `sudo pro fix USN-5269-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.10 python-django-doc - 2:2.2.12-1ubuntu0.10 No subscription required Medium CVE-2022-22818 CVE-2022-23833 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.28 in Ubuntu 20.04 LTS and Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.37. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-37.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-28.html https://www.oracle.com/security-alerts/cpujan2022.html Update Instructions: Run `sudo pro fix USN-5270-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.28-0ubuntu0.20.04.3 mysql-client-8.0 - 8.0.28-0ubuntu0.20.04.3 libmysqlclient-dev - 8.0.28-0ubuntu0.20.04.3 mysql-testsuite-8.0 - 8.0.28-0ubuntu0.20.04.3 mysql-router - 8.0.28-0ubuntu0.20.04.3 mysql-server - 8.0.28-0ubuntu0.20.04.3 libmysqlclient21 - 8.0.28-0ubuntu0.20.04.3 mysql-client-core-8.0 - 8.0.28-0ubuntu0.20.04.3 mysql-server-core-8.0 - 8.0.28-0ubuntu0.20.04.3 mysql-testsuite - 8.0.28-0ubuntu0.20.04.3 mysql-server-8.0 - 8.0.28-0ubuntu0.20.04.3 mysql-source-8.0 - 8.0.28-0ubuntu0.20.04.3 No subscription required Medium CVE-2022-21245 CVE-2022-21249 CVE-2022-21253 CVE-2022-21254 CVE-2022-21256 CVE-2022-21264 CVE-2022-21265 CVE-2022-21270 CVE-2022-21301 CVE-2022-21302 CVE-2022-21303 CVE-2022-21304 CVE-2022-21339 CVE-2022-21342 CVE-2022-21344 CVE-2022-21348 CVE-2022-21351 CVE-2022-21358 CVE-2022-21362 CVE-2022-21367 CVE-2022-21368 CVE-2022-21370 CVE-2022-21372 CVE-2022-21374 CVE-2022-21378 CVE-2022-21379 Ubuntu 20.04 LTS It was discovered that Adminer did not escape data in the history parameter of the default URI. A remote attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. This issue only affected Ubuntu 20.04 ESM. (CVE-2020-35572) Adam Crosser and Brian Sizemore discovered that Adminer incorrectly handled redirection requests to internal servers. An unauthenticated remote attacker could possibly use this to perform a server-side request forgery attack and expose sensitive information. (CVE-2021-21311) It was discovered that Adminer was incorrectly escaping data in the doc_link function. A remote attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-29625) Update Instructions: Run `sudo pro fix USN-5271-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: adminer - 4.7.6-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-35572 CVE-2021-21311 CVE-2021-29625 Ubuntu 20.04 LTS It was discovered that HDF5 incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5272-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhdf5-103 - 1.10.4+repack-11ubuntu1+esm1 libhdf5-doc - 1.10.4+repack-11ubuntu1+esm1 hdf5-helpers - 1.10.4+repack-11ubuntu1+esm1 libhdf5-cpp-103 - 1.10.4+repack-11ubuntu1+esm1 libhdf5-jni - 1.10.4+repack-11ubuntu1+esm1 libhdf5-dev - 1.10.4+repack-11ubuntu1+esm1 libhdf5-mpich-103 - 1.10.4+repack-11ubuntu1+esm1 libhdf5-openmpi-dev - 1.10.4+repack-11ubuntu1+esm1 libhdf5-mpich-dev - 1.10.4+repack-11ubuntu1+esm1 libhdf5-openmpi-103 - 1.10.4+repack-11ubuntu1+esm1 libhdf5-java - 1.10.4+repack-11ubuntu1+esm1 libhdf5-mpi-dev - 1.10.4+repack-11ubuntu1+esm1 hdf5-tools - 1.10.4+repack-11ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2018-17233 CVE-2018-17234 CVE-2018-17237 Ubuntu 20.04 LTS Demi M. Obenour discovered that RPM Package Manager incorrectly handled certain files. An attacker could possibly use this issue to corrupt the database and cause a denial of service. (CVE-2021-3421, CVE-2021-20271) Demi M. Obenour discovered that RPM Package Manager incorrectly handled memory when processing certain data from the database. An attacker could possibly use this issue to cause a denial of service. This issue only affects Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-20266) Update Instructions: Run `sudo pro fix USN-5273-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: debugedit - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 rpm-i18n - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 python-rpm - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 rpm-common - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 rpm - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 librpm-dev - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 rpm2cpio - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 librpmio8 - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 python3-rpm - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 librpm8 - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 librpmsign8 - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 librpmbuild8 - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Low CVE-2021-20266 CVE-2021-20271 CVE-2021-3421 Ubuntu 20.04 LTS It was discovered that Simple DirectMedia Layer library incorrectly handled memory when parsing certain specially crafted .BMP files. An attacker could possibly use these issues to crash the application or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5274-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsdl2-dev - 2.0.10+dfsg1-3ubuntu0.1~esm1 libsdl2-doc - 2.0.10+dfsg1-3ubuntu0.1~esm1 libsdl2-2.0-0 - 2.0.10+dfsg1-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-14409 CVE-2020-14410 Ubuntu 20.04 LTS Ziming Zhang discovered that BlueZ incorrectly handled memory write operations in its gatt server. A remote attacker could possibly use this to cause BlueZ to crash leading to a denial of service, or potentially remotely execute code. (CVE-2022-0204) Update Instructions: Run `sudo pro fix USN-5275-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbluetooth3 - 5.53-0ubuntu3.5 bluez-tests - 5.53-0ubuntu3.5 bluez-obexd - 5.53-0ubuntu3.5 bluetooth - 5.53-0ubuntu3.5 bluez - 5.53-0ubuntu3.5 bluez-hcidump - 5.53-0ubuntu3.5 bluez-cups - 5.53-0ubuntu3.5 libbluetooth-dev - 5.53-0ubuntu3.5 No subscription required Medium CVE-2022-0204 Ubuntu 20.04 LTS It was discovered that the NVIDIA graphics drivers incorrectly handled permissions in the kernel mode layer. A local attacker could use this issue to write to protected memory and cause a denial of service. Update Instructions: Run `sudo pro fix USN-5276-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnvidia-compute-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-ifr1-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-driver-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-decode-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-headless-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-gl-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-common-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-common-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-extra-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-utils-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-utils-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-headless-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-cfg1-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-kernel-common-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-encode-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-dkms-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-kernel-source-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-encode-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-driver-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-compute-utils-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-cfg1-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-fbc1-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-kernel-source-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-kernel-common-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440-server - 450.172.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-dkms-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-ifr1-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-fbc1-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450-server - 450.172.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-compute-utils-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-compute-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-decode-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-extra-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-gl-440-server - 450.172.01-0ubuntu0.20.04.1 No subscription required libnvidia-common-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-driver-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-common-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-gl-460-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-gl-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-cfg1-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-ifr1-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-utils-460-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-ifr1-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-gl-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-compute-460-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-decode-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-gl-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-gl-465 - 470.103.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-utils-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-cfg1-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-cfg1-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-fbc1-460 - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-compute-utils-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-compute-utils-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-compute-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-common-465 - 470.103.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460 - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-common-460 - 470.103.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-utils-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-encode-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-encode-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-source-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-decode-460-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-compute-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-compute-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-compute-utils-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-ifr1-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-common-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-fbc1-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-utils-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-cfg1-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-extra-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-encode-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-source-460 - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-source-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-encode-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-common-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460 - 470.103.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-common-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-fbc1-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-common-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-dkms-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-dkms-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-encode-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-dkms-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-extra-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-extra-460 - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-source-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-compute-utils-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-dkms-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-driver-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-extra-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-dkms-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-fbc1-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-compute-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-extra-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-utils-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-compute-utils-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-driver-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-decode-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-driver-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-decode-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-fbc1-470 - 470.103.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-common-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-common-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-cfg1-460-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-decode-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-ifr1-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-ifr1-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-source-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-driver-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-470-server - 470.103.01-0ubuntu0.20.04.1 No subscription required libnvidia-fbc1-510 - 510.47.03-0ubuntu0.20.04.1 libnvidia-common-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-utils-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-decode-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-kernel-common-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-compute-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-headless-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-cfg1-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-dkms-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-encode-510 - 510.47.03-0ubuntu0.20.04.1 libnvidia-extra-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-fbc1-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-driver-510 - 510.47.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-kernel-source-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-utils-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-compute-utils-510 - 510.47.03-0ubuntu0.20.04.1 libnvidia-decode-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-kernel-source-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-kernel-common-510 - 510.47.03-0ubuntu0.20.04.1 libnvidia-gl-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-gl-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-510 - 510.47.03-0ubuntu0.20.04.1 libnvidia-common-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-compute-utils-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-encode-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-compute-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-dkms-510 - 510.47.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-extra-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-driver-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-headless-510 - 510.47.03-0ubuntu0.20.04.1 libnvidia-cfg1-495 - 510.47.03-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-21813 CVE-2022-21814 Ubuntu 20.04 LTS It was discovered that the rlimit tracking for user namespaces in the Linux kernel did not properly perform reference counting, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-24122) It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-23222) Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-27820) It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-22600) Jürgen Groß discovered that the Xen subsystem within the Linux kernel did not adequately limit the number of events driver domains (unprivileged PV backends) could send to other guest VMs. An attacker in a driver domain could use this to cause a denial of service in other guest VMs. (CVE-2021-28713) Jürgen Groß discovered that the Xen network backend driver in the Linux kernel did not adequately limit the amount of queued packets when a guest did not process them. An attacker in a guest VM can use this to cause a denial of service (excessive kernel memory consumption) in the network backend domain. (CVE-2021-28714, CVE-2021-28715) Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39685) It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. (CVE-2021-4001) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) It was discovered that the simulated networking device driver for the Linux kernel did not properly initialize memory in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4135) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. (CVE-2021-4197) Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43975) It was discovered that the ARM Trusted Execution Environment (TEE) subsystem in the Linux kernel contained a race condition leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-44733) It was discovered that the Phone Network protocol (PhoNet) implementation in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45095) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45480) It was discovered that the BPF subsystem in the Linux kernel did not properly track pointer types on atomic fetch operations in some situations. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2022-0264) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0382) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5278-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.14.0-1022-oem - 5.14.0-1022.24 linux-headers-5.14.0-1022-oem - 5.14.0-1022.24 linux-modules-5.14.0-1022-oem - 5.14.0-1022.24 linux-image-unsigned-5.14.0-1022-oem - 5.14.0-1022.24 linux-buildinfo-5.14.0-1022-oem - 5.14.0-1022.24 linux-oem-5.14-tools-host - 5.14.0-1022.24 linux-oem-5.14-tools-5.14.0-1022 - 5.14.0-1022.24 linux-image-5.14.0-1022-oem - 5.14.0-1022.24 linux-oem-5.14-headers-5.14.0-1022 - 5.14.0-1022.24 No subscription required linux-headers-oem-20.04d - 5.14.0.1022.19 linux-tools-oem-20.04d - 5.14.0.1022.19 linux-oem-20.04d - 5.14.0.1022.19 linux-image-oem-20.04d - 5.14.0.1022.19 No subscription required High CVE-2020-27820 CVE-2021-22600 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-39685 CVE-2021-4001 CVE-2021-4083 CVE-2021-4135 CVE-2021-4155 CVE-2021-4197 CVE-2021-43975 CVE-2021-44733 CVE-2021-45095 CVE-2021-45480 CVE-2022-0264 CVE-2022-0330 CVE-2022-0382 CVE-2022-22942 CVE-2022-23222 CVE-2022-24122 Ubuntu 20.04 LTS It was discovered that util-linux incorrectly handled unmounting FUSE filesystems. A local attacker could possibly use this issue to unmount FUSE filesystems belonging to other users. Update Instructions: Run `sudo pro fix USN-5279-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bsdutils - 1:2.34-0.1ubuntu9.3 No subscription required libfdisk-dev - 2.34-0.1ubuntu9.3 libblkid1 - 2.34-0.1ubuntu9.3 libmount-dev - 2.34-0.1ubuntu9.3 rfkill - 2.34-0.1ubuntu9.3 mount - 2.34-0.1ubuntu9.3 libsmartcols1 - 2.34-0.1ubuntu9.3 util-linux-locales - 2.34-0.1ubuntu9.3 libfdisk1 - 2.34-0.1ubuntu9.3 libmount1 - 2.34-0.1ubuntu9.3 libsmartcols-dev - 2.34-0.1ubuntu9.3 uuid-dev - 2.34-0.1ubuntu9.3 libblkid-dev - 2.34-0.1ubuntu9.3 fdisk - 2.34-0.1ubuntu9.3 uuid-runtime - 2.34-0.1ubuntu9.3 util-linux - 2.34-0.1ubuntu9.3 libuuid1 - 2.34-0.1ubuntu9.3 No subscription required Medium CVE-2021-3995 CVE-2021-3996 Ubuntu 20.04 LTS It was discovered that Speex incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5280-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: speex - 1.2~rc1.2-1.1ubuntu1.20.04.1 libspeexdsp-dev - 1.2~rc1.2-1.1ubuntu1.20.04.1 libspeex-dev - 1.2~rc1.2-1.1ubuntu1.20.04.1 libspeexdsp1 - 1.2~rc1.2-1.1ubuntu1.20.04.1 speex-doc - 1.2~rc1.2-1.1ubuntu1.20.04.1 libspeex1 - 1.2~rc1.2-1.1ubuntu1.20.04.1 No subscription required Medium CVE-2020-23903 Ubuntu 20.04 LTS It was discovered that some OpenSC smart card drivers mishandled memory when performing certain decoding operations. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-15945, CVE-2019-15946) It was discovered that some OpenSC smart card drivers had buffer overflow vulnerabilities. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. (CVE-2020-26570, CVE-2020-26571, CVE-2020-26572) Update Instructions: Run `sudo pro fix USN-5281-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: opensc-pkcs11 - 0.20.0-3ubuntu0.1~esm1 opensc - 0.20.0-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-15945 CVE-2019-15946 CVE-2020-26570 CVE-2020-26571 CVE-2020-26572 Ubuntu 20.04 LTS It was discovered that PDFResurrect was incorrectly handling corrupted PDF files. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service, or arbitrary code execution. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-14267) It was discovered that PDFResurrect incorrectly handled memory when loading PDF pages. An attacker could possibly use this issue to cause a heap buffer overflow, resulting in a denial of service, or arbitrary code execution. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-14934) It was discovered that PDFResurrect was incorrectly validating header data in input PDF files. An attacker could possibly use this issue to cause a heap buffer overflow, resulting in a denial of service, or arbitrary code execution. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-20740) Carter Yagemann discovered that PDFResurrect incorrectly handled certain memory operations during PDF summary generation. An attacker could use this to cause out-of-bounds writes, resulting in a denial of service (system crash) or arbitrary code execution. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-9549) It was discovered that PDFResurrect was incorrectly processing data when performing trailer search operations. An attacker could possibly use this issue to cause an infinite loop, resulting in a denial of service. (CVE-2021-3508) Update Instructions: Run `sudo pro fix USN-5282-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pdfresurrect - 0.19-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-14267 CVE-2019-14934 CVE-2020-20740 CVE-2020-9549 CVE-2021-3508 Ubuntu 20.04 LTS It was discovered that Tar for Node.js did not properly sanitize path inputs. An attacker could possibly use this issue to read arbitrary files, resulting in a directory traversal attack. Update Instructions: Run `sudo pro fix USN-5283-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-tar - 4.4.10+ds1-2ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-32803 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, obtain sensitive information, or execute arbitrary code. (CVE-2022-0511, CVE-2022-22755, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22764) It was discovered that extensions of a particular type could auto-update themselves and bypass the prompt that requests permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to bypass security restrictions. (CVE-2022-22754) It was discovered that dragging and dropping an image into a folder could result in it being marked as executable. If a user were tricked into dragging and dropping a specially crafted image, an attacker could potentially exploit this to execute arbitrary code. (CVE-2022-22756) It was discovered that Remote Agent, used in WebDriver, did not validate Host or Origin headers. If a user were tricked into opening a specially crafted website with WebDriver enabled, an attacker could potentially exploit this to connect back to the user's browser in order to control it. (CVE-2022-22757) Update Instructions: Run `sudo pro fix USN-5284-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 97.0+build2-0ubuntu0.20.04.1 firefox - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 97.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 97.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 97.0+build2-0ubuntu0.20.04.1 firefox-dev - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 97.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-22754 CVE-2022-22755 CVE-2022-22756 CVE-2022-22757 CVE-2022-22759 CVE-2022-22760 CVE-2022-22761 CVE-2022-22764 CVE-2022-0511 Ubuntu 20.04 LTS Milan Broz discovered that cryptsetup incorrectly handled LUKS2 reencryption recovery. An attacker with physical access to modify the encrypted device header may trigger the device to be unencrypted the next time it is mounted by the user. On Ubuntu 20.04 LTS, this issue was fixed by disabling the online reencryption feature. Update Instructions: Run `sudo pro fix USN-5286-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cryptsetup - 2:2.2.2-3ubuntu2.4 cryptsetup-run - 2:2.2.2-3ubuntu2.4 libcryptsetup12 - 2:2.2.2-3ubuntu2.4 libcryptsetup-dev - 2:2.2.2-3ubuntu2.4 cryptsetup-bin - 2:2.2.2-3ubuntu2.4 cryptsetup-initramfs - 2:2.2.2-3ubuntu2.4 No subscription required Medium CVE-2021-4122 Ubuntu 20.04 LTS It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5288-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: expat - 2.2.9-1ubuntu0.2 libexpat1-dev - 2.2.9-1ubuntu0.2 libexpat1 - 2.2.9-1ubuntu0.2 No subscription required High CVE-2021-45960 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 CVE-2022-23852 CVE-2022-23990 CVE-2022-25235 CVE-2022-25236 Ubuntu 20.04 LTS James Isaac and Mathias Brodala discovered that Symfony incorrectly handled switch users functionality. An attacker could possibly use this issue to enumerate users. (CVE-2021-21424) It was discovered that Symfony incorrectly handled certain specially crafted CSV files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 20.04 ESM. (CVE-2021-41270) Update Instructions: Run `sudo pro fix USN-5290-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-symfony-framework-bundle - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-security-core - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-ldap - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-browser-kit - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-filesystem - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-twig-bundle - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-mailchimp-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-web-profiler-bundle - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-asset - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-var-exporter - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-sendgrid-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-security-http - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-phpunit-bridge - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-http-client - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-web-server-bundle - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-http-kernel - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-templating - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-property-access - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-amazon-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-doctrine-bridge - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-intl - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-twig-bridge - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-security-guard - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-postmark-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-serializer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-dependency-injection - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-yaml - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-debug-bundle - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-css-selector - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-expression-language - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-process - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-var-dumper - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-property-info - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-routing - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-security-bundle - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-finder - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-google-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-lock - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-validator - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-debug - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-inflector - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-cache - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-monolog-bridge - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-mime - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-workflow - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-form - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-proxy-manager-bridge - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-http-foundation - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-event-dispatcher - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-options-resolver - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-dotenv - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-web-link - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-messenger - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-mailgun-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-translation - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-dom-crawler - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-security - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-console - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-stopwatch - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-config - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-security-csrf - 4.3.8+dfsg-1ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-21424 CVE-2021-41270 Ubuntu 20.04 LTS It was discovered that libarchive incorrectly handled symlinks. If a user or automated system were tricked into processing a specially crafted archive, an attacker could possibly use this issue to change modes, times, ACLs, and flags on arbitrary files. (CVE-2021-23177, CVE-2021-31566) It was discovered that libarchive incorrectly handled certain RAR archives. If a user or automated system were tricked into processing a specially crafted RAR archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-36976) Update Instructions: Run `sudo pro fix USN-5291-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libarchive-dev - 3.4.0-2ubuntu1.1 libarchive-tools - 3.4.0-2ubuntu1.1 libarchive13 - 3.4.0-2ubuntu1.1 No subscription required Medium CVE-2021-23177 CVE-2021-31566 CVE-2021-36976 Ubuntu 20.04 LTS James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to expose sensitive information. (CVE-2021-3155) Ian Johnson discovered that snapd did not properly validate content interfaces and layout paths. A local attacker could possibly use this issue to inject arbitrary AppArmor policy rules, resulting in a bypass of intended access restrictions. (CVE-2021-4120) The Qualys Research Team discovered that snapd did not properly validate the location of the snap-confine binary. A local attacker could possibly use this issue to execute other arbitrary binaries and escalate privileges. (CVE-2021-44730) The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing a private mount namespace for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code. (CVE-2021-44731) Update Instructions: Run `sudo pro fix USN-5292-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.54.3+20.04 ubuntu-core-launcher - 2.54.3+20.04 snap-confine - 2.54.3+20.04 ubuntu-snappy-cli - 2.54.3+20.04 golang-github-snapcore-snapd-dev - 2.54.3+20.04 snapd-xdg-open - 2.54.3+20.04 snapd - 2.54.3+20.04 golang-github-ubuntu-core-snappy-dev - 2.54.3+20.04 ubuntu-snappy - 2.54.3+20.04 No subscription required High CVE-2021-3155 CVE-2021-4120 CVE-2021-44730 CVE-2021-44731 Ubuntu 20.04 LTS USN-5292-1 fixed vulnerabilities in snapd. This update provides the corresponding update for the riscv64 architecture. Original advisory details: James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to expose sensitive information. (CVE-2021-3155) Ian Johnson discovered that snapd did not properly validate content interfaces and layout paths. A local attacker could possibly use this issue to inject arbitrary AppArmor policy rules, resulting in a bypass of intended access restrictions. (CVE-2021-4120) The Qualys Research Team discovered that snapd did not properly validate the location of the snap-confine binary. A local attacker could possibly use this issue to execute other arbitrary binaries and escalate privileges. (CVE-2021-44730) The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing a private mount namespace for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code. (CVE-2021-44731) Update Instructions: Run `sudo pro fix USN-5292-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.54.3+20.04.1 ubuntu-core-launcher - 2.54.3+20.04.1 snap-confine - 2.54.3+20.04.1 ubuntu-snappy-cli - 2.54.3+20.04.1 golang-github-snapcore-snapd-dev - 2.54.3+20.04.1 snapd-xdg-open - 2.54.3+20.04.1 snapd - 2.54.3+20.04.1 golang-github-ubuntu-core-snappy-dev - 2.54.3+20.04.1 ubuntu-snappy - 2.54.3+20.04.1 No subscription required High CVE-2021-3155 CVE-2021-4120 CVE-2021-44730 CVE-2021-44731 Ubuntu 20.04 LTS USN-5292-1 fixed a vulnerability in snapd. Unfortunately that update introduced a regression that could break the fish shell. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to expose sensitive information. (CVE-2021-3155) Ian Johnson discovered that snapd did not properly validate content interfaces and layout paths. A local attacker could possibly use this issue to inject arbitrary AppArmor policy rules, resulting in a bypass of intended access restrictions. (CVE-2021-4120) The Qualys Research Team discovered that snapd did not properly validate the location of the snap-confine binary. A local attacker could possibly use this issue to execute other arbitrary binaries and escalate privileges. (CVE-2021-44730) The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing a private mount namespace for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code. (CVE-2021-44731) Update Instructions: Run `sudo pro fix USN-5292-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.54.3+20.04.1ubuntu0.2 ubuntu-core-launcher - 2.54.3+20.04.1ubuntu0.2 snap-confine - 2.54.3+20.04.1ubuntu0.2 ubuntu-snappy-cli - 2.54.3+20.04.1ubuntu0.2 golang-github-snapcore-snapd-dev - 2.54.3+20.04.1ubuntu0.2 snapd-xdg-open - 2.54.3+20.04.1ubuntu0.2 snapd - 2.54.3+20.04.1ubuntu0.2 golang-github-ubuntu-core-snappy-dev - 2.54.3+20.04.1ubuntu0.2 ubuntu-snappy - 2.54.3+20.04.1ubuntu0.2 No subscription required None https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1961365 https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1961791 Ubuntu 20.04 LTS Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the application's XML configuration file could cause a denial of service. Update Instructions: Run `sudo pro fix USN-5293-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc3p0-java-doc - 0.9.1.2-10ubuntu0.20.04.1 libc3p0-java - 0.9.1.2-10ubuntu0.20.04.1 No subscription required Medium CVE-2019-5427 Ubuntu 20.04 LTS It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-22600) Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39685) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) Lin Ma discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4202) Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43975) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5294-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-common - 5.4.0-100.113 linux-modules-5.4.0-100-generic-lpae - 5.4.0-100.113 linux-headers-5.4.0-100-lowlatency - 5.4.0-100.113 linux-tools-host - 5.4.0-100.113 linux-tools-5.4.0-100-lowlatency - 5.4.0-100.113 linux-doc - 5.4.0-100.113 linux-image-5.4.0-100-lowlatency - 5.4.0-100.113 linux-cloud-tools-5.4.0-100-generic - 5.4.0-100.113 linux-image-unsigned-5.4.0-100-generic - 5.4.0-100.113 linux-modules-5.4.0-100-lowlatency - 5.4.0-100.113 linux-libc-dev - 5.4.0-100.113 linux-source-5.4.0 - 5.4.0-100.113 linux-tools-5.4.0-100-generic-lpae - 5.4.0-100.113 linux-tools-5.4.0-100-generic - 5.4.0-100.113 linux-image-5.4.0-100-generic-lpae - 5.4.0-100.113 linux-buildinfo-5.4.0-100-generic - 5.4.0-100.113 linux-headers-5.4.0-100-generic-lpae - 5.4.0-100.113 linux-modules-5.4.0-100-generic - 5.4.0-100.113 linux-headers-5.4.0-100-generic - 5.4.0-100.113 linux-image-unsigned-5.4.0-100-lowlatency - 5.4.0-100.113 linux-cloud-tools-common - 5.4.0-100.113 linux-headers-5.4.0-100 - 5.4.0-100.113 linux-cloud-tools-5.4.0-100-lowlatency - 5.4.0-100.113 linux-modules-extra-5.4.0-100-generic - 5.4.0-100.113 linux-buildinfo-5.4.0-100-generic-lpae - 5.4.0-100.113 linux-image-5.4.0-100-generic - 5.4.0-100.113 linux-cloud-tools-5.4.0-100 - 5.4.0-100.113 linux-tools-5.4.0-100 - 5.4.0-100.113 linux-buildinfo-5.4.0-100-lowlatency - 5.4.0-100.113 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.100.104 linux-cloud-tools-virtual - 5.4.0.100.104 linux-image-generic-hwe-18.04 - 5.4.0.100.104 linux-tools-oem - 5.4.0.100.104 linux-headers-generic-lpae - 5.4.0.100.104 linux-image-virtual - 5.4.0.100.104 linux-oem-osp1-tools-host - 5.4.0.100.104 linux-image-generic - 5.4.0.100.104 linux-tools-lowlatency - 5.4.0.100.104 linux-image-oem - 5.4.0.100.104 linux-tools-virtual-hwe-18.04 - 5.4.0.100.104 linux-headers-generic-hwe-18.04 - 5.4.0.100.104 linux-headers-lowlatency-hwe-18.04 - 5.4.0.100.104 linux-lowlatency-hwe-18.04-edge - 5.4.0.100.104 linux-image-extra-virtual-hwe-18.04 - 5.4.0.100.104 linux-image-oem-osp1 - 5.4.0.100.104 linux-image-generic-lpae-hwe-18.04 - 5.4.0.100.104 linux-crashdump - 5.4.0.100.104 linux-tools-lowlatency-hwe-18.04 - 5.4.0.100.104 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.100.104 linux-headers-virtual-hwe-18.04-edge - 5.4.0.100.104 linux-source - 5.4.0.100.104 linux-lowlatency - 5.4.0.100.104 linux-tools-virtual-hwe-18.04-edge - 5.4.0.100.104 linux-tools-generic-lpae - 5.4.0.100.104 linux-cloud-tools-generic - 5.4.0.100.104 linux-virtual - 5.4.0.100.104 linux-headers-virtual-hwe-18.04 - 5.4.0.100.104 linux-virtual-hwe-18.04 - 5.4.0.100.104 linux-virtual-hwe-18.04-edge - 5.4.0.100.104 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.100.104 linux-tools-virtual - 5.4.0.100.104 linux-generic-lpae-hwe-18.04-edge - 5.4.0.100.104 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.100.104 linux-generic-lpae - 5.4.0.100.104 linux-headers-oem - 5.4.0.100.104 linux-generic - 5.4.0.100.104 linux-tools-oem-osp1 - 5.4.0.100.104 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.100.104 linux-tools-generic-hwe-18.04-edge - 5.4.0.100.104 linux-image-virtual-hwe-18.04 - 5.4.0.100.104 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.100.104 linux-oem-tools-host - 5.4.0.100.104 linux-headers-lowlatency - 5.4.0.100.104 linux-image-generic-hwe-18.04-edge - 5.4.0.100.104 linux-generic-hwe-18.04-edge - 5.4.0.100.104 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.100.104 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.100.104 linux-oem - 5.4.0.100.104 linux-tools-generic - 5.4.0.100.104 linux-image-extra-virtual - 5.4.0.100.104 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.100.104 linux-cloud-tools-lowlatency - 5.4.0.100.104 linux-headers-oem-osp1 - 5.4.0.100.104 linux-generic-lpae-hwe-18.04 - 5.4.0.100.104 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.100.104 linux-headers-generic-hwe-18.04-edge - 5.4.0.100.104 linux-headers-generic - 5.4.0.100.104 linux-oem-osp1 - 5.4.0.100.104 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.100.104 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.100.104 linux-image-lowlatency-hwe-18.04 - 5.4.0.100.104 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.100.104 linux-headers-virtual - 5.4.0.100.104 linux-lowlatency-hwe-18.04 - 5.4.0.100.104 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.100.104 linux-generic-hwe-18.04 - 5.4.0.100.104 linux-image-generic-lpae - 5.4.0.100.104 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.100.104 linux-image-lowlatency - 5.4.0.100.104 linux-tools-generic-hwe-18.04 - 5.4.0.100.104 linux-image-virtual-hwe-18.04-edge - 5.4.0.100.104 No subscription required Medium CVE-2021-22600 CVE-2021-39685 CVE-2021-4083 CVE-2021-4155 CVE-2021-4202 CVE-2021-43975 CVE-2022-0330 CVE-2022-22942 Ubuntu 20.04 LTS It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-22600) Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39685) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) Lin Ma discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4202) Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43975) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5294-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1015-ibm - 5.4.0-1015.16 linux-image-5.4.0-1015-ibm - 5.4.0-1015.16 linux-ibm-tools-5.4.0-1015 - 5.4.0-1015.16 linux-ibm-headers-5.4.0-1015 - 5.4.0-1015.16 linux-ibm-tools-common - 5.4.0-1015.16 linux-buildinfo-5.4.0-1015-ibm - 5.4.0-1015.16 linux-modules-5.4.0-1015-ibm - 5.4.0-1015.16 linux-ibm-source-5.4.0 - 5.4.0-1015.16 linux-ibm-cloud-tools-common - 5.4.0-1015.16 linux-modules-extra-5.4.0-1015-ibm - 5.4.0-1015.16 linux-headers-5.4.0-1015-ibm - 5.4.0-1015.16 linux-image-unsigned-5.4.0-1015-ibm - 5.4.0-1015.16 No subscription required linux-bluefield-headers-5.4.0-1028 - 5.4.0-1028.31 linux-headers-5.4.0-1028-bluefield - 5.4.0-1028.31 linux-modules-5.4.0-1028-bluefield - 5.4.0-1028.31 linux-bluefield-tools-5.4.0-1028 - 5.4.0-1028.31 linux-image-5.4.0-1028-bluefield - 5.4.0-1028.31 linux-tools-5.4.0-1028-bluefield - 5.4.0-1028.31 linux-buildinfo-5.4.0-1028-bluefield - 5.4.0-1028.31 linux-image-unsigned-5.4.0-1028-bluefield - 5.4.0-1028.31 No subscription required linux-gkeop-headers-5.4.0-1034 - 5.4.0-1034.35 linux-modules-extra-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-image-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-tools-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-gkeop-source-5.4.0 - 5.4.0-1034.35 linux-headers-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-cloud-tools-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-modules-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-gkeop-cloud-tools-5.4.0-1034 - 5.4.0-1034.35 linux-gkeop-tools-5.4.0-1034 - 5.4.0-1034.35 linux-buildinfo-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-image-unsigned-5.4.0-1034-gkeop - 5.4.0-1034.35 No subscription required linux-image-5.4.0-1053-raspi - 5.4.0-1053.60 linux-buildinfo-5.4.0-1053-raspi - 5.4.0-1053.60 linux-modules-5.4.0-1053-raspi - 5.4.0-1053.60 linux-raspi-tools-5.4.0-1053 - 5.4.0-1053.60 linux-raspi-headers-5.4.0-1053 - 5.4.0-1053.60 linux-tools-5.4.0-1053-raspi - 5.4.0-1053.60 linux-headers-5.4.0-1053-raspi - 5.4.0-1053.60 No subscription required linux-kvm-tools-5.4.0-1056 - 5.4.0-1056.58 linux-tools-5.4.0-1056-kvm - 5.4.0-1056.58 linux-buildinfo-5.4.0-1056-kvm - 5.4.0-1056.58 linux-headers-5.4.0-1056-kvm - 5.4.0-1056.58 linux-image-unsigned-5.4.0-1056-kvm - 5.4.0-1056.58 linux-kvm-headers-5.4.0-1056 - 5.4.0-1056.58 linux-modules-5.4.0-1056-kvm - 5.4.0-1056.58 linux-image-5.4.0-1056-kvm - 5.4.0-1056.58 No subscription required linux-headers-5.4.0-1064-oracle - 5.4.0-1064.68 linux-image-5.4.0-1064-oracle - 5.4.0-1064.68 linux-oracle-tools-5.4.0-1064 - 5.4.0-1064.68 linux-oracle-headers-5.4.0-1064 - 5.4.0-1064.68 linux-image-unsigned-5.4.0-1064-oracle - 5.4.0-1064.68 linux-modules-extra-5.4.0-1064-oracle - 5.4.0-1064.68 linux-modules-5.4.0-1064-oracle - 5.4.0-1064.68 linux-tools-5.4.0-1064-oracle - 5.4.0-1064.68 linux-buildinfo-5.4.0-1064-oracle - 5.4.0-1064.68 No subscription required linux-gcp-tools-5.4.0-1065 - 5.4.0-1065.69 linux-modules-5.4.0-1065-gcp - 5.4.0-1065.69 linux-modules-extra-5.4.0-1065-gcp - 5.4.0-1065.69 linux-buildinfo-5.4.0-1065-gcp - 5.4.0-1065.69 linux-image-5.4.0-1065-gcp - 5.4.0-1065.69 linux-tools-5.4.0-1065-gcp - 5.4.0-1065.69 linux-headers-5.4.0-1065-gcp - 5.4.0-1065.69 linux-gcp-headers-5.4.0-1065 - 5.4.0-1065.69 linux-image-unsigned-5.4.0-1065-gcp - 5.4.0-1065.69 No subscription required linux-tools-5.4.0-1066-aws - 5.4.0-1066.69 linux-headers-5.4.0-1066-aws - 5.4.0-1066.69 linux-aws-tools-5.4.0-1066 - 5.4.0-1066.69 linux-aws-headers-5.4.0-1066 - 5.4.0-1066.69 linux-modules-5.4.0-1066-aws - 5.4.0-1066.69 linux-image-unsigned-5.4.0-1066-aws - 5.4.0-1066.69 linux-modules-extra-5.4.0-1066-aws - 5.4.0-1066.69 linux-aws-cloud-tools-5.4.0-1066 - 5.4.0-1066.69 linux-cloud-tools-5.4.0-1066-aws - 5.4.0-1066.69 linux-image-5.4.0-1066-aws - 5.4.0-1066.69 linux-buildinfo-5.4.0-1066-aws - 5.4.0-1066.69 No subscription required linux-azure-headers-5.4.0-1070 - 5.4.0-1070.73 linux-modules-extra-5.4.0-1070-azure - 5.4.0-1070.73 linux-modules-5.4.0-1070-azure - 5.4.0-1070.73 linux-cloud-tools-5.4.0-1070-azure - 5.4.0-1070.73 linux-headers-5.4.0-1070-azure - 5.4.0-1070.73 linux-image-unsigned-5.4.0-1070-azure - 5.4.0-1070.73 linux-azure-cloud-tools-5.4.0-1070 - 5.4.0-1070.73 linux-tools-5.4.0-1070-azure - 5.4.0-1070.73 linux-image-5.4.0-1070-azure - 5.4.0-1070.73 linux-azure-tools-5.4.0-1070 - 5.4.0-1070.73 linux-buildinfo-5.4.0-1070-azure - 5.4.0-1070.73 No subscription required linux-image-unsigned-5.4.0-1070-azure-fde - 5.4.0-1070.73+cvm1.1 linux-image-5.4.0-1070-azure-fde - 5.4.0-1070.73+cvm1.1 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1015.16 linux-headers-ibm-lts-20.04 - 5.4.0.1015.16 linux-tools-ibm - 5.4.0.1015.16 linux-modules-extra-ibm - 5.4.0.1015.16 linux-image-ibm-lts-20.04 - 5.4.0.1015.16 linux-ibm-lts-20.04 - 5.4.0.1015.16 linux-image-ibm - 5.4.0.1015.16 linux-ibm - 5.4.0.1015.16 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1015.16 linux-headers-ibm - 5.4.0.1015.16 No subscription required linux-image-bluefield - 5.4.0.1028.29 linux-bluefield - 5.4.0.1028.29 linux-headers-bluefield - 5.4.0.1028.29 linux-tools-bluefield - 5.4.0.1028.29 No subscription required linux-headers-gkeop - 5.4.0.1034.37 linux-cloud-tools-gkeop-5.4 - 5.4.0.1034.37 linux-image-gkeop - 5.4.0.1034.37 linux-gkeop-5.4 - 5.4.0.1034.37 linux-gkeop - 5.4.0.1034.37 linux-image-gkeop-5.4 - 5.4.0.1034.37 linux-modules-extra-gkeop - 5.4.0.1034.37 linux-cloud-tools-gkeop - 5.4.0.1034.37 linux-headers-gkeop-5.4 - 5.4.0.1034.37 linux-modules-extra-gkeop-5.4 - 5.4.0.1034.37 linux-tools-gkeop - 5.4.0.1034.37 linux-tools-gkeop-5.4 - 5.4.0.1034.37 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1053.87 linux-headers-raspi2 - 5.4.0.1053.87 linux-image-raspi-hwe-18.04 - 5.4.0.1053.87 linux-image-raspi2-hwe-18.04 - 5.4.0.1053.87 linux-tools-raspi - 5.4.0.1053.87 linux-headers-raspi2-hwe-18.04 - 5.4.0.1053.87 linux-headers-raspi-hwe-18.04 - 5.4.0.1053.87 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1053.87 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1053.87 linux-headers-raspi - 5.4.0.1053.87 linux-raspi2-hwe-18.04-edge - 5.4.0.1053.87 linux-raspi-hwe-18.04 - 5.4.0.1053.87 linux-tools-raspi2-hwe-18.04 - 5.4.0.1053.87 linux-raspi2-hwe-18.04 - 5.4.0.1053.87 linux-image-raspi-hwe-18.04-edge - 5.4.0.1053.87 linux-image-raspi2 - 5.4.0.1053.87 linux-tools-raspi-hwe-18.04 - 5.4.0.1053.87 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1053.87 linux-raspi-hwe-18.04-edge - 5.4.0.1053.87 linux-raspi - 5.4.0.1053.87 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1053.87 linux-image-raspi - 5.4.0.1053.87 linux-raspi2 - 5.4.0.1053.87 linux-tools-raspi2 - 5.4.0.1053.87 No subscription required linux-kvm - 5.4.0.1056.55 linux-headers-kvm - 5.4.0.1056.55 linux-image-kvm - 5.4.0.1056.55 linux-tools-kvm - 5.4.0.1056.55 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1064.64 linux-headers-oracle-lts-20.04 - 5.4.0.1064.64 linux-oracle-lts-20.04 - 5.4.0.1064.64 linux-image-oracle-lts-20.04 - 5.4.0.1064.64 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1065.75 linux-gcp-lts-20.04 - 5.4.0.1065.75 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1065.75 linux-headers-gcp-lts-20.04 - 5.4.0.1065.75 linux-image-gcp-lts-20.04 - 5.4.0.1065.75 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1066.68 linux-tools-aws-lts-20.04 - 5.4.0.1066.68 linux-image-aws-lts-20.04 - 5.4.0.1066.68 linux-headers-aws-lts-20.04 - 5.4.0.1066.68 linux-aws-lts-20.04 - 5.4.0.1066.68 No subscription required linux-azure-lts-20.04 - 5.4.0.1070.68 linux-image-azure-lts-20.04 - 5.4.0.1070.68 linux-modules-extra-azure-lts-20.04 - 5.4.0.1070.68 linux-tools-azure-lts-20.04 - 5.4.0.1070.68 linux-headers-azure-lts-20.04 - 5.4.0.1070.68 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1070.68 No subscription required linux-tools-azure-fde - 5.4.0.1070.73+cvm1.16 linux-azure-fde - 5.4.0.1070.73+cvm1.16 linux-image-azure-fde - 5.4.0.1070.73+cvm1.16 linux-cloud-tools-azure-fde - 5.4.0.1070.73+cvm1.16 linux-modules-extra-azure-fde - 5.4.0.1070.73+cvm1.16 linux-headers-azure-fde - 5.4.0.1070.73+cvm1.16 No subscription required Medium CVE-2021-22600 CVE-2021-39685 CVE-2021-4083 CVE-2021-4155 CVE-2021-4202 CVE-2021-43975 CVE-2022-0330 CVE-2022-22942 Ubuntu 20.04 LTS It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-22600) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5295-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 linux-hwe-5.13-cloud-tools-common - 5.13.0-30.33~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-30 - 5.13.0-30.33~20.04.1 linux-headers-5.13.0-30-generic-64k - 5.13.0-30.33~20.04.1 linux-image-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 linux-modules-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-hwe-5.13-headers-5.13.0-30 - 5.13.0-30.33~20.04.1 linux-headers-5.13.0-30-generic-lpae - 5.13.0-30.33~20.04.1 linux-image-unsigned-5.13.0-30-generic-64k - 5.13.0-30.33~20.04.1 linux-image-5.13.0-30-generic-lpae - 5.13.0-30.33~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-30.33~20.04.1 linux-tools-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-hwe-5.13-tools-5.13.0-30 - 5.13.0-30.33~20.04.1 linux-image-unsigned-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-30.33~20.04.1 linux-tools-5.13.0-30-generic-lpae - 5.13.0-30.33~20.04.1 linux-modules-extra-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-buildinfo-5.13.0-30-generic-64k - 5.13.0-30.33~20.04.1 linux-buildinfo-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 linux-image-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-image-5.13.0-30-generic-64k - 5.13.0-30.33~20.04.1 linux-modules-5.13.0-30-generic-64k - 5.13.0-30.33~20.04.1 linux-headers-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-30.33~20.04.1 linux-buildinfo-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-cloud-tools-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 linux-buildinfo-5.13.0-30-generic-lpae - 5.13.0-30.33~20.04.1 linux-tools-5.13.0-30-generic-64k - 5.13.0-30.33~20.04.1 linux-modules-5.13.0-30-generic-lpae - 5.13.0-30.33~20.04.1 linux-modules-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 linux-cloud-tools-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-headers-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-image-unsigned-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-headers-generic-64k-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-image-generic-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-image-generic-lpae-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-generic-lpae-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-tools-virtual-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-headers-lowlatency-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-tools-generic-64k-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-lowlatency-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-headers-generic-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-image-virtual-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-generic-64k-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-image-generic-64k-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-tools-lowlatency-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-headers-virtual-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-generic-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-image-extra-virtual-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-image-lowlatency-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-tools-generic-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-virtual-hwe-20.04 - 5.13.0.30.33~20.04.17 No subscription required Medium CVE-2021-22600 CVE-2021-4083 CVE-2021-4155 CVE-2022-0330 CVE-2022-22942 Ubuntu 20.04 LTS It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-22600) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5295-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-modules-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-buildinfo-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-headers-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-cloud-tools-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-aws-5.13-tools-5.13.0-1014 - 5.13.0-1014.15~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1014 - 5.13.0-1014.15~20.04.1 linux-aws-5.13-headers-5.13.0-1014 - 5.13.0-1014.15~20.04.1 linux-modules-extra-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-tools-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-image-unsigned-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 No subscription required linux-oracle-5.13-headers-5.13.0-1018 - 5.13.0-1018.22~20.04.1 linux-image-unsigned-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 linux-oracle-5.13-tools-5.13.0-1018 - 5.13.0-1018.22~20.04.1 linux-image-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 linux-tools-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 linux-modules-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 linux-headers-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 linux-buildinfo-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 linux-modules-extra-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 No subscription required linux-modules-extra-aws - 5.13.0.1014.15~20.04.7 linux-modules-extra-aws-edge - 5.13.0.1014.15~20.04.7 linux-tools-aws - 5.13.0.1014.15~20.04.7 linux-tools-aws-edge - 5.13.0.1014.15~20.04.7 linux-image-aws-edge - 5.13.0.1014.15~20.04.7 linux-headers-aws-edge - 5.13.0.1014.15~20.04.7 linux-aws-edge - 5.13.0.1014.15~20.04.7 linux-aws - 5.13.0.1014.15~20.04.7 linux-headers-aws - 5.13.0.1014.15~20.04.7 linux-image-aws - 5.13.0.1014.15~20.04.7 No subscription required linux-headers-oracle - 5.13.0.1018.22~20.04.1 linux-headers-oracle-edge - 5.13.0.1018.22~20.04.1 linux-image-oracle - 5.13.0.1018.22~20.04.1 linux-tools-oracle - 5.13.0.1018.22~20.04.1 linux-tools-oracle-edge - 5.13.0.1018.22~20.04.1 linux-oracle-edge - 5.13.0.1018.22~20.04.1 linux-image-oracle-edge - 5.13.0.1018.22~20.04.1 linux-oracle - 5.13.0.1018.22~20.04.1 No subscription required Medium CVE-2021-22600 CVE-2021-4083 CVE-2021-4155 CVE-2022-0330 CVE-2022-22942 Ubuntu 20.04 LTS Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39685) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) Lin Ma discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4202) Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43975) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5297-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1063-gke - 5.4.0-1063.66 linux-buildinfo-5.4.0-1063-gke - 5.4.0-1063.66 linux-image-5.4.0-1063-gke - 5.4.0-1063.66 linux-tools-5.4.0-1063-gke - 5.4.0-1063.66 linux-headers-5.4.0-1063-gke - 5.4.0-1063.66 linux-gke-headers-5.4.0-1063 - 5.4.0-1063.66 linux-modules-5.4.0-1063-gke - 5.4.0-1063.66 linux-image-unsigned-5.4.0-1063-gke - 5.4.0-1063.66 linux-gke-tools-5.4.0-1063 - 5.4.0-1063.66 No subscription required linux-modules-extra-gke - 5.4.0.1063.73 linux-image-gke - 5.4.0.1063.73 linux-gke-5.4 - 5.4.0.1063.73 linux-headers-gke-5.4 - 5.4.0.1063.73 linux-image-gke-5.4 - 5.4.0.1063.73 linux-tools-gke-5.4 - 5.4.0.1063.73 linux-modules-extra-gke-5.4 - 5.4.0.1063.73 linux-headers-gke - 5.4.0.1063.73 linux-gke - 5.4.0.1063.73 linux-tools-gke - 5.4.0.1063.73 No subscription required Medium CVE-2021-39685 CVE-2021-4083 CVE-2021-4155 CVE-2021-4202 CVE-2021-43975 CVE-2022-0330 CVE-2022-22942 Ubuntu 20.04 LTS USN-5300-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. (CVE-2015-9253, CVE-2017-8923, CVE-2017-9118, CVE-2017-9120) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly obtain sensitive information. (CVE-2017-9119) It was discovered that PHP incorrectly handled certain scripts with XML parsing functions. An attacker could possibly use this issue to obtain sensitive information. (CVE-2021-21707) Update Instructions: Run `sudo pro fix USN-5300-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.10 php7.4-readline - 7.4.3-4ubuntu2.10 php7.4-dba - 7.4.3-4ubuntu2.10 php7.4-common - 7.4.3-4ubuntu2.10 php7.4-xmlrpc - 7.4.3-4ubuntu2.10 php7.4-intl - 7.4.3-4ubuntu2.10 php7.4-phpdbg - 7.4.3-4ubuntu2.10 php7.4-ldap - 7.4.3-4ubuntu2.10 php7.4-sybase - 7.4.3-4ubuntu2.10 php7.4-xsl - 7.4.3-4ubuntu2.10 php7.4-pgsql - 7.4.3-4ubuntu2.10 php7.4-pspell - 7.4.3-4ubuntu2.10 php7.4-zip - 7.4.3-4ubuntu2.10 php7.4-curl - 7.4.3-4ubuntu2.10 php7.4-odbc - 7.4.3-4ubuntu2.10 php7.4-json - 7.4.3-4ubuntu2.10 php7.4-mbstring - 7.4.3-4ubuntu2.10 php7.4-imap - 7.4.3-4ubuntu2.10 php7.4-bz2 - 7.4.3-4ubuntu2.10 php7.4-cgi - 7.4.3-4ubuntu2.10 php7.4 - 7.4.3-4ubuntu2.10 php7.4-bcmath - 7.4.3-4ubuntu2.10 php7.4-dev - 7.4.3-4ubuntu2.10 php7.4-interbase - 7.4.3-4ubuntu2.10 php7.4-tidy - 7.4.3-4ubuntu2.10 php7.4-gmp - 7.4.3-4ubuntu2.10 php7.4-sqlite3 - 7.4.3-4ubuntu2.10 php7.4-enchant - 7.4.3-4ubuntu2.10 php7.4-fpm - 7.4.3-4ubuntu2.10 php7.4-soap - 7.4.3-4ubuntu2.10 php7.4-cli - 7.4.3-4ubuntu2.10 libphp7.4-embed - 7.4.3-4ubuntu2.10 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.10 php7.4-mysql - 7.4.3-4ubuntu2.10 php7.4-snmp - 7.4.3-4ubuntu2.10 php7.4-xml - 7.4.3-4ubuntu2.10 php7.4-opcache - 7.4.3-4ubuntu2.10 No subscription required Medium CVE-2017-8923 CVE-2017-9118 CVE-2017-9119 CVE-2017-9120 CVE-2021-21707 Ubuntu 20.04 LTS It was discovered that the Cyrus SASL SQL plugin incorrectly handled SQL input. A remote attacker could use this issue to execute arbitrary SQL commands. Update Instructions: Run `sudo pro fix USN-5301-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsasl2-2 - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules-gssapi-heimdal - 2.1.27+dfsg-2ubuntu0.1 sasl2-bin - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules-db - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules-gssapi-mit - 2.1.27+dfsg-2ubuntu0.1 libsasl2-dev - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules-sql - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules-otp - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules-ldap - 2.1.27+dfsg-2ubuntu0.1 cyrus-sasl2-doc - 2.1.27+dfsg-2ubuntu0.1 No subscription required High CVE-2022-24407 Ubuntu 20.04 LTS Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. (CVE-2022-0492) Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-43976) Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. (CVE-2022-0435) Lyu Tao discovered that the NFS implementation in the Linux kernel did not properly handle requests to open a directory on a regular file. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-24448) It was discovered that the YAM AX.25 device driver in the Linux kernel did not properly deallocate memory in some error conditions. A local privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2022-24959) Update Instructions: Run `sudo pro fix USN-5302-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.14.0-1024-oem - 5.14.0-1024.26 linux-image-unsigned-5.14.0-1024-oem - 5.14.0-1024.26 linux-image-5.14.0-1024-oem - 5.14.0-1024.26 linux-tools-5.14.0-1024-oem - 5.14.0-1024.26 linux-headers-5.14.0-1024-oem - 5.14.0-1024.26 linux-oem-5.14-tools-5.14.0-1024 - 5.14.0-1024.26 linux-modules-5.14.0-1024-oem - 5.14.0-1024.26 linux-oem-5.14-headers-5.14.0-1024 - 5.14.0-1024.26 linux-oem-5.14-tools-host - 5.14.0-1024.26 No subscription required linux-image-oem-20.04c - 5.14.0.1024.22 linux-image-oem-20.04b - 5.14.0.1024.22 linux-image-oem-20.04d - 5.14.0.1024.22 linux-tools-oem-20.04d - 5.14.0.1024.22 linux-tools-oem-20.04c - 5.14.0.1024.22 linux-tools-oem-20.04b - 5.14.0.1024.22 linux-oem-20.04 - 5.14.0.1024.22 linux-image-oem-20.04 - 5.14.0.1024.22 linux-oem-20.04c - 5.14.0.1024.22 linux-oem-20.04d - 5.14.0.1024.22 linux-oem-20.04b - 5.14.0.1024.22 linux-headers-oem-20.04 - 5.14.0.1024.22 linux-headers-oem-20.04b - 5.14.0.1024.22 linux-headers-oem-20.04c - 5.14.0.1024.22 linux-headers-oem-20.04d - 5.14.0.1024.22 linux-tools-oem-20.04 - 5.14.0.1024.22 No subscription required High CVE-2021-43976 CVE-2021-44879 CVE-2022-0435 CVE-2022-0492 CVE-2022-24448 CVE-2022-24959 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5303-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.9 php7.4-readline - 7.4.3-4ubuntu2.9 php7.4-dba - 7.4.3-4ubuntu2.9 php7.4-common - 7.4.3-4ubuntu2.9 php7.4-xmlrpc - 7.4.3-4ubuntu2.9 php7.4-intl - 7.4.3-4ubuntu2.9 php7.4-phpdbg - 7.4.3-4ubuntu2.9 php7.4-ldap - 7.4.3-4ubuntu2.9 php7.4-soap - 7.4.3-4ubuntu2.9 php7.4-xsl - 7.4.3-4ubuntu2.9 php7.4-pgsql - 7.4.3-4ubuntu2.9 php7.4-pspell - 7.4.3-4ubuntu2.9 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.9 php7.4-zip - 7.4.3-4ubuntu2.9 php7.4-curl - 7.4.3-4ubuntu2.9 php7.4-odbc - 7.4.3-4ubuntu2.9 php7.4-json - 7.4.3-4ubuntu2.9 php7.4-mbstring - 7.4.3-4ubuntu2.9 php7.4-imap - 7.4.3-4ubuntu2.9 php7.4-bz2 - 7.4.3-4ubuntu2.9 php7.4-cgi - 7.4.3-4ubuntu2.9 php7.4 - 7.4.3-4ubuntu2.9 php7.4-bcmath - 7.4.3-4ubuntu2.9 php7.4-dev - 7.4.3-4ubuntu2.9 php7.4-interbase - 7.4.3-4ubuntu2.9 php7.4-tidy - 7.4.3-4ubuntu2.9 php7.4-gmp - 7.4.3-4ubuntu2.9 php7.4-sqlite3 - 7.4.3-4ubuntu2.9 php7.4-fpm - 7.4.3-4ubuntu2.9 php7.4-sybase - 7.4.3-4ubuntu2.9 php7.4-cli - 7.4.3-4ubuntu2.9 libphp7.4-embed - 7.4.3-4ubuntu2.9 php7.4-enchant - 7.4.3-4ubuntu2.9 php7.4-mysql - 7.4.3-4ubuntu2.9 php7.4-snmp - 7.4.3-4ubuntu2.9 php7.4-xml - 7.4.3-4ubuntu2.9 php7.4-opcache - 7.4.3-4ubuntu2.9 No subscription required Medium CVE-2021-21708 Ubuntu 20.04 LTS Kevin Backhouse discovered that PolicyKit incorrectly handled file descriptors. A local attacker could possibly use this issue to cause PolicyKit to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5304-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: policykit-1-doc - 0.105-26ubuntu1.3 libpolkit-gobject-1-dev - 0.105-26ubuntu1.3 libpolkit-agent-1-0 - 0.105-26ubuntu1.3 libpolkit-agent-1-dev - 0.105-26ubuntu1.3 policykit-1 - 0.105-26ubuntu1.3 gir1.2-polkit-1.0 - 0.105-26ubuntu1.3 libpolkit-gobject-1-0 - 0.105-26ubuntu1.3 No subscription required Medium CVE-2021-4115 Ubuntu 20.04 LTS Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.34 in Ubuntu 20.04 LTS and to 10.5.15 in Ubuntu 21.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Update Instructions: Run `sudo pro fix USN-5305-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.34-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.34-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.34-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.34-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.34-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.34-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.34-0ubuntu0.20.04.1 mariadb-client - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.34-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.34-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.34-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.34-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.34-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.34-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.34-0ubuntu0.20.04.1 mariadb-server - 1:10.3.34-0ubuntu0.20.04.1 mariadb-common - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.34-0ubuntu0.20.04.1 mariadb-test - 1:10.3.34-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-46659 CVE-2021-46661 CVE-2021-46663 CVE-2021-46664 CVE-2021-46665 CVE-2021-46668 CVE-2022-24048 CVE-2022-24050 CVE-2022-24051 CVE-2022-24052 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5306-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.34.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.34.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.34.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.34.6-0ubuntu0.20.04.1 webkit2gtk-driver - 2.34.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.34.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.34.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.34.6-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.34.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.34.6-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-22589 CVE-2022-22590 CVE-2022-22592 Ubuntu 20.04 LTS Gaoning Pan discovered that QEMU incorrectly handled the floppy disk emulator. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-20196) Gaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly handled certain values. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-20203) It was discovered that the QEMU vhost-user GPU device contained several security issues. An attacker inside the guest could use these issues to cause QEMU to crash, resulting in a denial of service, leak sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 21.10. (CVE-2021-3544, CVE-2021-3545, CVE-2021-3546) It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3682) It was discovered that the QEMU UAS device emulation incorrectly handled certain stream numbers. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 21.10. (CVE-2021-3713) It was discovered that the QEMU virtio-net device incorrectly handled certain buffer addresses. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3748) It was discovered that the QEMU SCSI device emulation incorrectly handled certain MODE SELECT commands. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-3930) It was discovered that the QEMU ACPI logic incorrectly handled certain values. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 21.10. (CVE-2021-4158) Jietao Xiao, Jinku Li, Wenbo Shen, and Nanzi Yang discovered that the QEMU virtiofsd device incorrectly handled permissions when creating files. An attacker inside the guest could use this issue to create files inside the directory shared by virtiofs with unintended permissions, possibly allowing privilege escalation. This issue only affected Ubuntu 21.10. (CVE-2022-0358) Update Instructions: Run `sudo pro fix USN-5307-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.21 qemu-system-common - 1:4.2-3ubuntu6.21 qemu-user-static - 1:4.2-3ubuntu6.21 qemu-system-misc - 1:4.2-3ubuntu6.21 qemu-block-extra - 1:4.2-3ubuntu6.21 qemu-system-s390x - 1:4.2-3ubuntu6.21 qemu-user - 1:4.2-3ubuntu6.21 qemu-system-sparc - 1:4.2-3ubuntu6.21 qemu-guest-agent - 1:4.2-3ubuntu6.21 qemu-system - 1:4.2-3ubuntu6.21 qemu-utils - 1:4.2-3ubuntu6.21 qemu-system-data - 1:4.2-3ubuntu6.21 qemu-kvm - 1:4.2-3ubuntu6.21 qemu-user-binfmt - 1:4.2-3ubuntu6.21 qemu-system-x86 - 1:4.2-3ubuntu6.21 qemu-system-arm - 1:4.2-3ubuntu6.21 qemu-system-gui - 1:4.2-3ubuntu6.21 qemu - 1:4.2-3ubuntu6.21 qemu-system-ppc - 1:4.2-3ubuntu6.21 qemu-system-mips - 1:4.2-3ubuntu6.21 qemu-system-x86-xen - 1:4.2-3ubuntu6.21 No subscription required Medium CVE-2021-20196 CVE-2021-20203 CVE-2021-3544 CVE-2021-3545 CVE-2021-3546 CVE-2021-3682 CVE-2021-3713 CVE-2021-3748 CVE-2021-3930 CVE-2021-4158 CVE-2022-0358 Ubuntu 20.04 LTS It was discovered that virglrenderer incorrectly handled memory. An attacker inside a guest could use this issue to cause virglrenderer to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-0135) It was discovered that virglrenderer incorrectly initialized memory. An attacker inside a guest could possibly use this issue to obtain sensitive host information. (CVE-2022-0175) Update Instructions: Run `sudo pro fix USN-5309-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvirglrenderer1 - 0.8.2-1ubuntu1.1 virgl-server - 0.8.2-1ubuntu1.1 libvirglrenderer-dev - 0.8.2-1ubuntu1.1 No subscription required Medium CVE-2022-0135 CVE-2022-0175 Ubuntu 20.04 LTS Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2016-10228, CVE-2019-25013, CVE-2020-27618, CVE-2020-29562, CVE-2021-3326) Jason Royes and Samuel Dytrych discovered that the GNU C Library incorrectly handled signed comparisons on ARMv7 targets. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-6096) It was discovered that the GNU C Library nscd daemon incorrectly handled certain netgroup lookups. An attacker could possibly use this issue to cause the GNU C Library to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-27645) It was discovered that the GNU C Library wordexp function incorrectly handled certain patterns. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-35942) It was discovered that the GNU C Library realpath function incorrectly handled return values. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 21.10. (CVE-2021-3998) It was discovered that the GNU C library getcwd function incorrectly handled buffers. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3999) It was discovered that the GNU C Library sunrpc module incorrectly handled buffer lengths. An attacker could possibly use this issue to cause the GNU C Library to crash, resulting in a denial of service. (CVE-2022-23218, CVE-2022-23219) Update Instructions: Run `sudo pro fix USN-5310-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc6-i386 - 2.31-0ubuntu9.7 nscd - 2.31-0ubuntu9.7 libc6-dev-s390 - 2.31-0ubuntu9.7 glibc-source - 2.31-0ubuntu9.7 libc-bin - 2.31-0ubuntu9.7 libc6-x32 - 2.31-0ubuntu9.7 libc6-s390 - 2.31-0ubuntu9.7 libc6-armel - 2.31-0ubuntu9.7 libc6-pic - 2.31-0ubuntu9.7 libc6-dev-armel - 2.31-0ubuntu9.7 glibc-doc - 2.31-0ubuntu9.7 libc6-dev - 2.31-0ubuntu9.7 libc6-amd64 - 2.31-0ubuntu9.7 libc6-dev-amd64 - 2.31-0ubuntu9.7 libc6 - 2.31-0ubuntu9.7 locales-all - 2.31-0ubuntu9.7 libc6-dev-x32 - 2.31-0ubuntu9.7 locales - 2.31-0ubuntu9.7 libc6-lse - 2.31-0ubuntu9.7 libc6-dev-i386 - 2.31-0ubuntu9.7 libc-dev-bin - 2.31-0ubuntu9.7 libc6-prof - 2.31-0ubuntu9.7 No subscription required Medium CVE-2016-10228 CVE-2019-25013 CVE-2020-27618 CVE-2020-29562 CVE-2020-6096 CVE-2021-27645 CVE-2021-3326 CVE-2021-35942 CVE-2021-3998 CVE-2021-3999 CVE-2022-23218 CVE-2022-23219 Ubuntu 20.04 LTS It was discovered that containerd allows attackers to gain access to read- only copies of arbitrary files and directories on the host via a specially- crafted image configuration. An attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5311-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.5.5-0ubuntu3~20.04.2 golang-github-containerd-containerd-dev - 1.5.5-0ubuntu3~20.04.2 No subscription required Medium CVE-2022-23648 Ubuntu 20.04 LTS USN-5311-1 released updates for contained. Unfortunately, a subsequent update reverted the fix for this CVE by mistake. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that containerd allows attackers to gain access to read- only copies of arbitrary files and directories on the host via a specially- crafted image configuration. An attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5311-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.5.9-0ubuntu1~20.04.4 golang-github-containerd-containerd-dev - 1.5.9-0ubuntu1~20.04.4 No subscription required Medium CVE-2022-23648 Ubuntu 20.04 LTS It was discovered that HAProxy incorrectly handled certain headers. A remote attacker could possibly use this issue to cause HAProxy to stop responding, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5312-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.13-2ubuntu0.5 haproxy-doc - 2.0.13-2ubuntu0.5 vim-haproxy - 2.0.13-2ubuntu0.5 No subscription required Medium CVE-2022-0711 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly handled deserialization filters. An attacker could possibly use this issue to insert, delete or obtain sensitive information. (CVE-2022-21248) It was discovered that OpenJDK incorrectly read uncompressed TIFF files. An attacker could possibly use this issue to cause a denial of service via a specially crafted TIFF file. (CVE-2022-21277) Jonni Passki discovered that OpenJDK incorrectly verified access restrictions when performing URI resolution. An attacker could possibly use this issue to obtain sensitive information. (CVE-2022-21282) It was discovered that OpenJDK incorrectly handled certain regular expressions in the Pattern class implementation. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21283) It was discovered that OpenJDK incorrectly handled specially crafted Java class files. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21291) Markus Loewe discovered that OpenJDK incorrectly validated attributes during object deserialization. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21293, CVE-2022-21294) Dan Rabe discovered that OpenJDK incorrectly verified access permissions in the JAXP component. An attacker could possibly use this to specially craft an XML file to obtain sensitive information. (CVE-2022-21296) It was discovered that OpenJDK incorrectly handled XML entities. An attacker could use this to specially craft an XML file that, when parsed, would possibly cause a denial of service. (CVE-2022-21299) Zhiqiang Zang discovered that OpenJDK incorrectly handled array indexes. An attacker could possibly use this issue to obtain sensitive information. (CVE-2022-21305) It was discovered that OpenJDK incorrectly read very long attributes values in JAR file manifests. An attacker could possibly use this to specially craft JAR file to cause a denial of service. (CVE-2022-21340) It was discovered that OpenJDK incorrectly validated input from serialized streams. An attacker cold possibly use this issue to bypass sandbox restrictions. (CVE-2022-21341) Fabian Meumertzheim discovered that OpenJDK incorrectly handled certain specially crafted BMP or TIFF files. An attacker could possibly use this to cause a denial of service. (CVE-2022-21360, CVE-2022-21366) It was discovered that an integer overflow could be triggered in OpenJDK BMPImageReader class implementation. An attacker could possibly use this to specially craft a BMP file to cause a denial of service. (CVE-2022-21365) Update Instructions: Run `sudo pro fix USN-5313-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.14+9-0ubuntu2~20.04 openjdk-11-doc - 11.0.14+9-0ubuntu2~20.04 openjdk-11-jre-zero - 11.0.14+9-0ubuntu2~20.04 openjdk-11-jre-headless - 11.0.14+9-0ubuntu2~20.04 openjdk-11-jdk - 11.0.14+9-0ubuntu2~20.04 openjdk-11-jdk-headless - 11.0.14+9-0ubuntu2~20.04 openjdk-11-jre - 11.0.14+9-0ubuntu2~20.04 openjdk-11-demo - 11.0.14+9-0ubuntu2~20.04 No subscription required openjdk-17-demo - 17.0.2+8-1~20.04 openjdk-17-jdk - 17.0.2+8-1~20.04 openjdk-17-jre-zero - 17.0.2+8-1~20.04 openjdk-17-jdk-headless - 17.0.2+8-1~20.04 openjdk-17-source - 17.0.2+8-1~20.04 openjdk-17-jre-headless - 17.0.2+8-1~20.04 openjdk-17-jre - 17.0.2+8-1~20.04 openjdk-17-doc - 17.0.2+8-1~20.04 No subscription required Medium CVE-2022-21248 CVE-2022-21277 CVE-2022-21282 CVE-2022-21283 CVE-2022-21291 CVE-2022-21293 CVE-2022-21294 CVE-2022-21296 CVE-2022-21299 CVE-2022-21305 CVE-2022-21340 CVE-2022-21341 CVE-2022-21360 CVE-2022-21365 CVE-2022-21366 Ubuntu 20.04 LTS USN-5313-1 fixed vulnerabilities and added features in OpenJDK. Unfortunately, that update introduced a regression in OpenJDK 11 that could impact interoperability with some popular HTTP/2 servers making it unable to connect to said servers. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that OpenJDK incorrectly handled deserialization filters. An attacker could possibly use this issue to insert, delete or obtain sensitive information. (CVE-2022-21248) It was discovered that OpenJDK incorrectly read uncompressed TIFF files. An attacker could possibly use this issue to cause a denial of service via a specially crafted TIFF file. (CVE-2022-21277) Jonni Passki discovered that OpenJDK incorrectly verified access restrictions when performing URI resolution. An attacker could possibly use this issue to obtain sensitive information. (CVE-2022-21282) It was discovered that OpenJDK incorrectly handled certain regular expressions in the Pattern class implementation. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21283) It was discovered that OpenJDK incorrectly handled specially crafted Java class files. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21291) Markus Loewe discovered that OpenJDK incorrectly validated attributes during object deserialization. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21293, CVE-2022-21294) Dan Rabe discovered that OpenJDK incorrectly verified access permissions in the JAXP component. An attacker could possibly use this to specially craft an XML file to obtain sensitive information. (CVE-2022-21296) It was discovered that OpenJDK incorrectly handled XML entities. An attacker could use this to specially craft an XML file that, when parsed, would possibly cause a denial of service. (CVE-2022-21299) Zhiqiang Zang discovered that OpenJDK incorrectly handled array indexes. An attacker could possibly use this issue to obtain sensitive information. (CVE-2022-21305) It was discovered that OpenJDK incorrectly read very long attributes values in JAR file manifests. An attacker could possibly use this to specially craft JAR file to cause a denial of service. (CVE-2022-21340) It was discovered that OpenJDK incorrectly validated input from serialized streams. An attacker cold possibly use this issue to bypass sandbox restrictions. (CVE-2022-21341) Fabian Meumertzheim discovered that OpenJDK incorrectly handled certain specially crafted BMP or TIFF files. An attacker could possibly use this to cause a denial of service. (CVE-2022-21360, CVE-2022-21366) It was discovered that an integer overflow could be triggered in OpenJDK BMPImageReader class implementation. An attacker could possibly use this to specially craft a BMP file to cause a denial of service. (CVE-2022-21365) Update Instructions: Run `sudo pro fix USN-5313-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-doc - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-jdk - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-jre - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-demo - 11.0.14.1+1-0ubuntu1~20.04 No subscription required None https://launchpad.net/bugs/1966338 Ubuntu 20.04 LTS A use-after-free was discovered when removing an XSLT parameter in some circumstances. If a user were tricked into opening a specially crafted website, an attacker could exploit this to cause a denial of service, or execute arbitrary code. (CVE-2022-26485) A use-after-free was discovered in the WebGPU IPC framework. If a user were tricked into opening a specially crafted website, an attacker could exploit this to cause a denial of service, or execute arbitrary code. (CVE-2022-26486) Update Instructions: Run `sudo pro fix USN-5314-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 97.0.2+build1-0ubuntu0.20.04.1 firefox - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 97.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 97.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 97.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 97.0.2+build1-0ubuntu0.20.04.1 No subscription required High CVE-2022-26485 CVE-2022-26486 Ubuntu 20.04 LTS It was discovered that Ansible did not properly manage directory permissions when running playbooks with an unprivileged become user. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-1733) It was discovered that the fix to address CVE-2020-1733 in Ansible was incomplete on systems using ACLs and FUSE filesystems. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-10744) It was discovered that Ansible did not properly manage multi-line YAML strings and special template characters. A local attacker could possibly use this issue to cause a template injection, resulting in the disclosure of sensitive information or other unspecified impact. (CVE-2021-3583) It was discovered that the ansible-connection module in Ansible did not properly manage certain error messages. A local attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. (CVE-2021-3620) Update Instructions: Run `sudo pro fix USN-5315-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ansible - 2.9.6+dfsg-1ubuntu0.1~esm1 ansible-doc - 2.9.6+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-10744 CVE-2020-1733 CVE-2021-3583 CVE-2021-3620 Ubuntu 20.04 LTS Reginaldo Silva discovered that due to a packaging issue, a remote attacker with the ability to execute arbitrary Lua scripts could possibly escape the Lua sandbox and execute arbitrary code on the host. Update Instructions: Run `sudo pro fix USN-5316-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: redis - 5:5.0.7-2ubuntu0.1 redis-server - 5:5.0.7-2ubuntu0.1 redis-sentinel - 5:5.0.7-2ubuntu0.1 redis-tools - 5:5.0.7-2ubuntu0.1 No subscription required Medium CVE-2022-0543 Ubuntu 20.04 LTS Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-25636) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by ARM to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-23960) Max Kellermann discovered that the Linux kernel incorrectly handled Unix pipes. A local attacker could potentially use this to modify any file that could be opened for reading. (CVE-2022-0847) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by Intel to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-0001, CVE-2022-0002) Update Instructions: Run `sudo pro fix USN-5317-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-cloud-tools-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-aws-5.13-headers-5.13.0-1017 - 5.13.0-1017.19~20.04.1 linux-headers-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-image-unsigned-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-image-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-modules-extra-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-aws-5.13-tools-5.13.0-1017 - 5.13.0-1017.19~20.04.1 linux-tools-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1017 - 5.13.0-1017.19~20.04.1 linux-cloud-tools-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-modules-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-buildinfo-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1017 - 5.13.0-1017.19~20.04.1 linux-tools-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-headers-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-azure-5.13-tools-5.13.0-1017 - 5.13.0-1017.19~20.04.1 linux-image-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-buildinfo-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-modules-extra-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-azure-5.13-headers-5.13.0-1017 - 5.13.0-1017.19~20.04.1 linux-image-unsigned-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 No subscription required linux-modules-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 linux-gcp-5.13-headers-5.13.0-1019 - 5.13.0-1019.23~20.04.1 linux-tools-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 linux-buildinfo-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 linux-image-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 linux-headers-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 linux-gcp-5.13-tools-5.13.0-1019 - 5.13.0-1019.23~20.04.1 linux-image-unsigned-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 linux-modules-extra-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 No subscription required linux-oracle-5.13-tools-5.13.0-1021 - 5.13.0-1021.26~20.04.1 linux-image-unsigned-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 linux-headers-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 linux-modules-extra-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 linux-buildinfo-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 linux-tools-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 linux-image-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 linux-oracle-5.13-headers-5.13.0-1021 - 5.13.0-1021.26~20.04.1 linux-modules-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 No subscription required linux-image-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-buildinfo-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-hwe-5.13-cloud-tools-common - 5.13.0-35.40~20.04.1 linux-tools-5.13.0-35-generic-64k - 5.13.0-35.40~20.04.1 linux-headers-5.13.0-35-generic-64k - 5.13.0-35.40~20.04.1 linux-image-unsigned-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-hwe-5.13-headers-5.13.0-35 - 5.13.0-35.40~20.04.1 linux-hwe-5.13-tools-5.13.0-35 - 5.13.0-35.40~20.04.1 linux-modules-5.13.0-35-generic-lpae - 5.13.0-35.40~20.04.1 linux-modules-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-image-unsigned-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-image-unsigned-5.13.0-35-generic-64k - 5.13.0-35.40~20.04.1 linux-buildinfo-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-cloud-tools-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-35.40~20.04.1 linux-headers-5.13.0-35-generic-lpae - 5.13.0-35.40~20.04.1 linux-headers-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-headers-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-tools-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-modules-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-35.40~20.04.1 linux-tools-5.13.0-35-generic-lpae - 5.13.0-35.40~20.04.1 linux-image-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-modules-extra-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-tools-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-35 - 5.13.0-35.40~20.04.1 linux-cloud-tools-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-buildinfo-5.13.0-35-generic-64k - 5.13.0-35.40~20.04.1 linux-buildinfo-5.13.0-35-generic-lpae - 5.13.0-35.40~20.04.1 linux-image-5.13.0-35-generic-64k - 5.13.0-35.40~20.04.1 linux-image-5.13.0-35-generic-lpae - 5.13.0-35.40~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-35.40~20.04.1 linux-modules-5.13.0-35-generic-64k - 5.13.0-35.40~20.04.1 No subscription required linux-headers-aws - 5.13.0.1017.19~20.04.10 linux-image-aws - 5.13.0.1017.19~20.04.10 linux-modules-extra-aws-edge - 5.13.0.1017.19~20.04.10 linux-image-aws-edge - 5.13.0.1017.19~20.04.10 linux-aws-edge - 5.13.0.1017.19~20.04.10 linux-aws - 5.13.0.1017.19~20.04.10 linux-headers-aws-edge - 5.13.0.1017.19~20.04.10 linux-modules-extra-aws - 5.13.0.1017.19~20.04.10 linux-tools-aws - 5.13.0.1017.19~20.04.10 linux-tools-aws-edge - 5.13.0.1017.19~20.04.10 No subscription required linux-tools-azure-edge - 5.13.0.1017.19~20.04.7 linux-cloud-tools-azure - 5.13.0.1017.19~20.04.7 linux-tools-azure - 5.13.0.1017.19~20.04.7 linux-image-azure-edge - 5.13.0.1017.19~20.04.7 linux-cloud-tools-azure-edge - 5.13.0.1017.19~20.04.7 linux-modules-extra-azure - 5.13.0.1017.19~20.04.7 linux-image-azure - 5.13.0.1017.19~20.04.7 linux-headers-azure-edge - 5.13.0.1017.19~20.04.7 linux-modules-extra-azure-edge - 5.13.0.1017.19~20.04.7 linux-azure - 5.13.0.1017.19~20.04.7 linux-azure-edge - 5.13.0.1017.19~20.04.7 linux-headers-azure - 5.13.0.1017.19~20.04.7 No subscription required linux-headers-gcp - 5.13.0.1019.23~20.04.1 linux-image-gcp-edge - 5.13.0.1019.23~20.04.1 linux-tools-gcp-edge - 5.13.0.1019.23~20.04.1 linux-headers-gcp-edge - 5.13.0.1019.23~20.04.1 linux-tools-gcp - 5.13.0.1019.23~20.04.1 linux-modules-extra-gcp-edge - 5.13.0.1019.23~20.04.1 linux-gcp - 5.13.0.1019.23~20.04.1 linux-image-gcp - 5.13.0.1019.23~20.04.1 linux-modules-extra-gcp - 5.13.0.1019.23~20.04.1 linux-gcp-edge - 5.13.0.1019.23~20.04.1 No subscription required linux-headers-oracle - 5.13.0.1021.26~20.04.1 linux-tools-oracle-edge - 5.13.0.1021.26~20.04.1 linux-image-oracle-edge - 5.13.0.1021.26~20.04.1 linux-oracle-edge - 5.13.0.1021.26~20.04.1 linux-headers-oracle-edge - 5.13.0.1021.26~20.04.1 linux-image-oracle - 5.13.0.1021.26~20.04.1 linux-tools-oracle - 5.13.0.1021.26~20.04.1 linux-oracle - 5.13.0.1021.26~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-headers-generic-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-tools-lowlatency-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-lowlatency-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-headers-lowlatency-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-image-extra-virtual-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-image-lowlatency-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-headers-generic-64k-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-generic-lpae-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-virtual-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-generic-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-image-generic-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-tools-generic-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-image-generic-lpae-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-tools-virtual-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-tools-generic-64k-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-generic-64k-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-image-generic-64k-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-image-virtual-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-headers-virtual-hwe-20.04 - 5.13.0.35.40~20.04.20 No subscription required linux-image-5.14.0-1027-oem - 5.14.0-1027.30 linux-oem-5.14-headers-5.14.0-1027 - 5.14.0-1027.30 linux-oem-5.14-tools-host - 5.14.0-1027.30 linux-image-unsigned-5.14.0-1027-oem - 5.14.0-1027.30 linux-buildinfo-5.14.0-1027-oem - 5.14.0-1027.30 linux-tools-5.14.0-1027-oem - 5.14.0-1027.30 linux-headers-5.14.0-1027-oem - 5.14.0-1027.30 linux-modules-5.14.0-1027-oem - 5.14.0-1027.30 linux-oem-5.14-tools-5.14.0-1027 - 5.14.0-1027.30 No subscription required linux-headers-oem-20.04 - 5.14.0.1027.24 linux-tools-oem-20.04d - 5.14.0.1027.24 linux-tools-oem-20.04c - 5.14.0.1027.24 linux-tools-oem-20.04b - 5.14.0.1027.24 linux-image-oem-20.04c - 5.14.0.1027.24 linux-image-oem-20.04b - 5.14.0.1027.24 linux-image-oem-20.04d - 5.14.0.1027.24 linux-oem-20.04 - 5.14.0.1027.24 linux-image-oem-20.04 - 5.14.0.1027.24 linux-oem-20.04d - 5.14.0.1027.24 linux-oem-20.04c - 5.14.0.1027.24 linux-tools-oem-20.04 - 5.14.0.1027.24 linux-oem-20.04b - 5.14.0.1027.24 linux-headers-oem-20.04b - 5.14.0.1027.24 linux-headers-oem-20.04c - 5.14.0.1027.24 linux-headers-oem-20.04d - 5.14.0.1027.24 No subscription required High CVE-2022-0001 CVE-2022-0002 CVE-2022-0847 CVE-2022-23960 CVE-2022-25636 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BHI Ubuntu 20.04 LTS Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-25636) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by ARM to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-23960) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by Intel to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-0001, CVE-2022-0002) Update Instructions: Run `sudo pro fix USN-5318-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1017-ibm - 5.4.0-1017.19 linux-ibm-tools-5.4.0-1017 - 5.4.0-1017.19 linux-buildinfo-5.4.0-1017-ibm - 5.4.0-1017.19 linux-ibm-headers-5.4.0-1017 - 5.4.0-1017.19 linux-ibm-tools-common - 5.4.0-1017.19 linux-modules-extra-5.4.0-1017-ibm - 5.4.0-1017.19 linux-ibm-source-5.4.0 - 5.4.0-1017.19 linux-ibm-cloud-tools-common - 5.4.0-1017.19 linux-modules-5.4.0-1017-ibm - 5.4.0-1017.19 linux-image-5.4.0-1017-ibm - 5.4.0-1017.19 linux-tools-5.4.0-1017-ibm - 5.4.0-1017.19 linux-headers-5.4.0-1017-ibm - 5.4.0-1017.19 No subscription required linux-bluefield-tools-5.4.0-1030 - 5.4.0-1030.33 linux-buildinfo-5.4.0-1030-bluefield - 5.4.0-1030.33 linux-image-5.4.0-1030-bluefield - 5.4.0-1030.33 linux-bluefield-headers-5.4.0-1030 - 5.4.0-1030.33 linux-image-unsigned-5.4.0-1030-bluefield - 5.4.0-1030.33 linux-tools-5.4.0-1030-bluefield - 5.4.0-1030.33 linux-modules-5.4.0-1030-bluefield - 5.4.0-1030.33 linux-headers-5.4.0-1030-bluefield - 5.4.0-1030.33 No subscription required linux-gkeop-headers-5.4.0-1036 - 5.4.0-1036.37 linux-modules-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-gkeop-source-5.4.0 - 5.4.0-1036.37 linux-cloud-tools-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-tools-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-image-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-modules-extra-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-buildinfo-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-gkeop-tools-5.4.0-1036 - 5.4.0-1036.37 linux-gkeop-cloud-tools-5.4.0-1036 - 5.4.0-1036.37 linux-headers-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-image-unsigned-5.4.0-1036-gkeop - 5.4.0-1036.37 No subscription required linux-tools-5.4.0-104-generic - 5.4.0-104.118 linux-tools-common - 5.4.0-104.118 linux-tools-host - 5.4.0-104.118 linux-doc - 5.4.0-104.118 linux-headers-5.4.0-104-generic-lpae - 5.4.0-104.118 linux-buildinfo-5.4.0-104-generic-lpae - 5.4.0-104.118 linux-cloud-tools-5.4.0-104-generic - 5.4.0-104.118 linux-libc-dev - 5.4.0-104.118 linux-source-5.4.0 - 5.4.0-104.118 linux-headers-5.4.0-104-lowlatency - 5.4.0-104.118 linux-modules-5.4.0-104-lowlatency - 5.4.0-104.118 linux-tools-5.4.0-104-lowlatency - 5.4.0-104.118 linux-buildinfo-5.4.0-104-lowlatency - 5.4.0-104.118 linux-modules-5.4.0-104-generic-lpae - 5.4.0-104.118 linux-tools-5.4.0-104-generic-lpae - 5.4.0-104.118 linux-headers-5.4.0-104-generic - 5.4.0-104.118 linux-image-5.4.0-104-generic - 5.4.0-104.118 linux-image-unsigned-5.4.0-104-generic - 5.4.0-104.118 linux-headers-5.4.0-104 - 5.4.0-104.118 linux-image-5.4.0-104-generic-lpae - 5.4.0-104.118 linux-image-5.4.0-104-lowlatency - 5.4.0-104.118 linux-cloud-tools-common - 5.4.0-104.118 linux-image-unsigned-5.4.0-104-lowlatency - 5.4.0-104.118 linux-cloud-tools-5.4.0-104 - 5.4.0-104.118 linux-cloud-tools-5.4.0-104-lowlatency - 5.4.0-104.118 linux-buildinfo-5.4.0-104-generic - 5.4.0-104.118 linux-modules-5.4.0-104-generic - 5.4.0-104.118 linux-modules-extra-5.4.0-104-generic - 5.4.0-104.118 linux-tools-5.4.0-104 - 5.4.0-104.118 No subscription required linux-headers-5.4.0-1055-raspi - 5.4.0-1055.62 linux-tools-5.4.0-1055-raspi - 5.4.0-1055.62 linux-buildinfo-5.4.0-1055-raspi - 5.4.0-1055.62 linux-modules-5.4.0-1055-raspi - 5.4.0-1055.62 linux-raspi-tools-5.4.0-1055 - 5.4.0-1055.62 linux-raspi-headers-5.4.0-1055 - 5.4.0-1055.62 linux-image-5.4.0-1055-raspi - 5.4.0-1055.62 No subscription required linux-image-5.4.0-1058-kvm - 5.4.0-1058.61 linux-image-unsigned-5.4.0-1058-kvm - 5.4.0-1058.61 linux-modules-5.4.0-1058-kvm - 5.4.0-1058.61 linux-kvm-headers-5.4.0-1058 - 5.4.0-1058.61 linux-tools-5.4.0-1058-kvm - 5.4.0-1058.61 linux-kvm-tools-5.4.0-1058 - 5.4.0-1058.61 linux-headers-5.4.0-1058-kvm - 5.4.0-1058.61 linux-buildinfo-5.4.0-1058-kvm - 5.4.0-1058.61 No subscription required linux-buildinfo-5.4.0-1065-gke - 5.4.0-1065.68 linux-modules-5.4.0-1065-gke - 5.4.0-1065.68 linux-modules-extra-5.4.0-1065-gke - 5.4.0-1065.68 linux-gke-headers-5.4.0-1065 - 5.4.0-1065.68 linux-image-unsigned-5.4.0-1065-gke - 5.4.0-1065.68 linux-image-5.4.0-1065-gke - 5.4.0-1065.68 linux-tools-5.4.0-1065-gke - 5.4.0-1065.68 linux-headers-5.4.0-1065-gke - 5.4.0-1065.68 linux-gke-tools-5.4.0-1065 - 5.4.0-1065.68 No subscription required linux-oracle-tools-5.4.0-1066 - 5.4.0-1066.71 linux-tools-5.4.0-1066-oracle - 5.4.0-1066.71 linux-oracle-headers-5.4.0-1066 - 5.4.0-1066.71 linux-modules-5.4.0-1066-oracle - 5.4.0-1066.71 linux-image-unsigned-5.4.0-1066-oracle - 5.4.0-1066.71 linux-buildinfo-5.4.0-1066-oracle - 5.4.0-1066.71 linux-image-5.4.0-1066-oracle - 5.4.0-1066.71 linux-headers-5.4.0-1066-oracle - 5.4.0-1066.71 linux-modules-extra-5.4.0-1066-oracle - 5.4.0-1066.71 No subscription required linux-gcp-tools-5.4.0-1067 - 5.4.0-1067.71 linux-modules-extra-5.4.0-1067-gcp - 5.4.0-1067.71 linux-modules-5.4.0-1067-gcp - 5.4.0-1067.71 linux-headers-5.4.0-1067-gcp - 5.4.0-1067.71 linux-image-5.4.0-1067-gcp - 5.4.0-1067.71 linux-tools-5.4.0-1067-gcp - 5.4.0-1067.71 linux-buildinfo-5.4.0-1067-gcp - 5.4.0-1067.71 linux-image-unsigned-5.4.0-1067-gcp - 5.4.0-1067.71 linux-gcp-headers-5.4.0-1067 - 5.4.0-1067.71 No subscription required linux-cloud-tools-5.4.0-1068-aws - 5.4.0-1068.72 linux-modules-extra-5.4.0-1068-aws - 5.4.0-1068.72 linux-aws-tools-5.4.0-1068 - 5.4.0-1068.72 linux-modules-5.4.0-1068-aws - 5.4.0-1068.72 linux-aws-headers-5.4.0-1068 - 5.4.0-1068.72 linux-tools-5.4.0-1068-aws - 5.4.0-1068.72 linux-buildinfo-5.4.0-1068-aws - 5.4.0-1068.72 linux-headers-5.4.0-1068-aws - 5.4.0-1068.72 linux-image-5.4.0-1068-aws - 5.4.0-1068.72 linux-aws-cloud-tools-5.4.0-1068 - 5.4.0-1068.72 linux-image-unsigned-5.4.0-1068-aws - 5.4.0-1068.72 No subscription required linux-azure-headers-5.4.0-1072 - 5.4.0-1072.75 linux-headers-5.4.0-1072-azure - 5.4.0-1072.75 linux-image-5.4.0-1072-azure - 5.4.0-1072.75 linux-cloud-tools-5.4.0-1072-azure - 5.4.0-1072.75 linux-image-unsigned-5.4.0-1072-azure - 5.4.0-1072.75 linux-buildinfo-5.4.0-1072-azure - 5.4.0-1072.75 linux-modules-5.4.0-1072-azure - 5.4.0-1072.75 linux-azure-cloud-tools-5.4.0-1072 - 5.4.0-1072.75 linux-modules-extra-5.4.0-1072-azure - 5.4.0-1072.75 linux-tools-5.4.0-1072-azure - 5.4.0-1072.75 linux-azure-tools-5.4.0-1072 - 5.4.0-1072.75 No subscription required linux-image-unsigned-5.4.0-1072-azure-fde - 5.4.0-1072.75+cvm1.1 linux-image-5.4.0-1072-azure-fde - 5.4.0-1072.75+cvm1.1 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1017.17 linux-headers-ibm-lts-20.04 - 5.4.0.1017.17 linux-tools-ibm - 5.4.0.1017.17 linux-image-ibm-lts-20.04 - 5.4.0.1017.17 linux-ibm-lts-20.04 - 5.4.0.1017.17 linux-image-ibm - 5.4.0.1017.17 linux-modules-extra-ibm - 5.4.0.1017.17 linux-ibm - 5.4.0.1017.17 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1017.17 linux-headers-ibm - 5.4.0.1017.17 No subscription required linux-image-bluefield - 5.4.0.1030.31 linux-headers-bluefield - 5.4.0.1030.31 linux-bluefield - 5.4.0.1030.31 linux-tools-bluefield - 5.4.0.1030.31 No subscription required linux-headers-gkeop - 5.4.0.1036.39 linux-cloud-tools-gkeop-5.4 - 5.4.0.1036.39 linux-image-gkeop - 5.4.0.1036.39 linux-gkeop-5.4 - 5.4.0.1036.39 linux-modules-extra-gkeop-5.4 - 5.4.0.1036.39 linux-image-gkeop-5.4 - 5.4.0.1036.39 linux-gkeop - 5.4.0.1036.39 linux-cloud-tools-gkeop - 5.4.0.1036.39 linux-headers-gkeop-5.4 - 5.4.0.1036.39 linux-modules-extra-gkeop - 5.4.0.1036.39 linux-tools-gkeop - 5.4.0.1036.39 linux-tools-gkeop-5.4 - 5.4.0.1036.39 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.104.108 linux-cloud-tools-virtual - 5.4.0.104.108 linux-image-generic-hwe-18.04 - 5.4.0.104.108 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.104.108 linux-headers-generic-lpae - 5.4.0.104.108 linux-image-virtual - 5.4.0.104.108 linux-headers-virtual - 5.4.0.104.108 linux-oem-osp1-tools-host - 5.4.0.104.108 linux-image-generic - 5.4.0.104.108 linux-tools-lowlatency - 5.4.0.104.108 linux-image-oem - 5.4.0.104.108 linux-headers-lowlatency-hwe-18.04 - 5.4.0.104.108 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.104.108 linux-lowlatency-hwe-18.04-edge - 5.4.0.104.108 linux-image-extra-virtual-hwe-18.04 - 5.4.0.104.108 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.104.108 linux-oem - 5.4.0.104.108 linux-image-generic-lpae-hwe-18.04 - 5.4.0.104.108 linux-crashdump - 5.4.0.104.108 linux-tools-lowlatency-hwe-18.04 - 5.4.0.104.108 linux-headers-generic-hwe-18.04 - 5.4.0.104.108 linux-headers-virtual-hwe-18.04-edge - 5.4.0.104.108 linux-source - 5.4.0.104.108 linux-lowlatency - 5.4.0.104.108 linux-tools-virtual-hwe-18.04-edge - 5.4.0.104.108 linux-tools-generic-lpae - 5.4.0.104.108 linux-virtual - 5.4.0.104.108 linux-headers-virtual-hwe-18.04 - 5.4.0.104.108 linux-tools-generic - 5.4.0.104.108 linux-virtual-hwe-18.04 - 5.4.0.104.108 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.104.108 linux-tools-virtual - 5.4.0.104.108 linux-generic-lpae-hwe-18.04-edge - 5.4.0.104.108 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.104.108 linux-generic-lpae - 5.4.0.104.108 linux-headers-oem - 5.4.0.104.108 linux-generic - 5.4.0.104.108 linux-tools-oem-osp1 - 5.4.0.104.108 linux-tools-generic-hwe-18.04-edge - 5.4.0.104.108 linux-image-virtual-hwe-18.04-edge - 5.4.0.104.108 linux-image-virtual-hwe-18.04 - 5.4.0.104.108 linux-headers-lowlatency - 5.4.0.104.108 linux-image-generic-hwe-18.04-edge - 5.4.0.104.108 linux-generic-hwe-18.04-edge - 5.4.0.104.108 linux-tools-generic-hwe-18.04 - 5.4.0.104.108 linux-generic-hwe-18.04 - 5.4.0.104.108 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.104.108 linux-image-extra-virtual - 5.4.0.104.108 linux-cloud-tools-generic - 5.4.0.104.108 linux-image-oem-osp1 - 5.4.0.104.108 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.104.108 linux-cloud-tools-lowlatency - 5.4.0.104.108 linux-tools-oem - 5.4.0.104.108 linux-headers-oem-osp1 - 5.4.0.104.108 linux-generic-lpae-hwe-18.04 - 5.4.0.104.108 linux-headers-generic-hwe-18.04-edge - 5.4.0.104.108 linux-headers-generic - 5.4.0.104.108 linux-oem-osp1 - 5.4.0.104.108 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.104.108 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.104.108 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.104.108 linux-image-lowlatency-hwe-18.04 - 5.4.0.104.108 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.104.108 linux-virtual-hwe-18.04-edge - 5.4.0.104.108 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.104.108 linux-tools-virtual-hwe-18.04 - 5.4.0.104.108 linux-lowlatency-hwe-18.04 - 5.4.0.104.108 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.104.108 linux-image-generic-lpae - 5.4.0.104.108 linux-image-lowlatency - 5.4.0.104.108 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.104.108 linux-oem-tools-host - 5.4.0.104.108 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1055.89 linux-raspi2-hwe-18.04-edge - 5.4.0.1055.89 linux-raspi2 - 5.4.0.1055.89 linux-image-raspi-hwe-18.04 - 5.4.0.1055.89 linux-image-raspi2-hwe-18.04 - 5.4.0.1055.89 linux-tools-raspi - 5.4.0.1055.89 linux-headers-raspi-hwe-18.04 - 5.4.0.1055.89 linux-headers-raspi2-hwe-18.04 - 5.4.0.1055.89 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1055.89 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1055.89 linux-headers-raspi - 5.4.0.1055.89 linux-raspi-hwe-18.04 - 5.4.0.1055.89 linux-tools-raspi2-hwe-18.04 - 5.4.0.1055.89 linux-raspi2-hwe-18.04 - 5.4.0.1055.89 linux-image-raspi-hwe-18.04-edge - 5.4.0.1055.89 linux-image-raspi2 - 5.4.0.1055.89 linux-tools-raspi-hwe-18.04 - 5.4.0.1055.89 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1055.89 linux-raspi-hwe-18.04-edge - 5.4.0.1055.89 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1055.89 linux-image-raspi - 5.4.0.1055.89 linux-tools-raspi2 - 5.4.0.1055.89 linux-raspi - 5.4.0.1055.89 linux-headers-raspi2 - 5.4.0.1055.89 No subscription required linux-kvm - 5.4.0.1058.57 linux-headers-kvm - 5.4.0.1058.57 linux-tools-kvm - 5.4.0.1058.57 linux-image-kvm - 5.4.0.1058.57 No subscription required linux-modules-extra-gke - 5.4.0.1065.75 linux-headers-gke-5.4 - 5.4.0.1065.75 linux-tools-gke-5.4 - 5.4.0.1065.75 linux-modules-extra-gke-5.4 - 5.4.0.1065.75 linux-gke-5.4 - 5.4.0.1065.75 linux-tools-gke - 5.4.0.1065.75 linux-gke - 5.4.0.1065.75 linux-headers-gke - 5.4.0.1065.75 linux-image-gke-5.4 - 5.4.0.1065.75 linux-image-gke - 5.4.0.1065.75 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1066.66 linux-oracle-lts-20.04 - 5.4.0.1066.66 linux-image-oracle-lts-20.04 - 5.4.0.1066.66 linux-tools-oracle-lts-20.04 - 5.4.0.1066.66 No subscription required linux-gcp-lts-20.04 - 5.4.0.1067.76 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1067.76 linux-headers-gcp-lts-20.04 - 5.4.0.1067.76 linux-image-gcp-lts-20.04 - 5.4.0.1067.76 linux-tools-gcp-lts-20.04 - 5.4.0.1067.76 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1068.70 linux-tools-aws-lts-20.04 - 5.4.0.1068.70 linux-image-aws-lts-20.04 - 5.4.0.1068.70 linux-headers-aws-lts-20.04 - 5.4.0.1068.70 linux-aws-lts-20.04 - 5.4.0.1068.70 No subscription required linux-azure-lts-20.04 - 5.4.0.1072.70 linux-image-azure-lts-20.04 - 5.4.0.1072.70 linux-headers-azure-lts-20.04 - 5.4.0.1072.70 linux-modules-extra-azure-lts-20.04 - 5.4.0.1072.70 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1072.70 linux-tools-azure-lts-20.04 - 5.4.0.1072.70 No subscription required linux-tools-azure-fde - 5.4.0.1072.75+cvm1.18 linux-headers-azure-fde - 5.4.0.1072.75+cvm1.18 linux-image-azure-fde - 5.4.0.1072.75+cvm1.18 linux-azure-fde - 5.4.0.1072.75+cvm1.18 linux-cloud-tools-azure-fde - 5.4.0.1072.75+cvm1.18 linux-modules-extra-azure-fde - 5.4.0.1072.75+cvm1.18 No subscription required High CVE-2022-0001 CVE-2022-0002 CVE-2022-23960 CVE-2022-25636 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BHI Ubuntu 20.04 LTS USN-5288-1 fixed several vulnerabilities in Expat. For CVE-2022-25236 it caused a regression and an additional patch was required. This update address this regression and several other vulnerabilities. It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-25313) It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-25314) It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-25315) Original advisory details: It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-25236) Update Instructions: Run `sudo pro fix USN-5320-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: expat - 2.2.9-1ubuntu0.4 libexpat1-dev - 2.2.9-1ubuntu0.4 libexpat1 - 2.2.9-1ubuntu0.4 No subscription required Medium CVE-2022-25313 CVE-2022-25314 CVE-2022-25315 https://launchpad.net/bugs/1963903 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information, or execute arbitrary code. (CVE-2022-0843, CVE-2022-26381, CVE-2022-26382, CVE-2022-26383, CVE-2022-26384, CVE-2022-26385) A TOCTOU bug was discovered when verifying addon signatures during install. A local attacker could potentially exploit this to trick a user into installing an addon with an invalid signature. (CVE-2022-26387) Update Instructions: Run `sudo pro fix USN-5321-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-nn - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ne - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-nb - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-fa - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-fi - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-fr - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-fy - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-or - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-kab - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-oc - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-cs - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ga - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-gd - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-gn - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-gl - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-gu - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-pa - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-pl - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-cy - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-pt - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-szl - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-hi - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ms - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-he - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-hy - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-hr - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-hu - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-it - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-as - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ar - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ia - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-az - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-id - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-mai - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-af - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-is - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-vi - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-an - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-bs - 98.0+build3-0ubuntu0.20.04.2 firefox - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ro - 98.0+build3-0ubuntu0.20.04.2 firefox-geckodriver - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ja - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ru - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-br - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-zh-hant - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-zh-hans - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-bn - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-be - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-bg - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-sl - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-sk - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-si - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-sw - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-sv - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-sr - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-sq - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ko - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-kn - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-km - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-kk - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ka - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-xh - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ca - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ku - 98.0+build3-0ubuntu0.20.04.2 firefox-mozsymbols - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-lv - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-lt - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-th - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-hsb - 98.0+build3-0ubuntu0.20.04.2 firefox-dev - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-te - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-cak - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ta - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-lg - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-tr - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-nso - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-de - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-da - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-uk - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-mr - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-my - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-uz - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ml - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-mn - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-mk - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ur - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-eu - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-et - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-es - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-csb - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-el - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-eo - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-en - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-zu - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ast - 98.0+build3-0ubuntu0.20.04.2 No subscription required Medium CVE-2022-0843 CVE-2022-26381 CVE-2022-26382 CVE-2022-26383 CVE-2022-26384 CVE-2022-26385 CVE-2022-26387 Ubuntu 20.04 LTS USN-5321-1 fixed vulnerabilities in Firefox. The update didn't include arm64 because of a regression. This update provides the corresponding update for arm64. This update also removes Yandex and Mail.ru as optional search providers in the drop-down search menu. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information, or execute arbitrary code. (CVE-2022-0843, CVE-2022-26381, CVE-2022-26382, CVE-2022-26383, CVE-2022-26384, CVE-2022-26385) A TOCTOU bug was discovered when verifying addon signatures during install. A local attacker could potentially exploit this to trick a user into installing an addon with an invalid signature. (CVE-2022-26387) Update Instructions: Run `sudo pro fix USN-5321-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nn - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ne - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nb - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fa - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fi - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fr - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fy - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-or - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kab - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-oc - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cs - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ga - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gd - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gn - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gl - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gu - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pa - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pl - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cy - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pt - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-szl - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hi - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ms - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-he - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hy - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hr - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hu - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-it - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-as - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ar - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ia - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-az - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-id - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mai - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-af - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-is - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-vi - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-an - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bs - 98.0.1+build2-0ubuntu0.20.04.1 firefox - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ro - 98.0.1+build2-0ubuntu0.20.04.1 firefox-geckodriver - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ja - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ru - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-br - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bn - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-be - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bg - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sl - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sk - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-si - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sw - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sv - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sr - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sq - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ko - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kn - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-km - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kk - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ka - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-xh - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ca - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ku - 98.0.1+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lv - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lt - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-th - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 98.0.1+build2-0ubuntu0.20.04.1 firefox-dev - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-te - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cak - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ta - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lg - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-tr - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nso - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-de - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-da - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uk - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mr - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-my - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uz - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ml - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mn - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mk - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ur - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eu - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-et - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-es - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-csb - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-el - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eo - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-en - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zu - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ast - 98.0.1+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-0843 CVE-2022-26381 CVE-2022-26382 CVE-2022-26383 CVE-2022-26384 CVE-2022-26385 CVE-2022-26387 Ubuntu 20.04 LTS USN-5321-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information, or execute arbitrary code. (CVE-2022-0843, CVE-2022-26381, CVE-2022-26382, CVE-2022-26383, CVE-2022-26384, CVE-2022-26385) A TOCTOU bug was discovered when verifying addon signatures during install. A local attacker could potentially exploit this to trick a user into installing an addon with an invalid signature. (CVE-2022-26387) Update Instructions: Run `sudo pro fix USN-5321-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 98.0.2+build1-0ubuntu0.20.04.1 firefox - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 98.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 98.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 98.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 98.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1966306 Ubuntu 20.04 LTS It was discovered that NBD incorrectly handled name length fields. A remote attacker could use this issue to cause NBD to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5323-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nbd-server - 1:3.20-1ubuntu0.1 nbd-client - 1:3.20-1ubuntu0.1 No subscription required Medium CVE-2022-26495 CVE-2022-26496 Ubuntu 20.04 LTS It was discovered that libxml2 incorrectly handled certain XML files. An attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5324-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.2 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.2 libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.2 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.2 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.2 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.2 No subscription required Medium CVE-2022-23308 Ubuntu 20.04 LTS Sam Foxman discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this issue to regain dropped privileges. (CVE-2019-20044) It was discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-45444) Update Instructions: Run `sudo pro fix USN-5325-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: zsh-static - 5.8-3ubuntu1.1 zsh-common - 5.8-3ubuntu1.1 zsh-dev - 5.8-3ubuntu1.1 zsh - 5.8-3ubuntu1.1 zsh-doc - 5.8-3ubuntu1.1 No subscription required Low CVE-2019-20044 CVE-2021-45444 Ubuntu 20.04 LTS Tavis Ormandy discovered that OpenSSL incorrectly parsed certain certificates. A remote attacker could possibly use this issue to cause OpenSSH to stop responding, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5328-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.12 libssl-dev - 1.1.1f-1ubuntu2.12 openssl - 1.1.1f-1ubuntu2.12 libssl-doc - 1.1.1f-1ubuntu2.12 No subscription required High CVE-2022-0778 Ubuntu 20.04 LTS It was discovered that tar incorrectly handled certain files. An attacker could possibly use this issue to cause tar to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5329-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tar-scripts - 1.30+dfsg-7ubuntu0.20.04.2 tar - 1.30+dfsg-7ubuntu0.20.04.2 No subscription required Low CVE-2021-20193 Ubuntu 20.04 LTS It was discovered that LibreOffice incorrectly handled digital signatures. An attacker could possibly use this issue to create a specially crafted document that would display a validly signed indicator, contrary to expectations. Update Instructions: Run `sudo pro fix USN-5330-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.4 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.4 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.4 libreoffice - 1:6.4.7-0ubuntu0.20.04.4 libjuh-java - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.4 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.4 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.4 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.4 libridl-java - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.4 python3-access2base - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.4 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.4 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.4 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.4 libunoil-java - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.4 python3-uno - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.4 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.4 libjurt-java - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.4 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.4 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.4 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.4 ure - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.4 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.4 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.4 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.4 No subscription required Medium CVE-2021-25636 Ubuntu 20.04 LTS USN-5331-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that tcpdump incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2018-16301) It was discovered that tcpdump incorrectly handled certain captured data. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-8037) Update Instructions: Run `sudo pro fix USN-5331-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tcpdump - 4.9.3-4ubuntu0.1 No subscription required Low CVE-2018-16301 CVE-2020-8037 Ubuntu 20.04 LTS Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind incorrectly handled certain bogus NS records when using forwarders. A remote attacker could possibly use this issue to manipulate cache results. (CVE-2021-25220) It was discovered that Bind incorrectly handled certain crafted TCP streams. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. This issue only affected Ubuntu 21.10. (CVE-2022-0396) Update Instructions: Run `sudo pro fix USN-5332-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.10 bind9-libs - 1:9.16.1-0ubuntu2.10 bind9utils - 1:9.16.1-0ubuntu2.10 bind9-doc - 1:9.16.1-0ubuntu2.10 bind9-utils - 1:9.16.1-0ubuntu2.10 bind9 - 1:9.16.1-0ubuntu2.10 bind9-dnsutils - 1:9.16.1-0ubuntu2.10 bind9-host - 1:9.16.1-0ubuntu2.10 No subscription required Medium CVE-2021-25220 CVE-2022-0396 Ubuntu 20.04 LTS Chamal De Silva discovered that the Apache HTTP Server mod_lua module incorrectly handled certain crafted request bodies. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2022-22719) James Kettle discovered that the Apache HTTP Server incorrectly closed inbound connection when certain errors are encountered. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-22720) It was discovered that the Apache HTTP Server incorrectly handled large LimitXMLRequestBody settings on certain platforms. In certain configurations, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-22721) Ronald Crane discovered that the Apache HTTP Server mod_sed module incorrectly handled memory. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-23943) Update Instructions: Run `sudo pro fix USN-5333-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.10 libapache2-mod-md - 2.4.41-4ubuntu3.10 apache2-utils - 2.4.41-4ubuntu3.10 apache2-dev - 2.4.41-4ubuntu3.10 apache2-suexec-pristine - 2.4.41-4ubuntu3.10 apache2-suexec-custom - 2.4.41-4ubuntu3.10 apache2 - 2.4.41-4ubuntu3.10 apache2-doc - 2.4.41-4ubuntu3.10 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.10 apache2-ssl-dev - 2.4.41-4ubuntu3.10 apache2-bin - 2.4.41-4ubuntu3.10 No subscription required Medium CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 Ubuntu 20.04 LTS It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-23222) Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. (CVE-2022-0492) Jürgen Groß discovered that the Xen subsystem within the Linux kernel did not adequately limit the number of events driver domains (unprivileged PV backends) could send to other guest VMs. An attacker in a driver domain could use this to cause a denial of service in other guest VMs. (CVE-2021-28711, CVE-2021-28712, CVE-2021-28713) Jürgen Groß discovered that the Xen network backend driver in the Linux kernel did not adequately limit the amount of queued packets when a guest did not process them. An attacker in a guest VM can use this to cause a denial of service (excessive kernel memory consumption) in the network backend domain. (CVE-2021-28714, CVE-2021-28715) Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39685) It was discovered that a race condition existed in the poll implementation in the Linux kernel, resulting in a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39698) It was discovered that the simulated networking device driver for the Linux kernel did not properly initialize memory in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4135) Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. (CVE-2021-4197) Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43975) It was discovered that the ARM Trusted Execution Environment (TEE) subsystem in the Linux kernel contained a race condition leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-44733) It was discovered that the Phone Network protocol (PhoNet) implementation in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45095) It was discovered that the eBPF verifier in the Linux kernel did not properly perform bounds checking on mov32 operations. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2021-45402) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45480) It was discovered that the BPF subsystem in the Linux kernel did not properly track pointer types on atomic fetch operations in some situations. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2022-0264) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0382) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. (CVE-2022-0435) It was discovered that the KVM implementation for s390 systems in the Linux kernel did not properly prevent memory operations on PVM guests that were in non-protected mode. A local attacker could use this to obtain unauthorized memory write access. (CVE-2022-0516) It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2022-0742) Update Instructions: Run `sudo pro fix USN-5337-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-tools-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-headers-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-image-unsigned-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-aws-5.13-tools-5.13.0-1019 - 5.13.0-1019.21~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1019 - 5.13.0-1019.21~20.04.1 linux-aws-5.13-headers-5.13.0-1019 - 5.13.0-1019.21~20.04.1 linux-buildinfo-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-modules-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-image-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-cloud-tools-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 No subscription required linux-image-unsigned-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 linux-buildinfo-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 linux-modules-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 linux-gcp-5.13-tools-5.13.0-1021 - 5.13.0-1021.25~20.04.1 linux-modules-extra-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 linux-gcp-5.13-headers-5.13.0-1021 - 5.13.0-1021.25~20.04.1 linux-tools-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 linux-headers-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 linux-image-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 No subscription required linux-hwe-5.13-cloud-tools-common - 5.13.0-37.42~20.04.1 linux-image-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-37.42~20.04.1 linux-headers-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 linux-cloud-tools-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 linux-modules-extra-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-tools-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-headers-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-image-5.13.0-37-generic-lpae - 5.13.0-37.42~20.04.1 linux-modules-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-hwe-5.13-headers-5.13.0-37 - 5.13.0-37.42~20.04.1 linux-hwe-5.13-tools-5.13.0-37 - 5.13.0-37.42~20.04.1 linux-modules-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 linux-tools-5.13.0-37-generic-64k - 5.13.0-37.42~20.04.1 linux-image-5.13.0-37-generic-64k - 5.13.0-37.42~20.04.1 linux-buildinfo-5.13.0-37-generic-lpae - 5.13.0-37.42~20.04.1 linux-cloud-tools-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-image-unsigned-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-tools-5.13.0-37-generic-lpae - 5.13.0-37.42~20.04.1 linux-image-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-37.42~20.04.1 linux-headers-5.13.0-37-generic-64k - 5.13.0-37.42~20.04.1 linux-tools-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-37 - 5.13.0-37.42~20.04.1 linux-buildinfo-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-modules-5.13.0-37-generic-lpae - 5.13.0-37.42~20.04.1 linux-modules-5.13.0-37-generic-64k - 5.13.0-37.42~20.04.1 linux-headers-5.13.0-37-generic-lpae - 5.13.0-37.42~20.04.1 linux-image-unsigned-5.13.0-37-generic-64k - 5.13.0-37.42~20.04.1 linux-buildinfo-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-37.42~20.04.1 linux-buildinfo-5.13.0-37-generic-64k - 5.13.0-37.42~20.04.1 linux-image-unsigned-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 No subscription required linux-headers-aws - 5.13.0.1019.21~20.04.12 linux-image-aws - 5.13.0.1019.21~20.04.12 linux-modules-extra-aws-edge - 5.13.0.1019.21~20.04.12 linux-image-aws-edge - 5.13.0.1019.21~20.04.12 linux-aws-edge - 5.13.0.1019.21~20.04.12 linux-aws - 5.13.0.1019.21~20.04.12 linux-headers-aws-edge - 5.13.0.1019.21~20.04.12 linux-modules-extra-aws - 5.13.0.1019.21~20.04.12 linux-tools-aws - 5.13.0.1019.21~20.04.12 linux-tools-aws-edge - 5.13.0.1019.21~20.04.12 No subscription required linux-image-gcp-edge - 5.13.0.1021.25~20.04.1 linux-tools-gcp-edge - 5.13.0.1021.25~20.04.1 linux-headers-gcp-edge - 5.13.0.1021.25~20.04.1 linux-tools-gcp - 5.13.0.1021.25~20.04.1 linux-modules-extra-gcp-edge - 5.13.0.1021.25~20.04.1 linux-gcp - 5.13.0.1021.25~20.04.1 linux-headers-gcp - 5.13.0.1021.25~20.04.1 linux-image-gcp - 5.13.0.1021.25~20.04.1 linux-modules-extra-gcp - 5.13.0.1021.25~20.04.1 linux-gcp-edge - 5.13.0.1021.25~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-headers-generic-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-tools-lowlatency-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-tools-generic-64k-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-headers-lowlatency-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-image-extra-virtual-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-image-lowlatency-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-virtual-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-headers-generic-64k-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-generic-lpae-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-generic-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-image-generic-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-tools-generic-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-image-virtual-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-image-generic-lpae-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-tools-virtual-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-lowlatency-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-generic-64k-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-image-generic-64k-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-headers-virtual-hwe-20.04 - 5.13.0.37.42~20.04.22 No subscription required High CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-39685 CVE-2021-39698 CVE-2021-4135 CVE-2021-4197 CVE-2021-43975 CVE-2021-44733 CVE-2021-45095 CVE-2021-45402 CVE-2021-45480 CVE-2022-0264 CVE-2022-0382 CVE-2022-0435 CVE-2022-0492 CVE-2022-0516 CVE-2022-0742 CVE-2022-23222 Ubuntu 20.04 LTS Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. (CVE-2022-0492) Jürgen Groß discovered that the Xen subsystem within the Linux kernel did not adequately limit the number of events driver domains (unprivileged PV backends) could send to other guest VMs. An attacker in a driver domain could use this to cause a denial of service in other guest VMs. (CVE-2021-28711, CVE-2021-28712, CVE-2021-28713) Jürgen Groß discovered that the Xen network backend driver in the Linux kernel did not adequately limit the amount of queued packets when a guest did not process them. An attacker in a guest VM can use this to cause a denial of service (excessive kernel memory consumption) in the network backend domain. (CVE-2021-28714, CVE-2021-28715) It was discovered that the simulated networking device driver for the Linux kernel did not properly initialize memory in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4135) Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-43976) It was discovered that the ARM Trusted Execution Environment (TEE) subsystem in the Linux kernel contained a race condition leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-44733) It was discovered that the Phone Network protocol (PhoNet) implementation in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45095) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45480) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. (CVE-2022-0435) It was discovered that the KVM implementation for s390 systems in the Linux kernel did not properly prevent memory operations on PVM guests that were in non-protected mode. A local attacker could use this to obtain unauthorized memory write access. (CVE-2022-0516) Update Instructions: Run `sudo pro fix USN-5338-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1018-ibm - 5.4.0-1018.20 linux-buildinfo-5.4.0-1018-ibm - 5.4.0-1018.20 linux-ibm-tools-5.4.0-1018 - 5.4.0-1018.20 linux-image-5.4.0-1018-ibm - 5.4.0-1018.20 linux-modules-5.4.0-1018-ibm - 5.4.0-1018.20 linux-ibm-tools-common - 5.4.0-1018.20 linux-modules-extra-5.4.0-1018-ibm - 5.4.0-1018.20 linux-ibm-source-5.4.0 - 5.4.0-1018.20 linux-ibm-cloud-tools-common - 5.4.0-1018.20 linux-ibm-headers-5.4.0-1018 - 5.4.0-1018.20 linux-tools-5.4.0-1018-ibm - 5.4.0-1018.20 linux-headers-5.4.0-1018-ibm - 5.4.0-1018.20 No subscription required linux-gkeop-headers-5.4.0-1037 - 5.4.0-1037.38 linux-image-unsigned-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-gkeop-tools-5.4.0-1037 - 5.4.0-1037.38 linux-cloud-tools-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-modules-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-tools-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-gkeop-source-5.4.0 - 5.4.0-1037.38 linux-buildinfo-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-image-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-gkeop-cloud-tools-5.4.0-1037 - 5.4.0-1037.38 linux-modules-extra-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-headers-5.4.0-1037-gkeop - 5.4.0-1037.38 No subscription required linux-tools-common - 5.4.0-105.119 linux-headers-5.4.0-105-generic-lpae - 5.4.0-105.119 linux-modules-5.4.0-105-generic - 5.4.0-105.119 linux-headers-5.4.0-105-lowlatency - 5.4.0-105.119 linux-tools-host - 5.4.0-105.119 linux-cloud-tools-5.4.0-105-lowlatency - 5.4.0-105.119 linux-doc - 5.4.0-105.119 linux-image-unsigned-5.4.0-105-generic - 5.4.0-105.119 linux-tools-5.4.0-105-lowlatency - 5.4.0-105.119 linux-image-5.4.0-105-lowlatency - 5.4.0-105.119 linux-tools-5.4.0-105-generic-lpae - 5.4.0-105.119 linux-headers-5.4.0-105-generic - 5.4.0-105.119 linux-libc-dev - 5.4.0-105.119 linux-source-5.4.0 - 5.4.0-105.119 linux-buildinfo-5.4.0-105-generic-lpae - 5.4.0-105.119 linux-headers-5.4.0-105 - 5.4.0-105.119 linux-buildinfo-5.4.0-105-generic - 5.4.0-105.119 linux-modules-5.4.0-105-generic-lpae - 5.4.0-105.119 linux-tools-5.4.0-105-generic - 5.4.0-105.119 linux-image-unsigned-5.4.0-105-lowlatency - 5.4.0-105.119 linux-cloud-tools-5.4.0-105-generic - 5.4.0-105.119 linux-buildinfo-5.4.0-105-lowlatency - 5.4.0-105.119 linux-cloud-tools-common - 5.4.0-105.119 linux-image-5.4.0-105-generic - 5.4.0-105.119 linux-modules-5.4.0-105-lowlatency - 5.4.0-105.119 linux-modules-extra-5.4.0-105-generic - 5.4.0-105.119 linux-image-5.4.0-105-generic-lpae - 5.4.0-105.119 linux-cloud-tools-5.4.0-105 - 5.4.0-105.119 linux-tools-5.4.0-105 - 5.4.0-105.119 No subscription required linux-headers-5.4.0-1056-raspi - 5.4.0-1056.63 linux-buildinfo-5.4.0-1056-raspi - 5.4.0-1056.63 linux-tools-5.4.0-1056-raspi - 5.4.0-1056.63 linux-raspi-headers-5.4.0-1056 - 5.4.0-1056.63 linux-image-5.4.0-1056-raspi - 5.4.0-1056.63 linux-modules-5.4.0-1056-raspi - 5.4.0-1056.63 linux-raspi-tools-5.4.0-1056 - 5.4.0-1056.63 No subscription required linux-image-unsigned-5.4.0-1059-kvm - 5.4.0-1059.62 linux-kvm-tools-5.4.0-1059 - 5.4.0-1059.62 linux-image-5.4.0-1059-kvm - 5.4.0-1059.62 linux-buildinfo-5.4.0-1059-kvm - 5.4.0-1059.62 linux-tools-5.4.0-1059-kvm - 5.4.0-1059.62 linux-modules-5.4.0-1059-kvm - 5.4.0-1059.62 linux-kvm-headers-5.4.0-1059 - 5.4.0-1059.62 linux-headers-5.4.0-1059-kvm - 5.4.0-1059.62 No subscription required linux-gke-headers-5.4.0-1066 - 5.4.0-1066.69 linux-image-unsigned-5.4.0-1066-gke - 5.4.0-1066.69 linux-headers-5.4.0-1066-gke - 5.4.0-1066.69 linux-buildinfo-5.4.0-1066-gke - 5.4.0-1066.69 linux-image-5.4.0-1066-gke - 5.4.0-1066.69 linux-modules-extra-5.4.0-1066-gke - 5.4.0-1066.69 linux-tools-5.4.0-1066-gke - 5.4.0-1066.69 linux-gke-tools-5.4.0-1066 - 5.4.0-1066.69 linux-modules-5.4.0-1066-gke - 5.4.0-1066.69 No subscription required linux-modules-5.4.0-1067-oracle - 5.4.0-1067.72 linux-oracle-tools-5.4.0-1067 - 5.4.0-1067.72 linux-oracle-headers-5.4.0-1067 - 5.4.0-1067.72 linux-modules-extra-5.4.0-1067-oracle - 5.4.0-1067.72 linux-image-unsigned-5.4.0-1067-oracle - 5.4.0-1067.72 linux-headers-5.4.0-1067-oracle - 5.4.0-1067.72 linux-buildinfo-5.4.0-1067-oracle - 5.4.0-1067.72 linux-tools-5.4.0-1067-oracle - 5.4.0-1067.72 linux-image-5.4.0-1067-oracle - 5.4.0-1067.72 No subscription required linux-gcp-tools-5.4.0-1068 - 5.4.0-1068.72 linux-tools-5.4.0-1068-gcp - 5.4.0-1068.72 linux-buildinfo-5.4.0-1068-gcp - 5.4.0-1068.72 linux-headers-5.4.0-1068-gcp - 5.4.0-1068.72 linux-modules-5.4.0-1068-gcp - 5.4.0-1068.72 linux-gcp-headers-5.4.0-1068 - 5.4.0-1068.72 linux-image-unsigned-5.4.0-1068-gcp - 5.4.0-1068.72 linux-image-5.4.0-1068-gcp - 5.4.0-1068.72 linux-modules-extra-5.4.0-1068-gcp - 5.4.0-1068.72 No subscription required linux-aws-tools-5.4.0-1069 - 5.4.0-1069.73 linux-aws-headers-5.4.0-1069 - 5.4.0-1069.73 linux-cloud-tools-5.4.0-1069-aws - 5.4.0-1069.73 linux-image-unsigned-5.4.0-1069-aws - 5.4.0-1069.73 linux-modules-extra-5.4.0-1069-aws - 5.4.0-1069.73 linux-headers-5.4.0-1069-aws - 5.4.0-1069.73 linux-tools-5.4.0-1069-aws - 5.4.0-1069.73 linux-aws-cloud-tools-5.4.0-1069 - 5.4.0-1069.73 linux-buildinfo-5.4.0-1069-aws - 5.4.0-1069.73 linux-modules-5.4.0-1069-aws - 5.4.0-1069.73 linux-image-5.4.0-1069-aws - 5.4.0-1069.73 No subscription required linux-azure-headers-5.4.0-1073 - 5.4.0-1073.76 linux-buildinfo-5.4.0-1073-azure - 5.4.0-1073.76 linux-modules-5.4.0-1073-azure - 5.4.0-1073.76 linux-image-5.4.0-1073-azure - 5.4.0-1073.76 linux-cloud-tools-5.4.0-1073-azure - 5.4.0-1073.76 linux-headers-5.4.0-1073-azure - 5.4.0-1073.76 linux-azure-cloud-tools-5.4.0-1073 - 5.4.0-1073.76 linux-azure-tools-5.4.0-1073 - 5.4.0-1073.76 linux-tools-5.4.0-1073-azure - 5.4.0-1073.76 linux-modules-extra-5.4.0-1073-azure - 5.4.0-1073.76 linux-image-unsigned-5.4.0-1073-azure - 5.4.0-1073.76 No subscription required linux-image-unsigned-5.4.0-1073-azure-fde - 5.4.0-1073.76+cvm1.1 linux-image-5.4.0-1073-azure-fde - 5.4.0-1073.76+cvm1.1 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1018.18 linux-image-ibm - 5.4.0.1018.18 linux-headers-ibm-lts-20.04 - 5.4.0.1018.18 linux-tools-ibm - 5.4.0.1018.18 linux-image-ibm-lts-20.04 - 5.4.0.1018.18 linux-ibm-lts-20.04 - 5.4.0.1018.18 linux-modules-extra-ibm - 5.4.0.1018.18 linux-ibm - 5.4.0.1018.18 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1018.18 linux-headers-ibm - 5.4.0.1018.18 No subscription required linux-headers-gkeop - 5.4.0.1037.40 linux-cloud-tools-gkeop-5.4 - 5.4.0.1037.40 linux-image-gkeop - 5.4.0.1037.40 linux-gkeop-5.4 - 5.4.0.1037.40 linux-headers-gkeop-5.4 - 5.4.0.1037.40 linux-image-gkeop-5.4 - 5.4.0.1037.40 linux-gkeop - 5.4.0.1037.40 linux-cloud-tools-gkeop - 5.4.0.1037.40 linux-modules-extra-gkeop-5.4 - 5.4.0.1037.40 linux-modules-extra-gkeop - 5.4.0.1037.40 linux-tools-gkeop - 5.4.0.1037.40 linux-tools-gkeop-5.4 - 5.4.0.1037.40 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.105.109 linux-cloud-tools-virtual - 5.4.0.105.109 linux-image-generic-hwe-18.04 - 5.4.0.105.109 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.105.109 linux-headers-generic-lpae - 5.4.0.105.109 linux-crashdump - 5.4.0.105.109 linux-image-virtual - 5.4.0.105.109 linux-image-generic - 5.4.0.105.109 linux-oem-osp1-tools-host - 5.4.0.105.109 linux-image-oem - 5.4.0.105.109 linux-image-lowlatency-hwe-18.04 - 5.4.0.105.109 linux-headers-lowlatency-hwe-18.04 - 5.4.0.105.109 linux-image-extra-virtual-hwe-18.04 - 5.4.0.105.109 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.105.109 linux-oem - 5.4.0.105.109 linux-image-oem-osp1 - 5.4.0.105.109 linux-image-generic-lpae-hwe-18.04 - 5.4.0.105.109 linux-headers-generic-hwe-18.04 - 5.4.0.105.109 linux-headers-virtual-hwe-18.04-edge - 5.4.0.105.109 linux-source - 5.4.0.105.109 linux-lowlatency - 5.4.0.105.109 linux-tools-virtual-hwe-18.04-edge - 5.4.0.105.109 linux-tools-virtual - 5.4.0.105.109 linux-virtual - 5.4.0.105.109 linux-headers-virtual-hwe-18.04 - 5.4.0.105.109 linux-tools-generic - 5.4.0.105.109 linux-virtual-hwe-18.04 - 5.4.0.105.109 linux-tools-generic-lpae - 5.4.0.105.109 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.105.109 linux-generic-lpae-hwe-18.04-edge - 5.4.0.105.109 linux-lowlatency-hwe-18.04-edge - 5.4.0.105.109 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.105.109 linux-generic-lpae - 5.4.0.105.109 linux-headers-oem - 5.4.0.105.109 linux-generic - 5.4.0.105.109 linux-tools-oem-osp1 - 5.4.0.105.109 linux-tools-generic-hwe-18.04-edge - 5.4.0.105.109 linux-image-virtual-hwe-18.04 - 5.4.0.105.109 linux-cloud-tools-generic - 5.4.0.105.109 linux-lowlatency-hwe-18.04 - 5.4.0.105.109 linux-oem-tools-host - 5.4.0.105.109 linux-headers-lowlatency - 5.4.0.105.109 linux-image-generic-hwe-18.04-edge - 5.4.0.105.109 linux-generic-hwe-18.04-edge - 5.4.0.105.109 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.105.109 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.105.109 linux-image-extra-virtual - 5.4.0.105.109 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.105.109 linux-cloud-tools-lowlatency - 5.4.0.105.109 linux-tools-oem - 5.4.0.105.109 linux-headers-oem-osp1 - 5.4.0.105.109 linux-tools-generic-hwe-18.04 - 5.4.0.105.109 linux-headers-generic-hwe-18.04-edge - 5.4.0.105.109 linux-headers-generic - 5.4.0.105.109 linux-oem-osp1 - 5.4.0.105.109 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.105.109 linux-tools-lowlatency - 5.4.0.105.109 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.105.109 linux-generic-lpae-hwe-18.04 - 5.4.0.105.109 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.105.109 linux-virtual-hwe-18.04-edge - 5.4.0.105.109 linux-headers-virtual - 5.4.0.105.109 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.105.109 linux-tools-virtual-hwe-18.04 - 5.4.0.105.109 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.105.109 linux-generic-hwe-18.04 - 5.4.0.105.109 linux-image-generic-lpae - 5.4.0.105.109 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.105.109 linux-image-virtual-hwe-18.04-edge - 5.4.0.105.109 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.105.109 linux-tools-lowlatency-hwe-18.04 - 5.4.0.105.109 linux-image-lowlatency - 5.4.0.105.109 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1056.90 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1056.90 linux-raspi2 - 5.4.0.1056.90 linux-image-raspi - 5.4.0.1056.90 linux-image-raspi-hwe-18.04 - 5.4.0.1056.90 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1056.90 linux-image-raspi2-hwe-18.04 - 5.4.0.1056.90 linux-tools-raspi - 5.4.0.1056.90 linux-headers-raspi2-hwe-18.04 - 5.4.0.1056.90 linux-headers-raspi-hwe-18.04 - 5.4.0.1056.90 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1056.90 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1056.90 linux-headers-raspi - 5.4.0.1056.90 linux-raspi-hwe-18.04 - 5.4.0.1056.90 linux-tools-raspi2-hwe-18.04 - 5.4.0.1056.90 linux-raspi2-hwe-18.04 - 5.4.0.1056.90 linux-image-raspi-hwe-18.04-edge - 5.4.0.1056.90 linux-image-raspi2 - 5.4.0.1056.90 linux-tools-raspi-hwe-18.04 - 5.4.0.1056.90 linux-raspi-hwe-18.04-edge - 5.4.0.1056.90 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1056.90 linux-tools-raspi2 - 5.4.0.1056.90 linux-raspi - 5.4.0.1056.90 linux-headers-raspi2 - 5.4.0.1056.90 No subscription required linux-tools-kvm - 5.4.0.1059.58 linux-kvm - 5.4.0.1059.58 linux-headers-kvm - 5.4.0.1059.58 linux-image-kvm - 5.4.0.1059.58 No subscription required linux-modules-extra-gke - 5.4.0.1066.76 linux-gke-5.4 - 5.4.0.1066.76 linux-headers-gke-5.4 - 5.4.0.1066.76 linux-tools-gke-5.4 - 5.4.0.1066.76 linux-image-gke-5.4 - 5.4.0.1066.76 linux-modules-extra-gke-5.4 - 5.4.0.1066.76 linux-tools-gke - 5.4.0.1066.76 linux-gke - 5.4.0.1066.76 linux-headers-gke - 5.4.0.1066.76 linux-image-gke - 5.4.0.1066.76 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1067.67 linux-headers-oracle-lts-20.04 - 5.4.0.1067.67 linux-oracle-lts-20.04 - 5.4.0.1067.67 linux-image-oracle-lts-20.04 - 5.4.0.1067.67 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1068.77 linux-gcp-lts-20.04 - 5.4.0.1068.77 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1068.77 linux-headers-gcp-lts-20.04 - 5.4.0.1068.77 linux-image-gcp-lts-20.04 - 5.4.0.1068.77 No subscription required linux-tools-aws-lts-20.04 - 5.4.0.1069.71 linux-modules-extra-aws-lts-20.04 - 5.4.0.1069.71 linux-image-aws-lts-20.04 - 5.4.0.1069.71 linux-headers-aws-lts-20.04 - 5.4.0.1069.71 linux-aws-lts-20.04 - 5.4.0.1069.71 No subscription required linux-azure-lts-20.04 - 5.4.0.1073.71 linux-image-azure-lts-20.04 - 5.4.0.1073.71 linux-headers-azure-lts-20.04 - 5.4.0.1073.71 linux-modules-extra-azure-lts-20.04 - 5.4.0.1073.71 linux-tools-azure-lts-20.04 - 5.4.0.1073.71 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1073.71 No subscription required linux-tools-azure-fde - 5.4.0.1073.76+cvm1.19 linux-image-azure-fde - 5.4.0.1073.76+cvm1.19 linux-azure-fde - 5.4.0.1073.76+cvm1.19 linux-cloud-tools-azure-fde - 5.4.0.1073.76+cvm1.19 linux-modules-extra-azure-fde - 5.4.0.1073.76+cvm1.19 linux-headers-azure-fde - 5.4.0.1073.76+cvm1.19 No subscription required High CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-4135 CVE-2021-43976 CVE-2021-44733 CVE-2021-45095 CVE-2021-45480 CVE-2022-0435 CVE-2022-0492 CVE-2022-0516 Ubuntu 20.04 LTS Kyaw Min Thein discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affects Ubuntu 18.04 LTS. (CVE-2018-9861) Micha Bentkowski discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-9281) Anton Subbotin discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affects Ubuntu 21.10. (CVE-2021-32808) Anton Subbotin discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary code. (CVE-2021-32809) Or Sahar discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-33829) Mika Kulmala discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-37695) Update Instructions: Run `sudo pro fix USN-5340-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ckeditor - 4.12.1+dfsg-1ubuntu0.1 No subscription required Medium CVE-2018-9861 CVE-2020-9281 CVE-2021-32808 CVE-2021-32809 CVE-2021-33829 CVE-2021-37695 Ubuntu 20.04 LTS David Schwörer discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-3426) It was discovered that Python incorrectly handled certain FTP requests. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2021-4189) It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-0391) Update Instructions: Run `sudo pro fix USN-5342-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.10-0ubuntu1~20.04.4 python3.8-full - 3.8.10-0ubuntu1~20.04.4 python3.8-examples - 3.8.10-0ubuntu1~20.04.4 python3.8-dev - 3.8.10-0ubuntu1~20.04.4 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.4 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.4 python3.8-venv - 3.8.10-0ubuntu1~20.04.4 libpython3.8 - 3.8.10-0ubuntu1~20.04.4 idle-python3.8 - 3.8.10-0ubuntu1~20.04.4 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.4 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.4 python3.8 - 3.8.10-0ubuntu1~20.04.4 python3.8-doc - 3.8.10-0ubuntu1~20.04.4 No subscription required Medium CVE-2021-3426 CVE-2021-4189 CVE-2022-0391 Ubuntu 20.04 LTS USN-5342-1 fixed several vulnerabilities in Python. This update provides the corresponding update for Ubuntu 14.04 ESM, Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. Original advisory details: It was discovered that Python incorrectly handled certain FTP requests. An attacker could possibly use this issue to expose sensitive information. (CVE-2021-4189) It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-0391) Update Instructions: Run `sudo pro fix USN-5342-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpython2.7-minimal - 2.7.18-1~20.04.3+esm1 libpython2.7 - 2.7.18-1~20.04.3+esm1 python2.7 - 2.7.18-1~20.04.3+esm1 python2.7-minimal - 2.7.18-1~20.04.3+esm1 libpython2.7-testsuite - 2.7.18-1~20.04.3+esm1 libpython2.7-dev - 2.7.18-1~20.04.3+esm1 idle-python2.7 - 2.7.18-1~20.04.3+esm1 python2.7-doc - 2.7.18-1~20.04.3+esm1 python2.7-dev - 2.7.18-1~20.04.3+esm1 python2.7-examples - 2.7.18-1~20.04.3+esm1 libpython2.7-stdlib - 2.7.18-1~20.04.3+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-4189 CVE-2022-0391 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, obtain sensitive information, cause undefined behaviour, spoof the browser UI, or execute arbitrary code. (CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764, CVE-2022-26381, CVE-2022-26383, CVE-2022-26384) It was discovered that extensions of a particular type could auto-update themselves and bypass the prompt that requests permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to bypass security restrictions. (CVE-2022-22754) It was discovered that dragging and dropping an image into a folder could result in it being marked as executable. If a user were tricked into dragging and dropping a specially crafted image, an attacker could potentially exploit this to execute arbitrary code. (CVE-2022-22756) It was discovered that files downloaded to /tmp were accessible to other users. A local attacker could exploit this to obtain sensitive information. (CVE-2022-26386) A TOCTOU bug was discovered when verifying addon signatures during install. A local attacker could potentially exploit this to trick a user into installing an addon with an invalid signature. (CVE-2022-26387) An out-of-bounds write by one byte was discovered when processing messages in some circumstances. If a user were tricked into opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service. (CVE-2022-0566) Update Instructions: Run `sudo pro fix USN-5345-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:91.7.0+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:91.7.0+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:91.7.0+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:91.7.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-22754 CVE-2022-22756 CVE-2022-22759 CVE-2022-22760 CVE-2022-22761 CVE-2022-22763 CVE-2022-22764 CVE-2022-0566 CVE-2022-26381 CVE-2022-26383 CVE-2022-26384 CVE-2022-26386 CVE-2022-26387 Ubuntu 20.04 LTS It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). Update Instructions: Run `sudo pro fix USN-5346-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.14.0-1029-oem - 5.14.0-1029.32 linux-oem-5.14-tools-5.14.0-1029 - 5.14.0-1029.32 linux-image-5.14.0-1029-oem - 5.14.0-1029.32 linux-buildinfo-5.14.0-1029-oem - 5.14.0-1029.32 linux-modules-5.14.0-1029-oem - 5.14.0-1029.32 linux-image-unsigned-5.14.0-1029-oem - 5.14.0-1029.32 linux-oem-5.14-headers-5.14.0-1029 - 5.14.0-1029.32 linux-headers-5.14.0-1029-oem - 5.14.0-1029.32 linux-oem-5.14-tools-host - 5.14.0-1029.32 No subscription required linux-image-oem-20.04c - 5.14.0.1029.26 linux-image-oem-20.04b - 5.14.0.1029.26 linux-image-oem-20.04d - 5.14.0.1029.26 linux-headers-oem-20.04 - 5.14.0.1029.26 linux-tools-oem-20.04c - 5.14.0.1029.26 linux-tools-oem-20.04b - 5.14.0.1029.26 linux-oem-20.04 - 5.14.0.1029.26 linux-image-oem-20.04 - 5.14.0.1029.26 linux-oem-20.04d - 5.14.0.1029.26 linux-oem-20.04c - 5.14.0.1029.26 linux-oem-20.04b - 5.14.0.1029.26 linux-tools-oem-20.04d - 5.14.0.1029.26 linux-headers-oem-20.04b - 5.14.0.1029.26 linux-headers-oem-20.04c - 5.14.0.1029.26 linux-headers-oem-20.04d - 5.14.0.1029.26 linux-tools-oem-20.04 - 5.14.0.1029.26 No subscription required Medium CVE-2022-0742 Ubuntu 20.04 LTS It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using incomplete credentials. Update Instructions: Run `sudo pro fix USN-5347-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvpn - 2.4.7-1ubuntu2.20.04.4 No subscription required Medium CVE-2022-0547 Ubuntu 20.04 LTS USN-5348-1 fixed several vulnerabilities in Smarty. This update provides the fixes for CVE-2021-21408, CVE-2021-26119, CVE-2021-26120 and CVE-2021-29454 for Ubuntu 20.04 ESM. Original advisory details: David Gnedt and Thomas Konrad discovered that Smarty was incorrectly sanitizing the paths present in the templates. An attacker could possibly use this use to read arbitrary files when controlling the executed template. (CVE-2018-13982) It was discovered that Smarty was incorrectly sanitizing the paths present in the templates. An attacker could possibly use this use to read arbitrary files when controlling the executed template. (CVE-2018-16831) It was discovered that Smarty was incorrectly validating security policy data, allowing the execution of static classes even when not permitted by the security settings. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-21408) It was discovered that Smarty was incorrectly managing access control to template objects, which allowed users to perform a sandbox escape. An attacker could possibly use this issue to send specially crafted input to applications that use Smarty and execute arbitrary code. (CVE-2021-26119) It was discovered that Smarty was not checking for special characters when setting function names during plugin compile operations. An attacker could possibly use this issue to send specially crafted input to applications that use Smarty and execute arbitrary code. (CVE-2021-26120) It was discovered that Smarty was incorrectly sanitizing characters in math strings processed by the math function. An attacker could possibly use this issue to send specially crafted input to applications that use Smarty and execute arbitrary code. (CVE-2021-29454) Update Instructions: Run `sudo pro fix USN-5348-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: smarty3 - 3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2021-21408 CVE-2021-26119 CVE-2021-26120 CVE-2021-29454 Ubuntu 20.04 LTS Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain access to private keys. Update Instructions: Run `sudo pro fix USN-5351-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-paramiko - 2.6.0-2ubuntu0.1 paramiko-doc - 2.6.0-2ubuntu0.1 No subscription required Medium CVE-2022-24302 Ubuntu 20.04 LTS It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5353-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.14.0-1031-oem - 5.14.0-1031.34 linux-image-5.14.0-1031-oem - 5.14.0-1031.34 linux-tools-5.14.0-1031-oem - 5.14.0-1031.34 linux-modules-5.14.0-1031-oem - 5.14.0-1031.34 linux-buildinfo-5.14.0-1031-oem - 5.14.0-1031.34 linux-oem-5.14-headers-5.14.0-1031 - 5.14.0-1031.34 linux-image-unsigned-5.14.0-1031-oem - 5.14.0-1031.34 linux-oem-5.14-tools-5.14.0-1031 - 5.14.0-1031.34 linux-oem-5.14-tools-host - 5.14.0-1031.34 No subscription required linux-image-oem-20.04c - 5.14.0.1031.28 linux-image-oem-20.04b - 5.14.0.1031.28 linux-image-oem-20.04d - 5.14.0.1031.28 linux-headers-oem-20.04 - 5.14.0.1031.28 linux-tools-oem-20.04c - 5.14.0.1031.28 linux-tools-oem-20.04b - 5.14.0.1031.28 linux-image-oem-20.04 - 5.14.0.1031.28 linux-oem-20.04d - 5.14.0.1031.28 linux-oem-20.04c - 5.14.0.1031.28 linux-oem-20.04b - 5.14.0.1031.28 linux-oem-20.04 - 5.14.0.1031.28 linux-tools-oem-20.04d - 5.14.0.1031.28 linux-headers-oem-20.04b - 5.14.0.1031.28 linux-headers-oem-20.04c - 5.14.0.1031.28 linux-headers-oem-20.04d - 5.14.0.1031.28 linux-tools-oem-20.04 - 5.14.0.1031.28 No subscription required Medium CVE-2022-27666 Ubuntu 20.04 LTS It was discovered that Twisted incorrectly filtered HTTP headers when clients are being redirected to another origin. A remote attacker could use this issue to obtain sensitive information. (CVE-2022-21712) It was discovered that Twisted incorrectly processed SSH handshake data on connection establishments. A remote attacker could use this issue to cause Twisted to crash, resulting in a denial of service. (CVE-2022-21716) Update Instructions: Run `sudo pro fix USN-5354-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: twisted-doc - 18.9.0-11ubuntu0.20.04.2 python3-twisted-bin - 18.9.0-11ubuntu0.20.04.2 python3-twisted - 18.9.0-11ubuntu0.20.04.2 No subscription required Medium CVE-2022-21712 CVE-2022-21716 Ubuntu 20.04 LTS Danilo Ramos discovered that zlib incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5355-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libx32z1-dev - 1:1.2.11.dfsg-2ubuntu1.3 lib64z1 - 1:1.2.11.dfsg-2ubuntu1.3 libx32z1 - 1:1.2.11.dfsg-2ubuntu1.3 lib64z1-dev - 1:1.2.11.dfsg-2ubuntu1.3 lib32z1 - 1:1.2.11.dfsg-2ubuntu1.3 zlib1g - 1:1.2.11.dfsg-2ubuntu1.3 lib32z1-dev - 1:1.2.11.dfsg-2ubuntu1.3 zlib1g-dev - 1:1.2.11.dfsg-2ubuntu1.3 No subscription required Medium CVE-2018-25032 Ubuntu 20.04 LTS It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1055) It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-27666) Update Instructions: Run `sudo pro fix USN-5358-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.13.0-39-generic-lpae - 5.13.0-39.44~20.04.1 linux-hwe-5.13-cloud-tools-common - 5.13.0-39.44~20.04.1 linux-image-unsigned-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-image-unsigned-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-modules-5.13.0-39-generic-64k - 5.13.0-39.44~20.04.1 linux-tools-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-headers-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-hwe-5.13-headers-5.13.0-39 - 5.13.0-39.44~20.04.1 linux-headers-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-image-5.13.0-39-generic-lpae - 5.13.0-39.44~20.04.1 linux-hwe-5.13-tools-5.13.0-39 - 5.13.0-39.44~20.04.1 linux-image-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-modules-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-image-5.13.0-39-generic-64k - 5.13.0-39.44~20.04.1 linux-image-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-tools-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-39.44~20.04.1 linux-tools-5.13.0-39-generic-lpae - 5.13.0-39.44~20.04.1 linux-cloud-tools-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-headers-5.13.0-39-generic-64k - 5.13.0-39.44~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-39.44~20.04.1 linux-headers-5.13.0-39-generic-lpae - 5.13.0-39.44~20.04.1 linux-buildinfo-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-buildinfo-5.13.0-39-generic-64k - 5.13.0-39.44~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-39 - 5.13.0-39.44~20.04.1 linux-modules-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-tools-5.13.0-39-generic-64k - 5.13.0-39.44~20.04.1 linux-buildinfo-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-image-unsigned-5.13.0-39-generic-64k - 5.13.0-39.44~20.04.1 linux-cloud-tools-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-buildinfo-5.13.0-39-generic-lpae - 5.13.0-39.44~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-39.44~20.04.1 linux-modules-extra-5.13.0-39-generic - 5.13.0-39.44~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-headers-generic-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-image-virtual-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-headers-lowlatency-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-image-extra-virtual-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-image-lowlatency-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-virtual-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-headers-generic-64k-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-generic-lpae-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-tools-generic-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-tools-lowlatency-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-generic-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-image-generic-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-image-generic-lpae-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-tools-virtual-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-tools-generic-64k-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-lowlatency-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-generic-64k-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-image-generic-64k-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-headers-virtual-hwe-20.04 - 5.13.0.39.44~20.04.24 No subscription required linux-kvm-headers-5.4.0-1061 - 5.4.0-1061.64 linux-kvm-tools-5.4.0-1061 - 5.4.0-1061.64 linux-headers-5.4.0-1061-kvm - 5.4.0-1061.64 linux-image-5.4.0-1061-kvm - 5.4.0-1061.64 linux-tools-5.4.0-1061-kvm - 5.4.0-1061.64 linux-modules-5.4.0-1061-kvm - 5.4.0-1061.64 linux-buildinfo-5.4.0-1061-kvm - 5.4.0-1061.64 linux-image-unsigned-5.4.0-1061-kvm - 5.4.0-1061.64 No subscription required linux-headers-5.4.0-1069-oracle - 5.4.0-1069.75 linux-modules-5.4.0-1069-oracle - 5.4.0-1069.75 linux-oracle-tools-5.4.0-1069 - 5.4.0-1069.75 linux-tools-5.4.0-1069-oracle - 5.4.0-1069.75 linux-buildinfo-5.4.0-1069-oracle - 5.4.0-1069.75 linux-oracle-headers-5.4.0-1069 - 5.4.0-1069.75 linux-image-unsigned-5.4.0-1069-oracle - 5.4.0-1069.75 linux-image-5.4.0-1069-oracle - 5.4.0-1069.75 linux-modules-extra-5.4.0-1069-oracle - 5.4.0-1069.75 No subscription required linux-tools-common - 5.4.0-107.121 linux-image-unsigned-5.4.0-107-generic - 5.4.0-107.121 linux-tools-host - 5.4.0-107.121 linux-doc - 5.4.0-107.121 linux-image-5.4.0-107-generic-lpae - 5.4.0-107.121 linux-tools-5.4.0-107-generic-lpae - 5.4.0-107.121 linux-libc-dev - 5.4.0-107.121 linux-source-5.4.0 - 5.4.0-107.121 linux-image-5.4.0-107-lowlatency - 5.4.0-107.121 linux-headers-5.4.0-107-generic - 5.4.0-107.121 linux-modules-5.4.0-107-lowlatency - 5.4.0-107.121 linux-modules-extra-5.4.0-107-generic - 5.4.0-107.121 linux-modules-5.4.0-107-generic - 5.4.0-107.121 linux-tools-5.4.0-107-lowlatency - 5.4.0-107.121 linux-headers-5.4.0-107-generic-lpae - 5.4.0-107.121 linux-headers-5.4.0-107 - 5.4.0-107.121 linux-modules-5.4.0-107-generic-lpae - 5.4.0-107.121 linux-buildinfo-5.4.0-107-lowlatency - 5.4.0-107.121 linux-image-5.4.0-107-generic - 5.4.0-107.121 linux-cloud-tools-common - 5.4.0-107.121 linux-buildinfo-5.4.0-107-generic-lpae - 5.4.0-107.121 linux-buildinfo-5.4.0-107-generic - 5.4.0-107.121 linux-image-unsigned-5.4.0-107-lowlatency - 5.4.0-107.121 linux-tools-5.4.0-107-generic - 5.4.0-107.121 linux-cloud-tools-5.4.0-107-lowlatency - 5.4.0-107.121 linux-headers-5.4.0-107-lowlatency - 5.4.0-107.121 linux-cloud-tools-5.4.0-107-generic - 5.4.0-107.121 linux-cloud-tools-5.4.0-107 - 5.4.0-107.121 linux-tools-5.4.0-107 - 5.4.0-107.121 No subscription required linux-buildinfo-5.4.0-1071-aws - 5.4.0-1071.76 linux-image-unsigned-5.4.0-1071-aws - 5.4.0-1071.76 linux-aws-headers-5.4.0-1071 - 5.4.0-1071.76 linux-tools-5.4.0-1071-aws - 5.4.0-1071.76 linux-modules-5.4.0-1071-aws - 5.4.0-1071.76 linux-headers-5.4.0-1071-aws - 5.4.0-1071.76 linux-aws-cloud-tools-5.4.0-1071 - 5.4.0-1071.76 linux-image-5.4.0-1071-aws - 5.4.0-1071.76 linux-cloud-tools-5.4.0-1071-aws - 5.4.0-1071.76 linux-aws-tools-5.4.0-1071 - 5.4.0-1071.76 linux-modules-extra-5.4.0-1071-aws - 5.4.0-1071.76 No subscription required linux-azure-headers-5.4.0-1074 - 5.4.0-1074.77 linux-modules-extra-5.4.0-1074-azure - 5.4.0-1074.77 linux-buildinfo-5.4.0-1074-azure - 5.4.0-1074.77 linux-image-unsigned-5.4.0-1074-azure - 5.4.0-1074.77 linux-modules-5.4.0-1074-azure - 5.4.0-1074.77 linux-headers-5.4.0-1074-azure - 5.4.0-1074.77 linux-image-5.4.0-1074-azure - 5.4.0-1074.77 linux-azure-cloud-tools-5.4.0-1074 - 5.4.0-1074.77 linux-azure-tools-5.4.0-1074 - 5.4.0-1074.77 linux-tools-5.4.0-1074-azure - 5.4.0-1074.77 linux-cloud-tools-5.4.0-1074-azure - 5.4.0-1074.77 No subscription required linux-tools-kvm - 5.4.0.1061.60 linux-kvm - 5.4.0.1061.60 linux-headers-kvm - 5.4.0.1061.60 linux-image-kvm - 5.4.0.1061.60 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1069.69 linux-tools-oracle-lts-20.04 - 5.4.0.1069.69 linux-oracle-lts-20.04 - 5.4.0.1069.69 linux-image-oracle-lts-20.04 - 5.4.0.1069.69 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.107.111 linux-cloud-tools-virtual - 5.4.0.107.111 linux-image-generic-hwe-18.04 - 5.4.0.107.111 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.107.111 linux-headers-generic-lpae - 5.4.0.107.111 linux-image-virtual - 5.4.0.107.111 linux-oem-osp1-tools-host - 5.4.0.107.111 linux-image-generic - 5.4.0.107.111 linux-tools-lowlatency - 5.4.0.107.111 linux-image-oem - 5.4.0.107.111 linux-tools-virtual-hwe-18.04 - 5.4.0.107.111 linux-image-lowlatency-hwe-18.04 - 5.4.0.107.111 linux-headers-lowlatency-hwe-18.04 - 5.4.0.107.111 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.107.111 linux-lowlatency-hwe-18.04-edge - 5.4.0.107.111 linux-image-extra-virtual-hwe-18.04 - 5.4.0.107.111 linux-image-generic-lpae-hwe-18.04 - 5.4.0.107.111 linux-crashdump - 5.4.0.107.111 linux-tools-lowlatency-hwe-18.04 - 5.4.0.107.111 linux-headers-generic-hwe-18.04 - 5.4.0.107.111 linux-headers-virtual-hwe-18.04-edge - 5.4.0.107.111 linux-lowlatency - 5.4.0.107.111 linux-tools-virtual-hwe-18.04-edge - 5.4.0.107.111 linux-tools-generic-lpae - 5.4.0.107.111 linux-cloud-tools-generic - 5.4.0.107.111 linux-virtual - 5.4.0.107.111 linux-headers-virtual-hwe-18.04 - 5.4.0.107.111 linux-virtual-hwe-18.04 - 5.4.0.107.111 linux-headers-oem-osp1 - 5.4.0.107.111 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.107.111 linux-tools-virtual - 5.4.0.107.111 linux-generic-lpae-hwe-18.04-edge - 5.4.0.107.111 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.107.111 linux-generic-lpae - 5.4.0.107.111 linux-generic - 5.4.0.107.111 linux-tools-oem-osp1 - 5.4.0.107.111 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.107.111 linux-tools-generic-hwe-18.04-edge - 5.4.0.107.111 linux-image-virtual-hwe-18.04 - 5.4.0.107.111 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.107.111 linux-oem-tools-host - 5.4.0.107.111 linux-headers-lowlatency - 5.4.0.107.111 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.107.111 linux-generic-hwe-18.04-edge - 5.4.0.107.111 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.107.111 linux-oem - 5.4.0.107.111 linux-tools-generic - 5.4.0.107.111 linux-source - 5.4.0.107.111 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.107.111 linux-image-extra-virtual - 5.4.0.107.111 linux-image-oem-osp1 - 5.4.0.107.111 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.107.111 linux-cloud-tools-lowlatency - 5.4.0.107.111 linux-tools-oem - 5.4.0.107.111 linux-generic-lpae-hwe-18.04 - 5.4.0.107.111 linux-tools-generic-hwe-18.04 - 5.4.0.107.111 linux-headers-generic-hwe-18.04-edge - 5.4.0.107.111 linux-headers-oem - 5.4.0.107.111 linux-headers-generic - 5.4.0.107.111 linux-oem-osp1 - 5.4.0.107.111 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.107.111 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.107.111 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.107.111 linux-virtual-hwe-18.04-edge - 5.4.0.107.111 linux-headers-virtual - 5.4.0.107.111 linux-lowlatency-hwe-18.04 - 5.4.0.107.111 linux-generic-hwe-18.04 - 5.4.0.107.111 linux-image-generic-lpae - 5.4.0.107.111 linux-image-virtual-hwe-18.04-edge - 5.4.0.107.111 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.107.111 linux-image-generic-hwe-18.04-edge - 5.4.0.107.111 linux-image-lowlatency - 5.4.0.107.111 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1071.73 linux-image-aws-lts-20.04 - 5.4.0.1071.73 linux-headers-aws-lts-20.04 - 5.4.0.1071.73 linux-tools-aws-lts-20.04 - 5.4.0.1071.73 linux-aws-lts-20.04 - 5.4.0.1071.73 No subscription required linux-azure-lts-20.04 - 5.4.0.1074.72 linux-image-azure-lts-20.04 - 5.4.0.1074.72 linux-modules-extra-azure-lts-20.04 - 5.4.0.1074.72 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1074.72 linux-tools-azure-lts-20.04 - 5.4.0.1074.72 linux-headers-azure-lts-20.04 - 5.4.0.1074.72 No subscription required High CVE-2022-1055 CVE-2022-27666 Ubuntu 20.04 LTS It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1055) It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-27666) Update Instructions: Run `sudo pro fix USN-5358-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.13-headers-5.13.0-1021 - 5.13.0-1021.23~20.04.2 linux-image-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-tools-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-modules-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-headers-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-buildinfo-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-aws-5.13-tools-5.13.0-1021 - 5.13.0-1021.23~20.04.2 linux-aws-5.13-cloud-tools-5.13.0-1021 - 5.13.0-1021.23~20.04.2 linux-image-unsigned-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-cloud-tools-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-modules-extra-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 No subscription required linux-image-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 linux-modules-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 linux-image-unsigned-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 linux-gcp-5.13-tools-5.13.0-1023 - 5.13.0-1023.28~20.04.1 linux-headers-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 linux-tools-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 linux-modules-extra-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 linux-gcp-5.13-headers-5.13.0-1023 - 5.13.0-1023.28~20.04.1 linux-buildinfo-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 No subscription required linux-headers-aws - 5.13.0.1021.23~20.04.14 linux-image-aws - 5.13.0.1021.23~20.04.14 linux-image-aws-edge - 5.13.0.1021.23~20.04.14 linux-aws-edge - 5.13.0.1021.23~20.04.14 linux-aws - 5.13.0.1021.23~20.04.14 linux-modules-extra-aws-edge - 5.13.0.1021.23~20.04.14 linux-headers-aws-edge - 5.13.0.1021.23~20.04.14 linux-modules-extra-aws - 5.13.0.1021.23~20.04.14 linux-tools-aws - 5.13.0.1021.23~20.04.14 linux-tools-aws-edge - 5.13.0.1021.23~20.04.14 No subscription required linux-image-gcp-edge - 5.13.0.1023.28~20.04.1 linux-tools-gcp-edge - 5.13.0.1023.28~20.04.1 linux-headers-gcp-edge - 5.13.0.1023.28~20.04.1 linux-modules-extra-gcp - 5.13.0.1023.28~20.04.1 linux-tools-gcp - 5.13.0.1023.28~20.04.1 linux-modules-extra-gcp-edge - 5.13.0.1023.28~20.04.1 linux-gcp - 5.13.0.1023.28~20.04.1 linux-headers-gcp - 5.13.0.1023.28~20.04.1 linux-image-gcp - 5.13.0.1023.28~20.04.1 linux-gcp-edge - 5.13.0.1023.28~20.04.1 No subscription required linux-image-5.4.0-1019-ibm - 5.4.0-1019.21 linux-headers-5.4.0-1019-ibm - 5.4.0-1019.21 linux-ibm-tools-5.4.0-1019 - 5.4.0-1019.21 linux-ibm-headers-5.4.0-1019 - 5.4.0-1019.21 linux-tools-5.4.0-1019-ibm - 5.4.0-1019.21 linux-ibm-tools-common - 5.4.0-1019.21 linux-buildinfo-5.4.0-1019-ibm - 5.4.0-1019.21 linux-modules-5.4.0-1019-ibm - 5.4.0-1019.21 linux-ibm-source-5.4.0 - 5.4.0-1019.21 linux-ibm-cloud-tools-common - 5.4.0-1019.21 linux-modules-extra-5.4.0-1019-ibm - 5.4.0-1019.21 linux-image-unsigned-5.4.0-1019-ibm - 5.4.0-1019.21 No subscription required linux-modules-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-gkeop-headers-5.4.0-1038 - 5.4.0-1038.39 linux-buildinfo-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-tools-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-image-unsigned-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-gkeop-source-5.4.0 - 5.4.0-1038.39 linux-modules-extra-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-cloud-tools-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-gkeop-cloud-tools-5.4.0-1038 - 5.4.0-1038.39 linux-gkeop-tools-5.4.0-1038 - 5.4.0-1038.39 linux-headers-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-image-5.4.0-1038-gkeop - 5.4.0-1038.39 No subscription required linux-modules-5.4.0-1058-raspi - 5.4.0-1058.65 linux-raspi-tools-5.4.0-1058 - 5.4.0-1058.65 linux-raspi-headers-5.4.0-1058 - 5.4.0-1058.65 linux-tools-5.4.0-1058-raspi - 5.4.0-1058.65 linux-headers-5.4.0-1058-raspi - 5.4.0-1058.65 linux-image-5.4.0-1058-raspi - 5.4.0-1058.65 linux-buildinfo-5.4.0-1058-raspi - 5.4.0-1058.65 No subscription required linux-modules-extra-5.4.0-1067-gke - 5.4.0-1067.70 linux-gke-headers-5.4.0-1067 - 5.4.0-1067.70 linux-tools-5.4.0-1067-gke - 5.4.0-1067.70 linux-modules-5.4.0-1067-gke - 5.4.0-1067.70 linux-buildinfo-5.4.0-1067-gke - 5.4.0-1067.70 linux-headers-5.4.0-1067-gke - 5.4.0-1067.70 linux-image-5.4.0-1067-gke - 5.4.0-1067.70 linux-image-unsigned-5.4.0-1067-gke - 5.4.0-1067.70 linux-gke-tools-5.4.0-1067 - 5.4.0-1067.70 No subscription required linux-headers-5.4.0-1069-gcp - 5.4.0-1069.73 linux-gcp-tools-5.4.0-1069 - 5.4.0-1069.73 linux-image-5.4.0-1069-gcp - 5.4.0-1069.73 linux-modules-extra-5.4.0-1069-gcp - 5.4.0-1069.73 linux-buildinfo-5.4.0-1069-gcp - 5.4.0-1069.73 linux-gcp-headers-5.4.0-1069 - 5.4.0-1069.73 linux-modules-5.4.0-1069-gcp - 5.4.0-1069.73 linux-image-unsigned-5.4.0-1069-gcp - 5.4.0-1069.73 linux-tools-5.4.0-1069-gcp - 5.4.0-1069.73 No subscription required linux-image-unsigned-5.4.0-1074-azure-fde - 5.4.0-1074.77+cvm1.1 linux-image-5.4.0-1074-azure-fde - 5.4.0-1074.77+cvm1.1 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1019.19 linux-image-ibm - 5.4.0.1019.19 linux-headers-ibm-lts-20.04 - 5.4.0.1019.19 linux-tools-ibm - 5.4.0.1019.19 linux-image-ibm-lts-20.04 - 5.4.0.1019.19 linux-ibm-lts-20.04 - 5.4.0.1019.19 linux-modules-extra-ibm - 5.4.0.1019.19 linux-ibm - 5.4.0.1019.19 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1019.19 linux-headers-ibm - 5.4.0.1019.19 No subscription required linux-headers-gkeop - 5.4.0.1038.41 linux-cloud-tools-gkeop-5.4 - 5.4.0.1038.41 linux-image-gkeop - 5.4.0.1038.41 linux-modules-extra-gkeop-5.4 - 5.4.0.1038.41 linux-image-gkeop-5.4 - 5.4.0.1038.41 linux-gkeop - 5.4.0.1038.41 linux-cloud-tools-gkeop - 5.4.0.1038.41 linux-headers-gkeop-5.4 - 5.4.0.1038.41 linux-modules-extra-gkeop - 5.4.0.1038.41 linux-tools-gkeop - 5.4.0.1038.41 linux-tools-gkeop-5.4 - 5.4.0.1038.41 linux-gkeop-5.4 - 5.4.0.1038.41 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1058.92 linux-raspi2 - 5.4.0.1058.92 linux-headers-raspi2 - 5.4.0.1058.92 linux-image-raspi-hwe-18.04 - 5.4.0.1058.92 linux-image-raspi2-hwe-18.04 - 5.4.0.1058.92 linux-tools-raspi - 5.4.0.1058.92 linux-headers-raspi-hwe-18.04 - 5.4.0.1058.92 linux-headers-raspi2-hwe-18.04 - 5.4.0.1058.92 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1058.92 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1058.92 linux-headers-raspi - 5.4.0.1058.92 linux-raspi2-hwe-18.04-edge - 5.4.0.1058.92 linux-raspi-hwe-18.04 - 5.4.0.1058.92 linux-tools-raspi2-hwe-18.04 - 5.4.0.1058.92 linux-raspi2-hwe-18.04 - 5.4.0.1058.92 linux-image-raspi-hwe-18.04-edge - 5.4.0.1058.92 linux-image-raspi2 - 5.4.0.1058.92 linux-tools-raspi-hwe-18.04 - 5.4.0.1058.92 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1058.92 linux-raspi-hwe-18.04-edge - 5.4.0.1058.92 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1058.92 linux-image-raspi - 5.4.0.1058.92 linux-tools-raspi2 - 5.4.0.1058.92 linux-raspi - 5.4.0.1058.92 No subscription required linux-modules-extra-gke - 5.4.0.1067.77 linux-headers-gke-5.4 - 5.4.0.1067.77 linux-modules-extra-gke-5.4 - 5.4.0.1067.77 linux-gke-5.4 - 5.4.0.1067.77 linux-tools-gke - 5.4.0.1067.77 linux-gke - 5.4.0.1067.77 linux-headers-gke - 5.4.0.1067.77 linux-image-gke - 5.4.0.1067.77 linux-image-gke-5.4 - 5.4.0.1067.77 linux-tools-gke-5.4 - 5.4.0.1067.77 No subscription required linux-gcp-lts-20.04 - 5.4.0.1069.78 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1069.78 linux-headers-gcp-lts-20.04 - 5.4.0.1069.78 linux-image-gcp-lts-20.04 - 5.4.0.1069.78 linux-tools-gcp-lts-20.04 - 5.4.0.1069.78 No subscription required linux-image-azure-fde - 5.4.0.1074.77+cvm1.20 linux-azure-fde - 5.4.0.1074.77+cvm1.20 linux-cloud-tools-azure-fde - 5.4.0.1074.77+cvm1.20 linux-modules-extra-azure-fde - 5.4.0.1074.77+cvm1.20 linux-tools-azure-fde - 5.4.0.1074.77+cvm1.20 linux-headers-azure-fde - 5.4.0.1074.77+cvm1.20 No subscription required High CVE-2022-1055 CVE-2022-27666 Ubuntu 20.04 LTS Danilo Ramos discovered that rsync incorrectly handled memory when performing certain zlib deflating operations. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5359-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rsync - 3.1.3-8ubuntu0.3 No subscription required Medium CVE-2018-25032 Ubuntu 20.04 LTS It was discovered that Tomcat incorrectly performed input verification. A remote attacker could possibly use this issue to intercept sensitive information. (CVE-2020-13943, CVE-2020-17527, CVE-2021-25122, CVE-2021-30640) It was discovered that Tomcat did not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-9484, CVE-2021-33037) It was discovered that Tomcat did not properly validate the input length. An attacker could possibly use this to trigger an infinite loop, resulting in a denial of service. (CVE-2021-25329, CVE-2021-41079) Update Instructions: Run `sudo pro fix USN-5360-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tomcat9-docs - 9.0.31-1ubuntu0.2 libtomcat9-embed-java - 9.0.31-1ubuntu0.2 tomcat9-admin - 9.0.31-1ubuntu0.2 tomcat9-common - 9.0.31-1ubuntu0.2 libtomcat9-java - 9.0.31-1ubuntu0.2 tomcat9-user - 9.0.31-1ubuntu0.2 tomcat9 - 9.0.31-1ubuntu0.2 tomcat9-examples - 9.0.31-1ubuntu0.2 No subscription required Medium CVE-2020-13943 CVE-2020-17527 CVE-2020-9484 CVE-2021-25122 CVE-2021-25329 CVE-2021-30640 CVE-2021-33037 CVE-2021-41079 https://bugs.launchpad.net/ubuntu/+source/tomcat9/+bug/1915911 Ubuntu 20.04 LTS Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-25636) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by ARM to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-23960) It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-23222) Max Kellermann discovered that the Linux kernel incorrectly handled Unix pipes. A local attacker could potentially use this to modify any file that could be opened for reading. (CVE-2022-0847) Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. (CVE-2022-0492) William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-0185) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by Intel to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-0001) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4090) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) It was discovered that the AMD Radeon GPU driver in the Linux kernel did not properly validate writes in the debugfs file system. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42327) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. (CVE-2022-0435) It was discovered that the KVM implementation for s390 systems in the Linux kernel did not properly prevent memory operations on PVM guests that were in non-protected mode. A local attacker could use this to obtain unauthorized memory write access. (CVE-2022-0516) It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2022-0742) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5362-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.13.0-1010-intel - 5.13.0-1010.10 linux-intel-5.13-source-5.13.0 - 5.13.0-1010.10 linux-modules-extra-5.13.0-1010-intel - 5.13.0-1010.10 linux-intel-5.13-tools-host - 5.13.0-1010.10 linux-modules-5.13.0-1010-intel - 5.13.0-1010.10 linux-tools-5.13.0-1010-intel - 5.13.0-1010.10 linux-image-5.13.0-1010-intel - 5.13.0-1010.10 linux-intel-5.13-tools-5.13.0-1010 - 5.13.0-1010.10 linux-intel-5.13-tools-common - 5.13.0-1010.10 linux-headers-5.13.0-1010-intel - 5.13.0-1010.10 linux-intel-5.13-cloud-tools-common - 5.13.0-1010.10 linux-intel-5.13-headers-5.13.0-1010 - 5.13.0-1010.10 linux-cloud-tools-5.13.0-1010-intel - 5.13.0-1010.10 linux-intel-5.13-cloud-tools-5.13.0-1010 - 5.13.0-1010.10 linux-image-unsigned-5.13.0-1010-intel - 5.13.0-1010.10 No subscription required linux-cloud-tools-intel - 5.13.0.1010.11 linux-tools-intel - 5.13.0.1010.11 linux-intel - 5.13.0.1010.11 linux-image-intel - 5.13.0.1010.11 linux-headers-intel - 5.13.0.1010.11 No subscription required High CVE-2021-4083 CVE-2021-4090 CVE-2021-4155 CVE-2021-42327 CVE-2022-0001 CVE-2022-0185 CVE-2022-0330 CVE-2022-0435 CVE-2022-0492 CVE-2022-0516 CVE-2022-0742 CVE-2022-0847 CVE-2022-22942 CVE-2022-23222 CVE-2022-23960 CVE-2022-25636 Ubuntu 20.04 LTS It was discovered that Waitress incorrectly handled certain requests. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5364-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-waitress-doc - 1.4.1-1ubuntu0.1 python3-waitress - 1.4.1-1ubuntu0.1 No subscription required Medium CVE-2022-24761 Ubuntu 20.04 LTS It was discovered that H2 was vulnerable to deserialization of untrusted data. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-42392) It was discovered that H2 incorrectly handled some specially crafted connection URLs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-23221) Update Instructions: Run `sudo pro fix USN-5365-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libh2-java - 1.4.197-4+deb10u1build0.20.04.1 libh2-java-doc - 1.4.197-4+deb10u1build0.20.04.1 No subscription required High CVE-2021-42392 CVE-2022-23221 Ubuntu 20.04 LTS It was discovered that FriBidi incorrectly handled processing of input strings resulting in memory corruption. An attacker could use this issue to cause FriBidi to crash, resulting in a denial of service, or potentially execute arbitrary code. (CVE-2022-25308) It was discovered that FriBidi incorrectly validated input data to its CapRTL unicode encoder, resulting in memory corruption. An attacker could use this issue to cause FriBidi to crash, resulting in a denial of service, or potentially execute arbitrary code. (CVE-2022-25309) It was discovered that FriBidi incorrectly handled empty input when removing marks from unicode strings, resulting in a crash. An attacker could use this to cause FriBidi to crash, resulting in a denial of service, or potentially execute arbitrary code. (CVE-2022-25310) Update Instructions: Run `sudo pro fix USN-5366-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfribidi-bin - 1.0.8-2ubuntu0.1 libfribidi0 - 1.0.8-2ubuntu0.1 libfribidi-dev - 1.0.8-2ubuntu0.1 No subscription required Medium CVE-2022-25308 CVE-2022-25309 CVE-2022-25310 Ubuntu 20.04 LTS Justin Steven discovered that fish was not properly filtering local git configuration directives when running background git commands. A remote unauthenticated attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5367-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: fish - 3.1.0-1.2ubuntu0.1~esm1 fish-common - 3.1.0-1.2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-20001 Ubuntu 20.04 LTS It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-23222) It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1055) Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. (CVE-2022-0492) Jürgen Groß discovered that the Xen subsystem within the Linux kernel did not adequately limit the number of events driver domains (unprivileged PV backends) could send to other guest VMs. An attacker in a driver domain could use this to cause a denial of service in other guest VMs. (CVE-2021-28711, CVE-2021-28712, CVE-2021-28713) Jürgen Groß discovered that the Xen network backend driver in the Linux kernel did not adequately limit the amount of queued packets when a guest did not process them. An attacker in a guest VM can use this to cause a denial of service (excessive kernel memory consumption) in the network backend domain. (CVE-2021-28714, CVE-2021-28715) Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39685) It was discovered that a race condition existed in the poll implementation in the Linux kernel, resulting in a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39698) It was discovered that the simulated networking device driver for the Linux kernel did not properly initialize memory in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4135) Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. (CVE-2021-4197) Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43975) It was discovered that the ARM Trusted Execution Environment (TEE) subsystem in the Linux kernel contained a race condition leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-44733) It was discovered that the Phone Network protocol (PhoNet) implementation in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45095) It was discovered that the eBPF verifier in the Linux kernel did not properly perform bounds checking on mov32 operations. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2021-45402) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45480) It was discovered that the BPF subsystem in the Linux kernel did not properly track pointer types on atomic fetch operations in some situations. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2022-0264) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0382) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. (CVE-2022-0435) It was discovered that the KVM implementation for s390 systems in the Linux kernel did not properly prevent memory operations on PVM guests that were in non-protected mode. A local attacker could use this to obtain unauthorized memory write access. (CVE-2022-0516) It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2022-0742) It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-27666) Update Instructions: Run `sudo pro fix USN-5368-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-modules-extra-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-buildinfo-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-azure-5.13-headers-5.13.0-1021 - 5.13.0-1021.24~20.04.1 linux-image-unsigned-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1021 - 5.13.0-1021.24~20.04.1 linux-cloud-tools-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-modules-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-image-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-azure-5.13-tools-5.13.0-1021 - 5.13.0-1021.24~20.04.1 linux-tools-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 No subscription required linux-oracle-5.13-headers-5.13.0-1025 - 5.13.0-1025.30~20.04.1 linux-modules-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-buildinfo-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-headers-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-modules-extra-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-image-unsigned-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-image-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-tools-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-oracle-5.13-tools-5.13.0-1025 - 5.13.0-1025.30~20.04.1 No subscription required linux-tools-azure-edge - 5.13.0.1021.24~20.04.10 linux-azure - 5.13.0.1021.24~20.04.10 linux-image-azure - 5.13.0.1021.24~20.04.10 linux-cloud-tools-azure - 5.13.0.1021.24~20.04.10 linux-cloud-tools-azure-edge - 5.13.0.1021.24~20.04.10 linux-tools-azure - 5.13.0.1021.24~20.04.10 linux-headers-azure-edge - 5.13.0.1021.24~20.04.10 linux-image-azure-edge - 5.13.0.1021.24~20.04.10 linux-modules-extra-azure - 5.13.0.1021.24~20.04.10 linux-azure-edge - 5.13.0.1021.24~20.04.10 linux-modules-extra-azure-edge - 5.13.0.1021.24~20.04.10 linux-headers-azure - 5.13.0.1021.24~20.04.10 No subscription required linux-headers-oracle - 5.13.0.1025.30~20.04.1 linux-headers-oracle-edge - 5.13.0.1025.30~20.04.1 linux-image-oracle - 5.13.0.1025.30~20.04.1 linux-tools-oracle - 5.13.0.1025.30~20.04.1 linux-tools-oracle-edge - 5.13.0.1025.30~20.04.1 linux-oracle-edge - 5.13.0.1025.30~20.04.1 linux-image-oracle-edge - 5.13.0.1025.30~20.04.1 linux-oracle - 5.13.0.1025.30~20.04.1 No subscription required High CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-39685 CVE-2021-39698 CVE-2021-4135 CVE-2021-4197 CVE-2021-43975 CVE-2021-44733 CVE-2021-45095 CVE-2021-45402 CVE-2021-45480 CVE-2022-0264 CVE-2022-0382 CVE-2022-0435 CVE-2022-0492 CVE-2022-0516 CVE-2022-0742 CVE-2022-1055 CVE-2022-23222 CVE-2022-27666 Ubuntu 20.04 LTS It was discovered that oslo.utils incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5369-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-oslo.utils-doc - 4.1.1-0ubuntu1.1 python3-oslo.utils - 4.1.1-0ubuntu1.1 No subscription required Medium CVE-2022-0718 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, execute script unexpectedly, obtain sensitive information, conduct spoofing attacks, or execute arbitrary code. (CVE-2022-1097, CVE-2022-24713, CVE-2022-28281, CVE-2022-28282, CVE-2022-28284, CVE-2022-28285, CVE-2022-28286, CVE-2022-28288, CVE-2022-28289) A security issue was discovered with the sourceMapURL feature of devtools. An attacker could potentially exploit this to include local files that should have been inaccessible. (CVE-2022-28283) It was discovered that selecting text caused Firefox to crash in some circumstances. An attacker could potentially exploit this to cause a denial of service. (CVE-2022-28287) Update Instructions: Run `sudo pro fix USN-5370-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-nn - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ne - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-nb - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-fa - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-fi - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-fr - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-fy - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-or - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-kab - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-oc - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-cs - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ga - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-gd - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-gn - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-gl - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-gu - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-pa - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-pl - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-cy - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-pt - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-szl - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-hi - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ms - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-he - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-hy - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-hr - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-hu - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-as - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ar - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ia - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-az - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-id - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-mai - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-af - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-is - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-vi - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-an - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-bs - 99.0+build2-0ubuntu0.20.04.2 firefox - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ro - 99.0+build2-0ubuntu0.20.04.2 firefox-geckodriver - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ja - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ru - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-br - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-zh-hant - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-zh-hans - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-bn - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-be - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-bg - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-sl - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-sk - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-si - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-sw - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-sv - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-sr - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-sq - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ko - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-kn - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-km - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-kk - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ka - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-xh - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ca - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ku - 99.0+build2-0ubuntu0.20.04.2 firefox-mozsymbols - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-lv - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-lt - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-th - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-hsb - 99.0+build2-0ubuntu0.20.04.2 firefox-dev - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-te - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-cak - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ta - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-lg - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-csb - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-tr - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-nso - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-de - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-da - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-uk - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-mr - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-my - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-uz - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ml - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-mn - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-mk - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ur - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-eu - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-et - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-es - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-it - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-el - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-eo - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-en - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-zu - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ast - 99.0+build2-0ubuntu0.20.04.2 No subscription required Medium CVE-2022-1097 CVE-2022-24713 CVE-2022-28281 CVE-2022-28282 CVE-2022-28283 CVE-2022-28284 CVE-2022-28285 CVE-2022-28286 CVE-2022-28287 CVE-2022-28288 CVE-2022-28289 Ubuntu 20.04 LTS It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue was fixed for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-11724) It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to disclose sensitive information. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-36309) It was discovered that nginx mishandled the use of compatible certificates among multiple encryption protocols. If a remote attacker were able to intercept the communication, this issue could be used to redirect traffic between subdomains. (CVE-2021-3618) Update Instructions: Run `sudo pro fix USN-5371-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnginx-mod-stream - 1.18.0-0ubuntu1.3 libnginx-mod-http-subs-filter - 1.18.0-0ubuntu1.3 nginx-doc - 1.18.0-0ubuntu1.3 libnginx-mod-mail - 1.18.0-0ubuntu1.3 libnginx-mod-http-image-filter - 1.18.0-0ubuntu1.3 libnginx-mod-http-echo - 1.18.0-0ubuntu1.3 libnginx-mod-rtmp - 1.18.0-0ubuntu1.3 libnginx-mod-nchan - 1.18.0-0ubuntu1.3 nginx-common - 1.18.0-0ubuntu1.3 libnginx-mod-http-fancyindex - 1.18.0-0ubuntu1.3 libnginx-mod-http-auth-pam - 1.18.0-0ubuntu1.3 nginx-light - 1.18.0-0ubuntu1.3 libnginx-mod-http-headers-more-filter - 1.18.0-0ubuntu1.3 nginx-extras - 1.18.0-0ubuntu1.3 libnginx-mod-http-upstream-fair - 1.18.0-0ubuntu1.3 libnginx-mod-http-xslt-filter - 1.18.0-0ubuntu1.3 libnginx-mod-http-lua - 1.18.0-0ubuntu1.3 libnginx-mod-http-perl - 1.18.0-0ubuntu1.3 nginx-core - 1.18.0-0ubuntu1.3 libnginx-mod-http-dav-ext - 1.18.0-0ubuntu1.3 nginx - 1.18.0-0ubuntu1.3 libnginx-mod-http-ndk - 1.18.0-0ubuntu1.3 libnginx-mod-http-uploadprogress - 1.18.0-0ubuntu1.3 libnginx-mod-http-cache-purge - 1.18.0-0ubuntu1.3 nginx-full - 1.18.0-0ubuntu1.3 libnginx-mod-http-geoip2 - 1.18.0-0ubuntu1.3 libnginx-mod-http-geoip - 1.18.0-0ubuntu1.3 No subscription required Medium CVE-2020-11724 CVE-2020-36309 CVE-2021-3618 Ubuntu 20.04 LTS Evgeny Kotkov discovered that Subversion servers did not properly follow path-based authorization rules in certain cases. An attacker could potentially use this issue to retrieve information about private paths. (CVE-2021-28544) Thomas Weißschuh discovered that Subversion servers did not properly handle memory in certain configurations. A remote attacker could potentially use this issue to cause a denial of service or other unspecified impact. (CVE-2022-24070) Update Instructions: Run `sudo pro fix USN-5372-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsvn-dev - 1.13.0-3ubuntu0.1 ruby-svn - 1.13.0-3ubuntu0.1 subversion-tools - 1.13.0-3ubuntu0.1 libapache2-mod-svn - 1.13.0-3ubuntu0.1 python-subversion - 1.13.0-3ubuntu0.1 libsvn1 - 1.13.0-3ubuntu0.1 subversion - 1.13.0-3ubuntu0.1 libsvn-doc - 1.13.0-3ubuntu0.1 libsvn-java - 1.13.0-3ubuntu0.1 libsvn-perl - 1.13.0-3ubuntu0.1 No subscription required Medium CVE-2021-28544 CVE-2022-24070 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain certain column aliases in the QuerySet.annotate(), aggregate(), and extra() methods. A remote attacker could possibly use this issue to perform an SQL injection attack. (CVE-2022-28346) It was discovered that Django incorrectly handled certain option names in the QuerySet.explain() method. A remote attacker could possibly use this issue to perform an SQL injection attack. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-28347) It was discovered that the Django URLValidator function incorrectly handled newlines and tabs. A remote attacker could possibly use this issue to perform a header injection attack. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-32052) Update Instructions: Run `sudo pro fix USN-5373-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.11 python-django-doc - 2:2.2.12-1ubuntu0.11 No subscription required High CVE-2021-32052 CVE-2022-28346 CVE-2022-28347 Ubuntu 20.04 LTS It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5374-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libarchive-dev - 3.4.0-2ubuntu1.2 libarchive-tools - 3.4.0-2ubuntu1.2 libarchive13 - 3.4.0-2ubuntu1.2 No subscription required Medium CVE-2022-26280 Ubuntu 20.04 LTS 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run arbitrary commands. Update Instructions: Run `sudo pro fix USN-5376-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.3 gitweb - 1:2.25.1-1ubuntu3.3 git-gui - 1:2.25.1-1ubuntu3.3 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.3 git-el - 1:2.25.1-1ubuntu3.3 gitk - 1:2.25.1-1ubuntu3.3 git-all - 1:2.25.1-1ubuntu3.3 git-mediawiki - 1:2.25.1-1ubuntu3.3 git-daemon-run - 1:2.25.1-1ubuntu3.3 git-man - 1:2.25.1-1ubuntu3.3 git-doc - 1:2.25.1-1ubuntu3.3 git-svn - 1:2.25.1-1ubuntu3.3 git-cvs - 1:2.25.1-1ubuntu3.3 git-email - 1:2.25.1-1ubuntu3.3 No subscription required Medium CVE-2022-24765 Ubuntu 20.04 LTS USN-5376-1 fixed vulnerabilities in Git, some patches were missing to properly fix the issue. This update fixes the problem. Original advisory details: 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run arbitrary commands. Update Instructions: Run `sudo pro fix USN-5376-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.4 gitweb - 1:2.25.1-1ubuntu3.4 git-all - 1:2.25.1-1ubuntu3.4 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.4 git-el - 1:2.25.1-1ubuntu3.4 gitk - 1:2.25.1-1ubuntu3.4 git-gui - 1:2.25.1-1ubuntu3.4 git-mediawiki - 1:2.25.1-1ubuntu3.4 git-daemon-run - 1:2.25.1-1ubuntu3.4 git-man - 1:2.25.1-1ubuntu3.4 git-doc - 1:2.25.1-1ubuntu3.4 git-svn - 1:2.25.1-1ubuntu3.4 git-cvs - 1:2.25.1-1ubuntu3.4 git-email - 1:2.25.1-1ubuntu3.4 No subscription required None https://launchpad.net/bugs/1970260 Ubuntu 20.04 LTS It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1055) Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. (CVE-2022-0492) Jürgen Groß discovered that the Xen subsystem within the Linux kernel did not adequately limit the number of events driver domains (unprivileged PV backends) could send to other guest VMs. An attacker in a driver domain could use this to cause a denial of service in other guest VMs. (CVE-2021-28711, CVE-2021-28712, CVE-2021-28713) Jürgen Groß discovered that the Xen network backend driver in the Linux kernel did not adequately limit the amount of queued packets when a guest did not process them. An attacker in a guest VM can use this to cause a denial of service (excessive kernel memory consumption) in the network backend domain. (CVE-2021-28714, CVE-2021-28715) It was discovered that the simulated networking device driver for the Linux kernel did not properly initialize memory in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4135) Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-43976) It was discovered that the ARM Trusted Execution Environment (TEE) subsystem in the Linux kernel contained a race condition leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-44733) It was discovered that the Phone Network protocol (PhoNet) implementation in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45095) Wenqing Liu discovered that the f2fs file system in the Linux kernel did not properly validate the last xattr entry in an inode. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-45469) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45480) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. (CVE-2022-0435) It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-27666) Update Instructions: Run `sudo pro fix USN-5377-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-tools-5.4.0-1032 - 5.4.0-1032.35 linux-image-unsigned-5.4.0-1032-bluefield - 5.4.0-1032.35 linux-modules-5.4.0-1032-bluefield - 5.4.0-1032.35 linux-image-5.4.0-1032-bluefield - 5.4.0-1032.35 linux-headers-5.4.0-1032-bluefield - 5.4.0-1032.35 linux-tools-5.4.0-1032-bluefield - 5.4.0-1032.35 linux-buildinfo-5.4.0-1032-bluefield - 5.4.0-1032.35 linux-bluefield-headers-5.4.0-1032 - 5.4.0-1032.35 No subscription required linux-bluefield - 5.4.0.1032.33 linux-tools-bluefield - 5.4.0.1032.33 linux-image-bluefield - 5.4.0.1032.33 linux-headers-bluefield - 5.4.0.1032.33 No subscription required High CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-4135 CVE-2021-43976 CVE-2021-44733 CVE-2021-45095 CVE-2021-45469 CVE-2021-45480 CVE-2022-0435 CVE-2022-0492 CVE-2022-1055 CVE-2022-27666 Ubuntu 20.04 LTS Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files. Update Instructions: Run `sudo pro fix USN-5378-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gzip - 1.10-0ubuntu4.1 gzip-win32 - 1.10-0ubuntu4.1 No subscription required Medium CVE-2022-1271 Ubuntu 20.04 LTS Cleemy Desu Wayo discovered that XZ Utils incorrectly handled certain filenames. If a user or automated system were tricked into performing xzgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files. Update Instructions: Run `sudo pro fix USN-5378-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblzma5 - 5.2.4-1ubuntu1.1 liblzma-doc - 5.2.4-1ubuntu1.1 liblzma-dev - 5.2.4-1ubuntu1.1 xz-utils - 5.2.4-1ubuntu1.1 xzdec - 5.2.4-1ubuntu1.1 No subscription required Medium CVE-2022-1271 Ubuntu 20.04 LTS It was discovered that klibc did not properly perform some mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31870) It was discovered that klibc did not properly handled some memory allocations on 64 bit systems. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31871) It was discovered that klibc did not properly handled some file sizes values on 32 bit systems. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31872) It was discovered that klibc did not properly handled some memory allocations. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31873) Update Instructions: Run `sudo pro fix USN-5379-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: klibc-utils - 2.0.7-1ubuntu5.1 libklibc - 2.0.7-1ubuntu5.1 libklibc-dev - 2.0.7-1ubuntu5.1 No subscription required Low CVE-2021-31870 CVE-2021-31871 CVE-2021-31872 CVE-2021-31873 Ubuntu 20.04 LTS It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-5380-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bash-builtins - 5.0-6ubuntu1.2 bash-doc - 5.0-6ubuntu1.2 bash - 5.0-6ubuntu1.2 bash-static - 5.0-6ubuntu1.2 No subscription required Low CVE-2019-18276 Ubuntu 20.04 LTS David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-1015) It was discovered that the block layer subsystem in the Linux kernel did not properly initialize memory in some situations. A privileged local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0494) It was discovered that the DMA subsystem in the Linux kernel did not properly ensure bounce buffers were completely overwritten by the DMA device. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0854) Jann Horn discovered that the FUSE file system in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1011) David Bouman discovered that the netfilter subsystem in the Linux kernel did not initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1016) Hu Jiahui discovered that multiple race conditions existed in the Advanced Linux Sound Architecture (ALSA) framework, leading to use-after-free vulnerabilities. A local attacker could use these to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1048) It was discovered that the USB Gadget file system interface in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-24958) It was discovered that the ST21NFCA NFC driver in the Linux kernel did not properly validate the size of certain data in EVT_TRANSACTION events. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-26490) It was discovered that the USB SR9700 ethernet device driver for the Linux kernel did not properly validate the length of requests from the device. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-26966) It was discovered that the Xilinx USB2 device gadget driver in the Linux kernel did not properly validate endpoint indices from the host. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-27223) 赵子轩 discovered that the 802.2 LLC type 2 driver in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could use this to cause a denial of service. (CVE-2022-28356) Update Instructions: Run `sudo pro fix USN-5381-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.14.0-1033-oem - 5.14.0-1033.36 linux-oem-5.14-headers-5.14.0-1033 - 5.14.0-1033.36 linux-headers-5.14.0-1033-oem - 5.14.0-1033.36 linux-buildinfo-5.14.0-1033-oem - 5.14.0-1033.36 linux-tools-5.14.0-1033-oem - 5.14.0-1033.36 linux-image-unsigned-5.14.0-1033-oem - 5.14.0-1033.36 linux-modules-5.14.0-1033-oem - 5.14.0-1033.36 linux-oem-5.14-tools-host - 5.14.0-1033.36 linux-oem-5.14-tools-5.14.0-1033 - 5.14.0-1033.36 No subscription required linux-image-oem-20.04c - 5.14.0.1033.30 linux-image-oem-20.04b - 5.14.0.1033.30 linux-image-oem-20.04d - 5.14.0.1033.30 linux-tools-oem-20.04d - 5.14.0.1033.30 linux-tools-oem-20.04c - 5.14.0.1033.30 linux-tools-oem-20.04b - 5.14.0.1033.30 linux-oem-20.04 - 5.14.0.1033.30 linux-image-oem-20.04 - 5.14.0.1033.30 linux-oem-20.04d - 5.14.0.1033.30 linux-oem-20.04c - 5.14.0.1033.30 linux-oem-20.04b - 5.14.0.1033.30 linux-headers-oem-20.04 - 5.14.0.1033.30 linux-headers-oem-20.04b - 5.14.0.1033.30 linux-headers-oem-20.04c - 5.14.0.1033.30 linux-headers-oem-20.04d - 5.14.0.1033.30 linux-tools-oem-20.04 - 5.14.0.1033.30 No subscription required High CVE-2022-0494 CVE-2022-0854 CVE-2022-1011 CVE-2022-1015 CVE-2022-1016 CVE-2022-1048 CVE-2022-24958 CVE-2022-26490 CVE-2022-26966 CVE-2022-27223 CVE-2022-28356 Ubuntu 20.04 LTS Albin Eldstål-Ahrens and Lukas Lamster discovered libinput did not properly handle input devices with specially crafted names. A local attacker with physical access could use this to cause libinput to crash or expose sensitive information. Update Instructions: Run `sudo pro fix USN-5382-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libinput-dev - 1.15.5-1ubuntu0.3 libinput-bin - 1.15.5-1ubuntu0.3 libinput10 - 1.15.5-1ubuntu0.3 libinput-tools - 1.15.5-1ubuntu0.3 No subscription required Medium CVE-2022-1215 Ubuntu 20.04 LTS David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-1015) Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-43976) Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) It was discovered that the UDF file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious UDF image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-0617) David Bouman discovered that the netfilter subsystem in the Linux kernel did not initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1016) Lyu Tao discovered that the NFS implementation in the Linux kernel did not properly handle requests to open a directory on a regular file. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-24448) It was discovered that the VirtIO Bluetooth driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2022-26878) It was discovered that the YAM AX.25 device driver in the Linux kernel did not properly deallocate memory in some error conditions. A local privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2022-24959) Update Instructions: Run `sudo pro fix USN-5383-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-intel-5.13-tools-host - 5.13.0-1011.11 linux-intel-5.13-tools-5.13.0-1011 - 5.13.0-1011.11 linux-image-unsigned-5.13.0-1011-intel - 5.13.0-1011.11 linux-tools-5.13.0-1011-intel - 5.13.0-1011.11 linux-cloud-tools-5.13.0-1011-intel - 5.13.0-1011.11 linux-intel-5.13-cloud-tools-common - 5.13.0-1011.11 linux-intel-5.13-cloud-tools-5.13.0-1011 - 5.13.0-1011.11 linux-modules-5.13.0-1011-intel - 5.13.0-1011.11 linux-headers-5.13.0-1011-intel - 5.13.0-1011.11 linux-buildinfo-5.13.0-1011-intel - 5.13.0-1011.11 linux-modules-extra-5.13.0-1011-intel - 5.13.0-1011.11 linux-intel-5.13-tools-common - 5.13.0-1011.11 linux-intel-5.13-headers-5.13.0-1011 - 5.13.0-1011.11 linux-image-5.13.0-1011-intel - 5.13.0-1011.11 linux-intel-5.13-source-5.13.0 - 5.13.0-1011.11 No subscription required linux-aws-5.13-headers-5.13.0-1022 - 5.13.0-1022.24~20.04.1 linux-tools-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-image-unsigned-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-modules-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-aws-5.13-tools-5.13.0-1022 - 5.13.0-1022.24~20.04.1 linux-buildinfo-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-image-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-cloud-tools-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1022 - 5.13.0-1022.24~20.04.1 linux-headers-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-modules-extra-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 No subscription required linux-tools-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-image-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1022 - 5.13.0-1022.26~20.04.1 linux-cloud-tools-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-headers-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-azure-5.13-tools-5.13.0-1022 - 5.13.0-1022.26~20.04.1 linux-buildinfo-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-image-unsigned-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-modules-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-azure-5.13-headers-5.13.0-1022 - 5.13.0-1022.26~20.04.1 linux-modules-extra-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 No subscription required linux-buildinfo-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 linux-gcp-5.13-tools-5.13.0-1024 - 5.13.0-1024.29~20.04.1 linux-image-unsigned-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 linux-gcp-5.13-headers-5.13.0-1024 - 5.13.0-1024.29~20.04.1 linux-image-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 linux-headers-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 linux-modules-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 linux-modules-extra-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 linux-tools-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 No subscription required linux-modules-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-oracle-5.13-tools-5.13.0-1027 - 5.13.0-1027.32~20.04.1 linux-tools-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-buildinfo-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-modules-extra-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-headers-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-image-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-image-unsigned-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-oracle-5.13-headers-5.13.0-1027 - 5.13.0-1027.32~20.04.1 No subscription required linux-hwe-5.13-cloud-tools-common - 5.13.0-40.45~20.04.1 linux-image-5.13.0-40-generic-64k - 5.13.0-40.45~20.04.1 linux-headers-5.13.0-40-generic-lpae - 5.13.0-40.45~20.04.1 linux-modules-5.13.0-40-generic-lpae - 5.13.0-40.45~20.04.1 linux-cloud-tools-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-buildinfo-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-hwe-5.13-headers-5.13.0-40 - 5.13.0-40.45~20.04.1 linux-image-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-tools-5.13.0-40-generic-64k - 5.13.0-40.45~20.04.1 linux-tools-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-buildinfo-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-tools-5.13.0-40-generic-lpae - 5.13.0-40.45~20.04.1 linux-buildinfo-5.13.0-40-generic-64k - 5.13.0-40.45~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-40 - 5.13.0-40.45~20.04.1 linux-modules-5.13.0-40-generic-64k - 5.13.0-40.45~20.04.1 linux-headers-5.13.0-40-generic-64k - 5.13.0-40.45~20.04.1 linux-image-unsigned-5.13.0-40-generic-64k - 5.13.0-40.45~20.04.1 linux-headers-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-image-unsigned-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-image-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-buildinfo-5.13.0-40-generic-lpae - 5.13.0-40.45~20.04.1 linux-image-5.13.0-40-generic-lpae - 5.13.0-40.45~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-40.45~20.04.1 linux-image-unsigned-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-modules-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-modules-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-modules-extra-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-cloud-tools-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-tools-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-headers-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-40.45~20.04.1 linux-hwe-5.13-tools-5.13.0-40 - 5.13.0-40.45~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-40.45~20.04.1 No subscription required linux-image-intel - 5.13.0.1011.12 linux-cloud-tools-intel - 5.13.0.1011.12 linux-tools-intel - 5.13.0.1011.12 linux-intel - 5.13.0.1011.12 linux-headers-intel - 5.13.0.1011.12 No subscription required linux-headers-aws - 5.13.0.1022.24~20.04.15 linux-image-aws - 5.13.0.1022.24~20.04.15 linux-modules-extra-aws-edge - 5.13.0.1022.24~20.04.15 linux-image-aws-edge - 5.13.0.1022.24~20.04.15 linux-aws-edge - 5.13.0.1022.24~20.04.15 linux-aws - 5.13.0.1022.24~20.04.15 linux-headers-aws-edge - 5.13.0.1022.24~20.04.15 linux-modules-extra-aws - 5.13.0.1022.24~20.04.15 linux-tools-aws - 5.13.0.1022.24~20.04.15 linux-tools-aws-edge - 5.13.0.1022.24~20.04.15 No subscription required linux-tools-azure-edge - 5.13.0.1022.26~20.04.11 linux-cloud-tools-azure - 5.13.0.1022.26~20.04.11 linux-tools-azure - 5.13.0.1022.26~20.04.11 linux-image-azure-edge - 5.13.0.1022.26~20.04.11 linux-cloud-tools-azure-edge - 5.13.0.1022.26~20.04.11 linux-modules-extra-azure - 5.13.0.1022.26~20.04.11 linux-azure - 5.13.0.1022.26~20.04.11 linux-image-azure - 5.13.0.1022.26~20.04.11 linux-headers-azure-edge - 5.13.0.1022.26~20.04.11 linux-azure-edge - 5.13.0.1022.26~20.04.11 linux-modules-extra-azure-edge - 5.13.0.1022.26~20.04.11 linux-headers-azure - 5.13.0.1022.26~20.04.11 No subscription required linux-image-gcp-edge - 5.13.0.1024.29~20.04.1 linux-headers-gcp-edge - 5.13.0.1024.29~20.04.1 linux-modules-extra-gcp - 5.13.0.1024.29~20.04.1 linux-tools-gcp - 5.13.0.1024.29~20.04.1 linux-modules-extra-gcp-edge - 5.13.0.1024.29~20.04.1 linux-gcp - 5.13.0.1024.29~20.04.1 linux-tools-gcp-edge - 5.13.0.1024.29~20.04.1 linux-headers-gcp - 5.13.0.1024.29~20.04.1 linux-image-gcp - 5.13.0.1024.29~20.04.1 linux-gcp-edge - 5.13.0.1024.29~20.04.1 No subscription required linux-headers-oracle - 5.13.0.1027.32~20.04.1 linux-tools-oracle-edge - 5.13.0.1027.32~20.04.1 linux-oracle-edge - 5.13.0.1027.32~20.04.1 linux-image-oracle-edge - 5.13.0.1027.32~20.04.1 linux-headers-oracle-edge - 5.13.0.1027.32~20.04.1 linux-image-oracle - 5.13.0.1027.32~20.04.1 linux-tools-oracle - 5.13.0.1027.32~20.04.1 linux-oracle - 5.13.0.1027.32~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-headers-generic-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-image-virtual-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-lowlatency-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-headers-lowlatency-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-image-extra-virtual-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-image-lowlatency-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-virtual-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-image-generic-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-headers-generic-64k-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-generic-lpae-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-tools-lowlatency-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-generic-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-tools-generic-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-image-generic-lpae-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-tools-virtual-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-tools-generic-64k-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-generic-64k-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-image-generic-64k-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-headers-virtual-hwe-20.04 - 5.13.0.40.45~20.04.25 No subscription required High CVE-2021-43976 CVE-2021-44879 CVE-2022-0617 CVE-2022-1015 CVE-2022-1016 CVE-2022-24448 CVE-2022-24959 CVE-2022-26878 Ubuntu 20.04 LTS It was discovered that the UDF file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious UDF image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-0617) Lyu Tao discovered that the NFS implementation in the Linux kernel did not properly handle requests to open a directory on a regular file. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-24448) It was discovered that the YAM AX.25 device driver in the Linux kernel did not properly deallocate memory in some error conditions. A local privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2022-24959) Update Instructions: Run `sudo pro fix USN-5384-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1020 - 5.4.0-1020.22 linux-buildinfo-5.4.0-1020-ibm - 5.4.0-1020.22 linux-ibm-source-5.4.0 - 5.4.0-1020.22 linux-ibm-cloud-tools-common - 5.4.0-1020.22 linux-tools-5.4.0-1020-ibm - 5.4.0-1020.22 linux-ibm-tools-5.4.0-1020 - 5.4.0-1020.22 linux-ibm-tools-common - 5.4.0-1020.22 linux-modules-5.4.0-1020-ibm - 5.4.0-1020.22 linux-modules-extra-5.4.0-1020-ibm - 5.4.0-1020.22 linux-headers-5.4.0-1020-ibm - 5.4.0-1020.22 linux-image-5.4.0-1020-ibm - 5.4.0-1020.22 linux-image-unsigned-5.4.0-1020-ibm - 5.4.0-1020.22 No subscription required linux-gkeop-headers-5.4.0-1039 - 5.4.0-1039.40 linux-image-unsigned-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-cloud-tools-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-gkeop-source-5.4.0 - 5.4.0-1039.40 linux-modules-extra-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-gkeop-cloud-tools-5.4.0-1039 - 5.4.0-1039.40 linux-modules-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-gkeop-tools-5.4.0-1039 - 5.4.0-1039.40 linux-buildinfo-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-tools-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-image-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-headers-5.4.0-1039-gkeop - 5.4.0-1039.40 No subscription required linux-buildinfo-5.4.0-1059-raspi - 5.4.0-1059.67 linux-modules-5.4.0-1059-raspi - 5.4.0-1059.67 linux-image-5.4.0-1059-raspi - 5.4.0-1059.67 linux-headers-5.4.0-1059-raspi - 5.4.0-1059.67 linux-raspi-headers-5.4.0-1059 - 5.4.0-1059.67 linux-raspi-tools-5.4.0-1059 - 5.4.0-1059.67 linux-tools-5.4.0-1059-raspi - 5.4.0-1059.67 No subscription required linux-kvm-headers-5.4.0-1062 - 5.4.0-1062.65 linux-kvm-tools-5.4.0-1062 - 5.4.0-1062.65 linux-headers-5.4.0-1062-kvm - 5.4.0-1062.65 linux-tools-5.4.0-1062-kvm - 5.4.0-1062.65 linux-image-unsigned-5.4.0-1062-kvm - 5.4.0-1062.65 linux-modules-5.4.0-1062-kvm - 5.4.0-1062.65 linux-image-5.4.0-1062-kvm - 5.4.0-1062.65 linux-buildinfo-5.4.0-1062-kvm - 5.4.0-1062.65 No subscription required linux-gke-headers-5.4.0-1068 - 5.4.0-1068.71 linux-tools-5.4.0-1068-gke - 5.4.0-1068.71 linux-buildinfo-5.4.0-1068-gke - 5.4.0-1068.71 linux-modules-5.4.0-1068-gke - 5.4.0-1068.71 linux-modules-extra-5.4.0-1068-gke - 5.4.0-1068.71 linux-image-5.4.0-1068-gke - 5.4.0-1068.71 linux-image-unsigned-5.4.0-1068-gke - 5.4.0-1068.71 linux-headers-5.4.0-1068-gke - 5.4.0-1068.71 linux-gke-tools-5.4.0-1068 - 5.4.0-1068.71 No subscription required linux-oracle-tools-5.4.0-1070 - 5.4.0-1070.76 linux-headers-5.4.0-1070-oracle - 5.4.0-1070.76 linux-image-unsigned-5.4.0-1070-oracle - 5.4.0-1070.76 linux-modules-5.4.0-1070-oracle - 5.4.0-1070.76 linux-tools-5.4.0-1070-oracle - 5.4.0-1070.76 linux-oracle-headers-5.4.0-1070 - 5.4.0-1070.76 linux-modules-extra-5.4.0-1070-oracle - 5.4.0-1070.76 linux-image-5.4.0-1070-oracle - 5.4.0-1070.76 linux-buildinfo-5.4.0-1070-oracle - 5.4.0-1070.76 No subscription required linux-image-unsigned-5.4.0-1072-gcp - 5.4.0-1072.77 linux-modules-extra-5.4.0-1072-aws - 5.4.0-1072.77 linux-gcp-tools-5.4.0-1072 - 5.4.0-1072.77 linux-aws-headers-5.4.0-1072 - 5.4.0-1072.77 linux-headers-5.4.0-1072-gcp - 5.4.0-1072.77 linux-tools-5.4.0-1072-gcp - 5.4.0-1072.77 linux-modules-5.4.0-1072-gcp - 5.4.0-1072.77 linux-aws-tools-5.4.0-1072 - 5.4.0-1072.77 linux-buildinfo-5.4.0-1072-aws - 5.4.0-1072.77 linux-cloud-tools-5.4.0-1072-aws - 5.4.0-1072.77 linux-image-unsigned-5.4.0-1072-aws - 5.4.0-1072.77 linux-modules-5.4.0-1072-aws - 5.4.0-1072.77 linux-image-5.4.0-1072-gcp - 5.4.0-1072.77 linux-modules-extra-5.4.0-1072-gcp - 5.4.0-1072.77 linux-headers-5.4.0-1072-aws - 5.4.0-1072.77 linux-tools-5.4.0-1072-aws - 5.4.0-1072.77 linux-aws-cloud-tools-5.4.0-1072 - 5.4.0-1072.77 linux-buildinfo-5.4.0-1072-gcp - 5.4.0-1072.77 linux-image-5.4.0-1072-aws - 5.4.0-1072.77 linux-gcp-headers-5.4.0-1072 - 5.4.0-1072.77 No subscription required linux-image-5.4.0-1076-azure-fde - 5.4.0-1076.79+cvm1.1 linux-image-unsigned-5.4.0-1076-azure-fde - 5.4.0-1076.79+cvm1.1 No subscription required linux-azure-headers-5.4.0-1077 - 5.4.0-1077.80 linux-image-unsigned-5.4.0-1077-azure - 5.4.0-1077.80 linux-modules-extra-5.4.0-1077-azure - 5.4.0-1077.80 linux-tools-5.4.0-1077-azure - 5.4.0-1077.80 linux-cloud-tools-5.4.0-1077-azure - 5.4.0-1077.80 linux-buildinfo-5.4.0-1077-azure - 5.4.0-1077.80 linux-headers-5.4.0-1077-azure - 5.4.0-1077.80 linux-image-5.4.0-1077-azure - 5.4.0-1077.80 linux-azure-cloud-tools-5.4.0-1077 - 5.4.0-1077.80 linux-azure-tools-5.4.0-1077 - 5.4.0-1077.80 linux-modules-5.4.0-1077-azure - 5.4.0-1077.80 No subscription required linux-tools-common - 5.4.0-109.123 linux-buildinfo-5.4.0-109-generic-lpae - 5.4.0-109.123 linux-image-5.4.0-109-generic-lpae - 5.4.0-109.123 linux-tools-host - 5.4.0-109.123 linux-cloud-tools-5.4.0-109-lowlatency - 5.4.0-109.123 linux-doc - 5.4.0-109.123 linux-buildinfo-5.4.0-109-lowlatency - 5.4.0-109.123 linux-image-5.4.0-109-generic - 5.4.0-109.123 linux-image-unsigned-5.4.0-109-generic - 5.4.0-109.123 linux-headers-5.4.0-109-lowlatency - 5.4.0-109.123 linux-libc-dev - 5.4.0-109.123 linux-source-5.4.0 - 5.4.0-109.123 linux-headers-5.4.0-109-generic-lpae - 5.4.0-109.123 linux-modules-5.4.0-109-generic-lpae - 5.4.0-109.123 linux-modules-5.4.0-109-lowlatency - 5.4.0-109.123 linux-cloud-tools-5.4.0-109 - 5.4.0-109.123 linux-tools-5.4.0-109-generic - 5.4.0-109.123 linux-tools-5.4.0-109-generic-lpae - 5.4.0-109.123 linux-image-unsigned-5.4.0-109-lowlatency - 5.4.0-109.123 linux-image-5.4.0-109-lowlatency - 5.4.0-109.123 linux-cloud-tools-common - 5.4.0-109.123 linux-modules-extra-5.4.0-109-generic - 5.4.0-109.123 linux-headers-5.4.0-109 - 5.4.0-109.123 linux-tools-5.4.0-109-lowlatency - 5.4.0-109.123 linux-headers-5.4.0-109-generic - 5.4.0-109.123 linux-cloud-tools-5.4.0-109-generic - 5.4.0-109.123 linux-modules-5.4.0-109-generic - 5.4.0-109.123 linux-buildinfo-5.4.0-109-generic - 5.4.0-109.123 linux-tools-5.4.0-109 - 5.4.0-109.123 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1020.20 linux-modules-extra-ibm - 5.4.0.1020.20 linux-headers-ibm-lts-20.04 - 5.4.0.1020.20 linux-tools-ibm - 5.4.0.1020.20 linux-image-ibm-lts-20.04 - 5.4.0.1020.20 linux-ibm-lts-20.04 - 5.4.0.1020.20 linux-image-ibm - 5.4.0.1020.20 linux-ibm - 5.4.0.1020.20 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1020.20 linux-headers-ibm - 5.4.0.1020.20 No subscription required linux-headers-gkeop - 5.4.0.1039.42 linux-cloud-tools-gkeop-5.4 - 5.4.0.1039.42 linux-image-gkeop - 5.4.0.1039.42 linux-gkeop-5.4 - 5.4.0.1039.42 linux-image-gkeop-5.4 - 5.4.0.1039.42 linux-gkeop - 5.4.0.1039.42 linux-cloud-tools-gkeop - 5.4.0.1039.42 linux-modules-extra-gkeop-5.4 - 5.4.0.1039.42 linux-headers-gkeop-5.4 - 5.4.0.1039.42 linux-modules-extra-gkeop - 5.4.0.1039.42 linux-tools-gkeop - 5.4.0.1039.42 linux-tools-gkeop-5.4 - 5.4.0.1039.42 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1059.93 linux-raspi2 - 5.4.0.1059.93 linux-image-raspi - 5.4.0.1059.93 linux-image-raspi-hwe-18.04 - 5.4.0.1059.93 linux-image-raspi2-hwe-18.04 - 5.4.0.1059.93 linux-tools-raspi - 5.4.0.1059.93 linux-headers-raspi-hwe-18.04 - 5.4.0.1059.93 linux-headers-raspi2-hwe-18.04 - 5.4.0.1059.93 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1059.93 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1059.93 linux-headers-raspi - 5.4.0.1059.93 linux-raspi2-hwe-18.04-edge - 5.4.0.1059.93 linux-image-raspi-hwe-18.04-edge - 5.4.0.1059.93 linux-raspi-hwe-18.04 - 5.4.0.1059.93 linux-tools-raspi2-hwe-18.04 - 5.4.0.1059.93 linux-raspi2-hwe-18.04 - 5.4.0.1059.93 linux-image-raspi2 - 5.4.0.1059.93 linux-tools-raspi-hwe-18.04 - 5.4.0.1059.93 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1059.93 linux-raspi-hwe-18.04-edge - 5.4.0.1059.93 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1059.93 linux-tools-raspi2 - 5.4.0.1059.93 linux-raspi - 5.4.0.1059.93 linux-headers-raspi2 - 5.4.0.1059.93 No subscription required linux-kvm - 5.4.0.1062.61 linux-headers-kvm - 5.4.0.1062.61 linux-image-kvm - 5.4.0.1062.61 linux-tools-kvm - 5.4.0.1062.61 No subscription required linux-modules-extra-gke - 5.4.0.1068.78 linux-headers-gke-5.4 - 5.4.0.1068.78 linux-tools-gke-5.4 - 5.4.0.1068.78 linux-modules-extra-gke-5.4 - 5.4.0.1068.78 linux-gke-5.4 - 5.4.0.1068.78 linux-tools-gke - 5.4.0.1068.78 linux-gke - 5.4.0.1068.78 linux-image-gke - 5.4.0.1068.78 linux-headers-gke - 5.4.0.1068.78 linux-image-gke-5.4 - 5.4.0.1068.78 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1070.70 linux-headers-oracle-lts-20.04 - 5.4.0.1070.70 linux-oracle-lts-20.04 - 5.4.0.1070.70 linux-image-oracle-lts-20.04 - 5.4.0.1070.70 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1072.74 linux-image-aws-lts-20.04 - 5.4.0.1072.74 linux-tools-aws-lts-20.04 - 5.4.0.1072.74 linux-headers-aws-lts-20.04 - 5.4.0.1072.74 linux-aws-lts-20.04 - 5.4.0.1072.74 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1072.80 linux-gcp-lts-20.04 - 5.4.0.1072.80 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1072.80 linux-headers-gcp-lts-20.04 - 5.4.0.1072.80 linux-image-gcp-lts-20.04 - 5.4.0.1072.80 No subscription required linux-tools-azure-fde - 5.4.0.1076.79+cvm1.21 linux-azure-fde - 5.4.0.1076.79+cvm1.21 linux-image-azure-fde - 5.4.0.1076.79+cvm1.21 linux-cloud-tools-azure-fde - 5.4.0.1076.79+cvm1.21 linux-modules-extra-azure-fde - 5.4.0.1076.79+cvm1.21 linux-headers-azure-fde - 5.4.0.1076.79+cvm1.21 No subscription required linux-azure-lts-20.04 - 5.4.0.1077.75 linux-tools-azure-lts-20.04 - 5.4.0.1077.75 linux-image-azure-lts-20.04 - 5.4.0.1077.75 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1077.75 linux-modules-extra-azure-lts-20.04 - 5.4.0.1077.75 linux-headers-azure-lts-20.04 - 5.4.0.1077.75 No subscription required linux-cloud-tools-virtual - 5.4.0.109.113 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.109.113 linux-image-generic-hwe-18.04 - 5.4.0.109.113 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.109.113 linux-headers-generic-lpae - 5.4.0.109.113 linux-image-virtual - 5.4.0.109.113 linux-generic-hwe-18.04 - 5.4.0.109.113 linux-oem-osp1-tools-host - 5.4.0.109.113 linux-cloud-tools-lowlatency - 5.4.0.109.113 linux-image-generic - 5.4.0.109.113 linux-tools-lowlatency - 5.4.0.109.113 linux-image-oem - 5.4.0.109.113 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.109.113 linux-headers-lowlatency-hwe-18.04 - 5.4.0.109.113 linux-lowlatency-hwe-18.04-edge - 5.4.0.109.113 linux-image-extra-virtual-hwe-18.04 - 5.4.0.109.113 linux-image-oem-osp1 - 5.4.0.109.113 linux-image-generic-lpae-hwe-18.04 - 5.4.0.109.113 linux-crashdump - 5.4.0.109.113 linux-tools-lowlatency-hwe-18.04 - 5.4.0.109.113 linux-headers-generic-hwe-18.04 - 5.4.0.109.113 linux-tools-oem - 5.4.0.109.113 linux-headers-virtual-hwe-18.04-edge - 5.4.0.109.113 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.109.113 linux-source - 5.4.0.109.113 linux-lowlatency - 5.4.0.109.113 linux-tools-virtual-hwe-18.04-edge - 5.4.0.109.113 linux-tools-generic-lpae - 5.4.0.109.113 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.109.113 linux-cloud-tools-generic - 5.4.0.109.113 linux-virtual - 5.4.0.109.113 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.109.113 linux-tools-virtual - 5.4.0.109.113 linux-generic-lpae-hwe-18.04-edge - 5.4.0.109.113 linux-generic-lpae - 5.4.0.109.113 linux-headers-oem - 5.4.0.109.113 linux-tools-oem-osp1 - 5.4.0.109.113 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.109.113 linux-image-lowlatency - 5.4.0.109.113 linux-image-virtual-hwe-18.04 - 5.4.0.109.113 linux-headers-lowlatency - 5.4.0.109.113 linux-image-generic-hwe-18.04-edge - 5.4.0.109.113 linux-generic-hwe-18.04-edge - 5.4.0.109.113 linux-generic - 5.4.0.109.113 linux-tools-generic-hwe-18.04-edge - 5.4.0.109.113 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.109.113 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.109.113 linux-oem - 5.4.0.109.113 linux-tools-generic - 5.4.0.109.113 linux-image-extra-virtual - 5.4.0.109.113 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.109.113 linux-oem-tools-host - 5.4.0.109.113 linux-headers-oem-osp1 - 5.4.0.109.113 linux-virtual-hwe-18.04 - 5.4.0.109.113 linux-generic-lpae-hwe-18.04 - 5.4.0.109.113 linux-headers-generic-hwe-18.04-edge - 5.4.0.109.113 linux-headers-generic - 5.4.0.109.113 linux-headers-virtual-hwe-18.04 - 5.4.0.109.113 linux-oem-osp1 - 5.4.0.109.113 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.109.113 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.109.113 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.109.113 linux-image-lowlatency-hwe-18.04 - 5.4.0.109.113 linux-virtual-hwe-18.04-edge - 5.4.0.109.113 linux-headers-virtual - 5.4.0.109.113 linux-tools-virtual-hwe-18.04 - 5.4.0.109.113 linux-lowlatency-hwe-18.04 - 5.4.0.109.113 linux-image-generic-lpae - 5.4.0.109.113 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.109.113 linux-image-virtual-hwe-18.04-edge - 5.4.0.109.113 linux-tools-generic-hwe-18.04 - 5.4.0.109.113 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.109.113 No subscription required Medium CVE-2022-0617 CVE-2022-24448 CVE-2022-24959 Ubuntu 20.04 LTS Jelmer Vernooij and Beast Glatisant discovered that AIOHTTP incorrectly handled certain URLs, leading to an open redirect attack. A remote attacker could possibly use this issue to perform phishing attacks. Update Instructions: Run `sudo pro fix USN-5386-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-aiohttp - 3.6.2-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-21330 Ubuntu 20.04 LTS Douglas Mendizábal discovered that Barbican incorrectly handled access restrictions. An authenticated attacker could possibly use this issue to consume protected resources and possibly cause a denial of service. (CVE-2022-23451, CVE-2022-23452) Update Instructions: Run `sudo pro fix USN-5387-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: barbican-keystone-listener - 1:10.1.0-0ubuntu2.1 barbican-api - 1:10.1.0-0ubuntu2.1 barbican-worker - 1:10.1.0-0ubuntu2.1 barbican-common - 1:10.1.0-0ubuntu2.1 python3-barbican - 1:10.1.0-0ubuntu2.1 barbican-doc - 1:10.1.0-0ubuntu2.1 No subscription required Medium CVE-2022-23451 CVE-2022-23452 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21426) It was discovered that OpenJDK incorrectly handled converting certain object arguments into their textual representations. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21434) It was discovered that OpenJDK incorrectly validated the encoded length of certain object identifiers. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21443) It was discovered that OpenJDK incorrectly validated certain paths. An attacker could possibly use this issue to bypass the secure validation feature and expose sensitive information in XML files. (CVE-2022-21476) It was discovered that OpenJDK incorrectly parsed certain URI strings. An attacker could possibly use this issue to make applications accept invalid of malformed URI strings. (CVE-2022-21496) Update Instructions: Run `sudo pro fix USN-5388-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-jre-zero - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-doc - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-jre-headless - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-jdk - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-jdk-headless - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-jre - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-demo - 11.0.15+10-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-21426 CVE-2022-21434 CVE-2022-21443 CVE-2022-21476 CVE-2022-21496 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly verified ECDSA signatures. An attacker could use this issue to bypass the signature verification process. (CVE-2022-21449) It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21426) It was discovered that OpenJDK incorrectly handled converting certain object arguments into their textual representations. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21434) It was discovered that OpenJDK incorrectly validated the encoded length of certain object identifiers. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21443) It was discovered that OpenJDK incorrectly validated certain paths. An attacker could possibly use this issue to bypass the secure validation feature and expose sensitive information in XML files. (CVE-2022-21476) It was discovered that OpenJDK incorrectly parsed certain URI strings. An attacker could possibly use this issue to make applications accept invalid of malformed URI strings. (CVE-2022-21496) Update Instructions: Run `sudo pro fix USN-5388-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-17-demo - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-jdk - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-jre-zero - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-jdk-headless - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-source - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-jre-headless - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-doc - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-jre - 17.0.3+7-0ubuntu0.20.04.1 No subscription required High CVE-2022-21426 CVE-2022-21434 CVE-2022-21443 CVE-2022-21449 CVE-2022-21476 CVE-2022-21496 Ubuntu 20.04 LTS Nicolas Iooss discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-36084) It was discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-36085) It was discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affects Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2021-36086) It was discovered that libsepol incorrectly validated certain data, leading to a heap overflow. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-36087) Update Instructions: Run `sudo pro fix USN-5391-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsepol1 - 3.0-1ubuntu0.1 libsepol1-dev - 3.0-1ubuntu0.1 sepol-utils - 3.0-1ubuntu0.1 No subscription required Low CVE-2021-36084 CVE-2021-36085 CVE-2021-36086 CVE-2021-36087 Ubuntu 20.04 LTS It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-32055) It was discovered that Mutt incorrectly handled certain input. An attacker could possibly use this issue to cause a crash, or expose sensitive information. (CVE-2022-1328) Update Instructions: Run `sudo pro fix USN-5392-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mutt - 1.13.2-1ubuntu0.5 No subscription required Medium CVE-2021-32055 CVE-2022-1328 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct spoofing attacks, or execute arbitrary code. (CVE-2022-1097, CVE-2022-1196, CVE-2022-28281, CVE-2022-28282, CVE-2022-28285, CVE-2022-28286, CVE-2022-28289) It was discovered that Thunderbird ignored OpenPGP revocation when importing a revoked key in some circumstances. An attacker could potentially exploit this by tricking the user into trusting the authenticity of a message or tricking them into use a revoked key to send an encrypted message. (CVE-2022-1197) Update Instructions: Run `sudo pro fix USN-5393-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:91.8.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:91.8.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:91.8.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:91.8.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-1097 CVE-2022-1196 CVE-2022-1197 CVE-2022-28281 CVE-2022-28282 CVE-2022-28285 CVE-2022-28286 CVE-2022-28289 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5394-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.0-0ubuntu0.20.04.3 libwebkit2gtk-4.0-37-gtk2 - 2.36.0-0ubuntu0.20.04.3 libjavascriptcoregtk-4.0-dev - 2.36.0-0ubuntu0.20.04.3 libwebkit2gtk-4.0-37 - 2.36.0-0ubuntu0.20.04.3 webkit2gtk-driver - 2.36.0-0ubuntu0.20.04.3 libjavascriptcoregtk-4.0-18 - 2.36.0-0ubuntu0.20.04.3 libwebkit2gtk-4.0-doc - 2.36.0-0ubuntu0.20.04.3 libjavascriptcoregtk-4.0-bin - 2.36.0-0ubuntu0.20.04.3 gir1.2-webkit2-4.0 - 2.36.0-0ubuntu0.20.04.3 libwebkit2gtk-4.0-dev - 2.36.0-0ubuntu0.20.04.3 No subscription required Medium CVE-2022-22624 CVE-2022-22628 CVE-2022-22629 CVE-2022-22637 Ubuntu 20.04 LTS It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. (CVE-2022-29799, CVE-2022-29800) Update Instructions: Run `sudo pro fix USN-5395-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: networkd-dispatcher - 2.1-2~ubuntu20.04.2 No subscription required High CVE-2022-29799 CVE-2022-29800 Ubuntu 20.04 LTS USN-5395-1 fixed vulnerabilities in networkd-dispatcher. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. (CVE-2022-29799, CVE-2022-29800) Update Instructions: Run `sudo pro fix USN-5395-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: networkd-dispatcher - 2.1-2~ubuntu20.04.3 No subscription required None https://launchpad.net/bugs/1971550 Ubuntu 20.04 LTS Patrick Monnerat discovered that curl incorrectly handled certain OAUTH2. An attacker could possibly use this issue to access sensitive information. (CVE-2022-22576) Harry Sintonen discovered that curl incorrectly handled certain requests. An attacker could possibly use this issue to expose sensitive information. (CVE-2022-27774, CVE-2022-27775, CVE-2022-27776) Update Instructions: Run `sudo pro fix USN-5397-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.10 libcurl4-openssl-dev - 7.68.0-1ubuntu2.10 libcurl3-gnutls - 7.68.0-1ubuntu2.10 libcurl4-doc - 7.68.0-1ubuntu2.10 libcurl3-nss - 7.68.0-1ubuntu2.10 libcurl4-nss-dev - 7.68.0-1ubuntu2.10 libcurl4 - 7.68.0-1ubuntu2.10 curl - 7.68.0-1ubuntu2.10 No subscription required Medium CVE-2022-22576 CVE-2022-27774 CVE-2022-27775 CVE-2022-27776 Ubuntu 20.04 LTS It was discovered that libvirt incorrectly handled certain locking operations. A local attacker could possibly use this issue to cause libvirt to stop accepting connections, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-3667) It was discovered that libvirt incorrectly handled threads during shutdown. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-3975) It was discovered that libvirt incorrectly handled the libxl driver. An attacker inside a guest could possibly use this issue to cause libvirtd to crash or stop responding, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2021-4147) It was discovered that libvirt incorrectly handled the nwfilter driver. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2022-0897) It was discovered that libvirt incorrectly handled the polkit access control driver. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-25637) It was discovered that libvirt incorrectly generated SELinux labels. In environments using SELinux, this issue could allow the sVirt confinement to be bypassed. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-3631) Update Instructions: Run `sudo pro fix USN-5399-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvirt0 - 6.0.0-0ubuntu8.16 libvirt-dev - 6.0.0-0ubuntu8.16 libnss-libvirt - 6.0.0-0ubuntu8.16 libvirt-daemon - 6.0.0-0ubuntu8.16 libvirt-daemon-system-systemd - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-xen - 6.0.0-0ubuntu8.16 libvirt-sanlock - 6.0.0-0ubuntu8.16 libvirt-wireshark - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-vbox - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-qemu - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-storage-gluster - 6.0.0-0ubuntu8.16 libvirt-doc - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-storage-rbd - 6.0.0-0ubuntu8.16 libvirt-daemon-system-sysv - 6.0.0-0ubuntu8.16 libvirt-daemon-system - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-lxc - 6.0.0-0ubuntu8.16 libvirt-clients - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-storage-zfs - 6.0.0-0ubuntu8.16 No subscription required Low CVE-2020-25637 CVE-2021-3631 CVE-2021-3667 CVE-2021-3975 CVE-2021-4147 CVE-2022-0897 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.29 in Ubuntu 20.04 LTS, Ubuntu 21.10, and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.38. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-38.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-29.html https://www.oracle.com/security-alerts/cpuapr2022.html Update Instructions: Run `sudo pro fix USN-5400-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.29-0ubuntu0.20.04.2 libmysqlclient-dev - 8.0.29-0ubuntu0.20.04.2 mysql-testsuite-8.0 - 8.0.29-0ubuntu0.20.04.2 mysql-router - 8.0.29-0ubuntu0.20.04.2 mysql-server - 8.0.29-0ubuntu0.20.04.2 libmysqlclient21 - 8.0.29-0ubuntu0.20.04.2 mysql-client-core-8.0 - 8.0.29-0ubuntu0.20.04.2 mysql-server-core-8.0 - 8.0.29-0ubuntu0.20.04.2 mysql-server-8.0 - 8.0.29-0ubuntu0.20.04.2 mysql-testsuite - 8.0.29-0ubuntu0.20.04.2 mysql-client-8.0 - 8.0.29-0ubuntu0.20.04.2 mysql-source-8.0 - 8.0.29-0ubuntu0.20.04.2 No subscription required Medium CVE-2022-21412 CVE-2022-21413 CVE-2022-21414 CVE-2022-21415 CVE-2022-21417 CVE-2022-21418 CVE-2022-21423 CVE-2022-21425 CVE-2022-21427 CVE-2022-21435 CVE-2022-21436 CVE-2022-21437 CVE-2022-21438 CVE-2022-21440 CVE-2022-21444 CVE-2022-21451 CVE-2022-21452 CVE-2022-21454 CVE-2022-21457 CVE-2022-21459 CVE-2022-21460 CVE-2022-21462 CVE-2022-21478 Ubuntu 20.04 LTS USN-5400-1 fixed vulnerabilities in MySQL. The fix breaks existing charm configurations. This updated fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.29 in Ubuntu 20.04 LTS, Ubuntu 21.10, and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.38. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-38.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-29.html https://www.oracle.com/security-alerts/cpuapr2022.html Update Instructions: Run `sudo pro fix USN-5400-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.29-0ubuntu0.20.04.3 mysql-client-8.0 - 8.0.29-0ubuntu0.20.04.3 libmysqlclient-dev - 8.0.29-0ubuntu0.20.04.3 mysql-testsuite-8.0 - 8.0.29-0ubuntu0.20.04.3 mysql-router - 8.0.29-0ubuntu0.20.04.3 mysql-server - 8.0.29-0ubuntu0.20.04.3 libmysqlclient21 - 8.0.29-0ubuntu0.20.04.3 mysql-client-core-8.0 - 8.0.29-0ubuntu0.20.04.3 mysql-server-core-8.0 - 8.0.29-0ubuntu0.20.04.3 mysql-testsuite - 8.0.29-0ubuntu0.20.04.3 mysql-server-8.0 - 8.0.29-0ubuntu0.20.04.3 mysql-source-8.0 - 8.0.29-0ubuntu0.20.04.3 No subscription required None https://launchpad.net/bugs/1971565 Ubuntu 20.04 LTS Wenxiang Qian discovered that DPDK incorrectly checked certain payloads. An attacker could use this issue to cause DPDK to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3839) It was discovered that DPDK incorrectly handled inflight type messages. An attacker could possibly use this issue to cause DPDK to consume resources, leading to a denial of service. (CVE-2022-0669) Update Instructions: Run `sudo pro fix USN-5401-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librte-pmd-octeontx-crypto20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-memif20.0 - 19.11.12-0ubuntu0.20.04.1 dpdk-igb-uio-dkms - 19.11.12-0ubuntu0.20.04.1 librte-pmd-iavf20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-enic20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-af-packet20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-netvsc20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-octeontx2-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bus-ifpga20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-dpaa2-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-stack0.200 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-e1000-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dpaa2-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-bbdev-null20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pipeline20.0 - 19.11.12-0ubuntu0.20.04.1 librte-sched20.0 - 19.11.12-0ubuntu0.20.04.1 librte-distributor20.0 - 19.11.12-0ubuntu0.20.04.1 librte-efd20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ark20.0 - 19.11.12-0ubuntu0.20.04.1 librte-gro20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dpaa20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-sfc20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-failsafe20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-pcap20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev20.0 - 19.11.12-0ubuntu0.20.04.1 librte-meter20.0 - 19.11.12-0ubuntu0.20.04.1 librte-hash20.0 - 19.11.12-0ubuntu0.20.04.1 librte-ring20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-octeontx20.0 - 19.11.12-0ubuntu0.20.04.1 librte-telemetry0.200 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev-skeleton20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-bond20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev-ioat20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-skeleton-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-mlx5-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-octeontx20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev-dpaa2-cmdif20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-fm10k20.0 - 19.11.12-0ubuntu0.20.04.1 librte-cryptodev20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-i40e20.0 - 19.11.12-0ubuntu0.20.04.1 librte-cmdline20.0 - 19.11.12-0ubuntu0.20.04.1 librte-jobstats20.0 - 19.11.12-0ubuntu0.20.04.1 dpdk-dev - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ccp20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-atlantic20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-sw-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-ip-frag20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-isal20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dsw-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-nitrox20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-kni20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-bucket20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dpaa2-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-gso20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-vdev-netvsc20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-openssl20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-bnx2x20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-octeontx-compress20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-hinic20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-dpaa20.0 - 19.11.12-0ubuntu0.20.04.1 librte-latencystats20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-octeontx2-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-kvargs20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bus-fslmc20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-avp20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pdump20.0 - 19.11.12-0ubuntu0.20.04.1 librte-metrics20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bbdev0.200 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dpaa-sec20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bus-vmbus20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-bnxt20.0 - 19.11.12-0ubuntu0.20.04.1 librte-timer20.0 - 19.11.12-0ubuntu0.20.04.1 librte-cfgfile20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rcu0.200 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-qat20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool20.0 - 19.11.12-0ubuntu0.20.04.1 libdpdk-dev - 19.11.12-0ubuntu0.20.04.1 librte-pmd-null20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-virtio20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-axgbe20.0 - 19.11.12-0ubuntu0.20.04.1 librte-port20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-aesni-mb20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev-ntb20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-softnic20.0 - 19.11.12-0ubuntu0.20.04.1 dpdk-doc - 19.11.12-0ubuntu0.20.04.1 librte-pmd-mlx4-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-net20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-bbdev-fpga-lte-fec20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-null-crypto20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ena20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ice20.0 - 19.11.12-0ubuntu0.20.04.1 librte-common-dpaax20.0 - 19.11.12-0ubuntu0.20.04.1 librte-member20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bus-pci20.0 - 19.11.12-0ubuntu0.20.04.1 librte-kni20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-thunderx20.0 - 19.11.12-0ubuntu0.20.04.1 librte-common-octeontx20.0 - 19.11.12-0ubuntu0.20.04.1 dpdk - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ifc20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-opdl-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pci20.0 - 19.11.12-0ubuntu0.20.04.1 librte-eal20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-bbdev-turbo-sw20.0 - 19.11.12-0ubuntu0.20.04.1 librte-ethdev20.0 - 19.11.12-0ubuntu0.20.04.1 librte-table20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-hns3-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-ipsec0.200 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-zlib20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bitratestats20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dpaa2-sec20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-caam-jr20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev-octeontx2-dma20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mbuf20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-octeontx-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-stack20.0 - 19.11.12-0ubuntu0.20.04.1 librte-power20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-liquidio20.0 - 19.11.12-0ubuntu0.20.04.1 librte-vhost20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-vhost20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-virtio-crypto20.0 - 19.11.12-0ubuntu0.20.04.1 librte-reorder20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-qede20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-pfe20.0 - 19.11.12-0ubuntu0.20.04.1 librte-flow-classify0.200 - 19.11.12-0ubuntu0.20.04.1 librte-rib0.200 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-octeontx2-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-cxgbe20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-ring20.0 - 19.11.12-0ubuntu0.20.04.1 librte-acl20.0 - 19.11.12-0ubuntu0.20.04.1 librte-common-cpt20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-aesni-gcm20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev-dpaa2-qdma20.0 - 19.11.12-0ubuntu0.20.04.1 librte-lpm20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-tap20.0 - 19.11.12-0ubuntu0.20.04.1 librte-eventdev20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-nfp20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bus-dpaa20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ring20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bus-vdev20.0 - 19.11.12-0ubuntu0.20.04.1 librte-common-octeontx2-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ixgbe20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-vmxnet3-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-crypto-scheduler20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-enetc20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dpaa-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-octeontx2-crypto20.0 - 19.11.12-0ubuntu0.20.04.1 librte-security20.0 - 19.11.12-0ubuntu0.20.04.1 librte-compressdev0.200 - 19.11.12-0ubuntu0.20.04.1 librte-fib0.200 - 19.11.12-0ubuntu0.20.04.1 librte-bpf0.200 - 19.11.12-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-3839 CVE-2022-0669 Ubuntu 20.04 LTS Elison Niven discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. (CVE-2022-1292) Raul Metsma discovered that OpenSSL incorrectly verified certain response signing certificates. A remote attacker could possibly use this issue to spoof certain response signing certificates. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1343) Tom Colley discovered that OpenSSL used the incorrect MAC key in the RC4-MD5 ciphersuite. In non-default configurations were RC4-MD5 is enabled, a remote attacker could possibly use this issue to modify encrypted communications. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1434) Aliaksei Levin discovered that OpenSSL incorrectly handled resources when decoding certificates and keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1473) Update Instructions: Run `sudo pro fix USN-5402-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.13 libssl-dev - 1.1.1f-1ubuntu2.13 openssl - 1.1.1f-1ubuntu2.13 libssl-doc - 1.1.1f-1ubuntu2.13 No subscription required Medium CVE-2022-1292 CVE-2022-1343 CVE-2022-1434 CVE-2022-1473 Ubuntu 20.04 LTS It was discovered that SQLite command-line component incorrectly handled certain queries. An attacker could possibly use this issue to cause a crash or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5403-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.31.1-4ubuntu0.3 sqlite3-doc - 3.31.1-4ubuntu0.3 libsqlite3-0 - 3.31.1-4ubuntu0.3 libsqlite3-tcl - 3.31.1-4ubuntu0.3 sqlite3 - 3.31.1-4ubuntu0.3 libsqlite3-dev - 3.31.1-4ubuntu0.3 No subscription required Negligible CVE-2021-36690 Ubuntu 20.04 LTS Pieter Agten discovered that Rsyslog incorrectly handled certain requests. An attacker could possibly use this issue to cause a crash. Update Instructions: Run `sudo pro fix USN-5404-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rsyslog-gssapi - 8.2001.0-1ubuntu1.3 rsyslog-czmq - 8.2001.0-1ubuntu1.3 rsyslog-pgsql - 8.2001.0-1ubuntu1.3 rsyslog-hiredis - 8.2001.0-1ubuntu1.3 rsyslog-mysql - 8.2001.0-1ubuntu1.3 rsyslog-gnutls - 8.2001.0-1ubuntu1.3 rsyslog-openssl - 8.2001.0-1ubuntu1.3 rsyslog - 8.2001.0-1ubuntu1.3 rsyslog-relp - 8.2001.0-1ubuntu1.3 rsyslog-mongodb - 8.2001.0-1ubuntu1.3 rsyslog-elasticsearch - 8.2001.0-1ubuntu1.3 rsyslog-kafka - 8.2001.0-1ubuntu1.3 No subscription required Medium CVE-2022-24903 Ubuntu 20.04 LTS Petr Menšík and Richard Johnson discovered that Dnsmasq incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or expose sensitive information. Update Instructions: Run `sudo pro fix USN-5408-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsmasq - 2.80-1.1ubuntu1.5 dnsmasq-base-lua - 2.80-1.1ubuntu1.5 dnsmasq-utils - 2.80-1.1ubuntu1.5 dnsmasq-base - 2.80-1.1ubuntu1.5 No subscription required Medium CVE-2022-0934 Ubuntu 20.04 LTS Lenny Wang discovered that NSS incorrectly handled certain messages. A remote attacker could possibly use this issue to cause servers compiled with NSS to stop responding, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5410-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.7 libnss3 - 2:3.49.1-1ubuntu1.7 libnss3-tools - 2:3.49.1-1ubuntu1.7 No subscription required Low CVE-2020-25648 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass permission prompts, obtain sensitive information, bypass security restrictions, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5411-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 100.0+build2-0ubuntu0.20.04.1 firefox - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 100.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 100.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 100.0+build2-0ubuntu0.20.04.1 firefox-dev - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 100.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-29909 CVE-2022-29911 CVE-2022-29912 CVE-2022-29914 CVE-2022-29915 CVE-2022-29916 CVE-2022-29917 CVE-2022-29918 Ubuntu 20.04 LTS Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this issue to trick curl into using the wrong URL and bypass certain checks or filters. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-27780) Florian Kohnhuser discovered that curl incorrectly handled returning a TLS server's certificate chain details. A remote attacker could possibly use this issue to cause curl to stop responding, resulting in a denial of service. (CVE-2022-27781) Harry Sintonen discovered that curl incorrectly reused a previous connection when certain options had been changed, contrary to expectations. (CVE-2022-27782) Update Instructions: Run `sudo pro fix USN-5412-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.11 libcurl4-openssl-dev - 7.68.0-1ubuntu2.11 libcurl3-gnutls - 7.68.0-1ubuntu2.11 libcurl4-doc - 7.68.0-1ubuntu2.11 libcurl3-nss - 7.68.0-1ubuntu2.11 libcurl4-nss-dev - 7.68.0-1ubuntu2.11 libcurl4 - 7.68.0-1ubuntu2.11 curl - 7.68.0-1ubuntu2.11 No subscription required Medium CVE-2022-27780 CVE-2022-27781 CVE-2022-27782 Ubuntu 20.04 LTS Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-27820) Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-26401) David Bouman discovered that the netfilter subsystem in the Linux kernel did not initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1016) It was discovered that the MMC/SD subsystem in the Linux kernel did not properly handle read errors from SD cards in certain situations. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-20008) It was discovered that the USB gadget subsystem in the Linux kernel did not properly validate interface descriptor requests. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-25258) It was discovered that the Remote NDIS (RNDIS) USB gadget implementation in the Linux kernel did not properly validate the size of the RNDIS_MSG_SET command. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-25375) It was discovered that the ST21NFCA NFC driver in the Linux kernel did not properly validate the size of certain data in EVT_TRANSACTION events. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-26490) It was discovered that the Xilinx USB2 device gadget driver in the Linux kernel did not properly validate endpoint indices from the host. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-27223) Update Instructions: Run `sudo pro fix USN-5415-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1021 - 5.4.0-1021.23 linux-buildinfo-5.4.0-1021-ibm - 5.4.0-1021.23 linux-image-5.4.0-1021-ibm - 5.4.0-1021.23 linux-ibm-source-5.4.0 - 5.4.0-1021.23 linux-ibm-tools-common - 5.4.0-1021.23 linux-image-unsigned-5.4.0-1021-ibm - 5.4.0-1021.23 linux-modules-5.4.0-1021-ibm - 5.4.0-1021.23 linux-modules-extra-5.4.0-1021-ibm - 5.4.0-1021.23 linux-ibm-tools-5.4.0-1021 - 5.4.0-1021.23 linux-tools-5.4.0-1021-ibm - 5.4.0-1021.23 linux-headers-5.4.0-1021-ibm - 5.4.0-1021.23 linux-ibm-cloud-tools-common - 5.4.0-1021.23 No subscription required linux-image-unsigned-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-modules-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-gkeop-headers-5.4.0-1040 - 5.4.0-1040.41 linux-gkeop-cloud-tools-5.4.0-1040 - 5.4.0-1040.41 linux-gkeop-tools-5.4.0-1040 - 5.4.0-1040.41 linux-headers-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-gkeop-source-5.4.0 - 5.4.0-1040.41 linux-image-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-cloud-tools-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-modules-extra-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-buildinfo-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-tools-5.4.0-1040-gkeop - 5.4.0-1040.41 No subscription required linux-buildinfo-5.4.0-1060-raspi - 5.4.0-1060.68 linux-headers-5.4.0-1060-raspi - 5.4.0-1060.68 linux-modules-5.4.0-1060-raspi - 5.4.0-1060.68 linux-raspi-tools-5.4.0-1060 - 5.4.0-1060.68 linux-tools-5.4.0-1060-raspi - 5.4.0-1060.68 linux-image-5.4.0-1060-raspi - 5.4.0-1060.68 linux-raspi-headers-5.4.0-1060 - 5.4.0-1060.68 No subscription required linux-image-unsigned-5.4.0-1063-kvm - 5.4.0-1063.66 linux-kvm-headers-5.4.0-1063 - 5.4.0-1063.66 linux-kvm-tools-5.4.0-1063 - 5.4.0-1063.66 linux-headers-5.4.0-1063-kvm - 5.4.0-1063.66 linux-buildinfo-5.4.0-1063-kvm - 5.4.0-1063.66 linux-modules-5.4.0-1063-kvm - 5.4.0-1063.66 linux-tools-5.4.0-1063-kvm - 5.4.0-1063.66 linux-image-5.4.0-1063-kvm - 5.4.0-1063.66 No subscription required linux-image-5.4.0-1071-gke - 5.4.0-1071.76 linux-headers-5.4.0-1071-gke - 5.4.0-1071.76 linux-tools-5.4.0-1071-gke - 5.4.0-1071.76 linux-modules-extra-5.4.0-1071-gke - 5.4.0-1071.76 linux-image-unsigned-5.4.0-1071-gke - 5.4.0-1071.76 linux-buildinfo-5.4.0-1071-gke - 5.4.0-1071.76 linux-gke-headers-5.4.0-1071 - 5.4.0-1071.76 linux-modules-5.4.0-1071-gke - 5.4.0-1071.76 linux-gke-tools-5.4.0-1071 - 5.4.0-1071.76 No subscription required linux-headers-5.4.0-1071-oracle - 5.4.0-1071.77 linux-oracle-tools-5.4.0-1071 - 5.4.0-1071.77 linux-tools-5.4.0-1071-oracle - 5.4.0-1071.77 linux-modules-extra-5.4.0-1071-oracle - 5.4.0-1071.77 linux-buildinfo-5.4.0-1071-oracle - 5.4.0-1071.77 linux-image-unsigned-5.4.0-1071-oracle - 5.4.0-1071.77 linux-oracle-headers-5.4.0-1071 - 5.4.0-1071.77 linux-modules-5.4.0-1071-oracle - 5.4.0-1071.77 linux-image-5.4.0-1071-oracle - 5.4.0-1071.77 No subscription required linux-gcp-headers-5.4.0-1073 - 5.4.0-1073.78 linux-image-5.4.0-1073-aws - 5.4.0-1073.78 linux-modules-5.4.0-1073-aws - 5.4.0-1073.78 linux-cloud-tools-5.4.0-1073-aws - 5.4.0-1073.78 linux-headers-5.4.0-1073-aws - 5.4.0-1073.78 linux-image-unsigned-5.4.0-1073-gcp - 5.4.0-1073.78 linux-image-5.4.0-1073-gcp - 5.4.0-1073.78 linux-buildinfo-5.4.0-1073-aws - 5.4.0-1073.78 linux-aws-headers-5.4.0-1073 - 5.4.0-1073.78 linux-modules-extra-5.4.0-1073-aws - 5.4.0-1073.78 linux-aws-tools-5.4.0-1073 - 5.4.0-1073.78 linux-tools-5.4.0-1073-aws - 5.4.0-1073.78 linux-image-unsigned-5.4.0-1073-aws - 5.4.0-1073.78 linux-buildinfo-5.4.0-1073-gcp - 5.4.0-1073.78 linux-tools-5.4.0-1073-gcp - 5.4.0-1073.78 linux-aws-cloud-tools-5.4.0-1073 - 5.4.0-1073.78 linux-modules-extra-5.4.0-1073-gcp - 5.4.0-1073.78 linux-headers-5.4.0-1073-gcp - 5.4.0-1073.78 linux-modules-5.4.0-1073-gcp - 5.4.0-1073.78 linux-gcp-tools-5.4.0-1073 - 5.4.0-1073.78 No subscription required linux-azure-headers-5.4.0-1078 - 5.4.0-1078.81 linux-buildinfo-5.4.0-1078-azure - 5.4.0-1078.81 linux-cloud-tools-5.4.0-1078-azure - 5.4.0-1078.81 linux-headers-5.4.0-1078-azure - 5.4.0-1078.81 linux-tools-5.4.0-1078-azure - 5.4.0-1078.81 linux-image-unsigned-5.4.0-1078-azure - 5.4.0-1078.81 linux-modules-extra-5.4.0-1078-azure - 5.4.0-1078.81 linux-azure-cloud-tools-5.4.0-1078 - 5.4.0-1078.81 linux-image-5.4.0-1078-azure - 5.4.0-1078.81 linux-azure-tools-5.4.0-1078 - 5.4.0-1078.81 linux-modules-5.4.0-1078-azure - 5.4.0-1078.81 No subscription required linux-image-unsigned-5.4.0-1078-azure-fde - 5.4.0-1078.81+cvm1.1 linux-image-5.4.0-1078-azure-fde - 5.4.0-1078.81+cvm1.1 No subscription required linux-tools-common - 5.4.0-110.124 linux-headers-5.4.0-110-lowlatency - 5.4.0-110.124 linux-image-unsigned-5.4.0-110-lowlatency - 5.4.0-110.124 linux-cloud-tools-5.4.0-110 - 5.4.0-110.124 linux-tools-host - 5.4.0-110.124 linux-tools-5.4.0-110 - 5.4.0-110.124 linux-modules-5.4.0-110-generic - 5.4.0-110.124 linux-doc - 5.4.0-110.124 linux-buildinfo-5.4.0-110-generic-lpae - 5.4.0-110.124 linux-image-5.4.0-110-generic - 5.4.0-110.124 linux-cloud-tools-5.4.0-110-generic - 5.4.0-110.124 linux-tools-5.4.0-110-generic-lpae - 5.4.0-110.124 linux-libc-dev - 5.4.0-110.124 linux-source-5.4.0 - 5.4.0-110.124 linux-tools-5.4.0-110-generic - 5.4.0-110.124 linux-image-5.4.0-110-lowlatency - 5.4.0-110.124 linux-buildinfo-5.4.0-110-generic - 5.4.0-110.124 linux-image-5.4.0-110-generic-lpae - 5.4.0-110.124 linux-buildinfo-5.4.0-110-lowlatency - 5.4.0-110.124 linux-headers-5.4.0-110-generic-lpae - 5.4.0-110.124 linux-headers-5.4.0-110 - 5.4.0-110.124 linux-cloud-tools-5.4.0-110-lowlatency - 5.4.0-110.124 linux-modules-extra-5.4.0-110-generic - 5.4.0-110.124 linux-cloud-tools-common - 5.4.0-110.124 linux-modules-5.4.0-110-lowlatency - 5.4.0-110.124 linux-headers-5.4.0-110-generic - 5.4.0-110.124 linux-image-unsigned-5.4.0-110-generic - 5.4.0-110.124 linux-tools-5.4.0-110-lowlatency - 5.4.0-110.124 linux-modules-5.4.0-110-generic-lpae - 5.4.0-110.124 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1021.21 linux-image-ibm - 5.4.0.1021.21 linux-tools-ibm - 5.4.0.1021.21 linux-headers-ibm-lts-20.04 - 5.4.0.1021.21 linux-image-ibm-lts-20.04 - 5.4.0.1021.21 linux-ibm-lts-20.04 - 5.4.0.1021.21 linux-modules-extra-ibm - 5.4.0.1021.21 linux-ibm - 5.4.0.1021.21 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1021.21 linux-headers-ibm - 5.4.0.1021.21 No subscription required linux-cloud-tools-gkeop-5.4 - 5.4.0.1040.43 linux-image-gkeop - 5.4.0.1040.43 linux-gkeop-5.4 - 5.4.0.1040.43 linux-headers-gkeop - 5.4.0.1040.43 linux-image-gkeop-5.4 - 5.4.0.1040.43 linux-gkeop - 5.4.0.1040.43 linux-cloud-tools-gkeop - 5.4.0.1040.43 linux-modules-extra-gkeop-5.4 - 5.4.0.1040.43 linux-headers-gkeop-5.4 - 5.4.0.1040.43 linux-modules-extra-gkeop - 5.4.0.1040.43 linux-tools-gkeop - 5.4.0.1040.43 linux-tools-gkeop-5.4 - 5.4.0.1040.43 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1060.94 linux-raspi2 - 5.4.0.1060.94 linux-image-raspi-hwe-18.04 - 5.4.0.1060.94 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1060.94 linux-tools-raspi - 5.4.0.1060.94 linux-headers-raspi-hwe-18.04 - 5.4.0.1060.94 linux-headers-raspi2-hwe-18.04 - 5.4.0.1060.94 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1060.94 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1060.94 linux-headers-raspi - 5.4.0.1060.94 linux-image-raspi2-hwe-18.04 - 5.4.0.1060.94 linux-raspi2-hwe-18.04-edge - 5.4.0.1060.94 linux-raspi-hwe-18.04 - 5.4.0.1060.94 linux-tools-raspi2-hwe-18.04 - 5.4.0.1060.94 linux-raspi2-hwe-18.04 - 5.4.0.1060.94 linux-image-raspi-hwe-18.04-edge - 5.4.0.1060.94 linux-image-raspi2 - 5.4.0.1060.94 linux-tools-raspi-hwe-18.04 - 5.4.0.1060.94 linux-raspi-hwe-18.04-edge - 5.4.0.1060.94 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1060.94 linux-image-raspi - 5.4.0.1060.94 linux-tools-raspi2 - 5.4.0.1060.94 linux-raspi - 5.4.0.1060.94 linux-headers-raspi2 - 5.4.0.1060.94 No subscription required linux-kvm - 5.4.0.1063.62 linux-headers-kvm - 5.4.0.1063.62 linux-image-kvm - 5.4.0.1063.62 linux-tools-kvm - 5.4.0.1063.62 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1071.71 linux-headers-oracle-lts-20.04 - 5.4.0.1071.71 linux-oracle-lts-20.04 - 5.4.0.1071.71 linux-image-oracle-lts-20.04 - 5.4.0.1071.71 No subscription required linux-modules-extra-gke - 5.4.0.1071.80 linux-headers-gke-5.4 - 5.4.0.1071.80 linux-tools-gke-5.4 - 5.4.0.1071.80 linux-modules-extra-gke-5.4 - 5.4.0.1071.80 linux-gke-5.4 - 5.4.0.1071.80 linux-tools-gke - 5.4.0.1071.80 linux-gke - 5.4.0.1071.80 linux-headers-gke - 5.4.0.1071.80 linux-image-gke - 5.4.0.1071.80 linux-image-gke-5.4 - 5.4.0.1071.80 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1073.75 linux-headers-aws-lts-20.04 - 5.4.0.1073.75 linux-tools-aws-lts-20.04 - 5.4.0.1073.75 linux-modules-extra-aws-lts-20.04 - 5.4.0.1073.75 linux-aws-lts-20.04 - 5.4.0.1073.75 No subscription required linux-headers-gcp-lts-20.04 - 5.4.0.1073.81 linux-tools-gcp-lts-20.04 - 5.4.0.1073.81 linux-gcp-lts-20.04 - 5.4.0.1073.81 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1073.81 linux-image-gcp-lts-20.04 - 5.4.0.1073.81 No subscription required linux-azure-lts-20.04 - 5.4.0.1078.76 linux-image-azure-lts-20.04 - 5.4.0.1078.76 linux-headers-azure-lts-20.04 - 5.4.0.1078.76 linux-modules-extra-azure-lts-20.04 - 5.4.0.1078.76 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1078.76 linux-tools-azure-lts-20.04 - 5.4.0.1078.76 No subscription required linux-image-azure-fde - 5.4.0.1078.81+cvm1.22 linux-tools-azure-fde - 5.4.0.1078.81+cvm1.22 linux-azure-fde - 5.4.0.1078.81+cvm1.22 linux-cloud-tools-azure-fde - 5.4.0.1078.81+cvm1.22 linux-modules-extra-azure-fde - 5.4.0.1078.81+cvm1.22 linux-headers-azure-fde - 5.4.0.1078.81+cvm1.22 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.110.114 linux-cloud-tools-virtual - 5.4.0.110.114 linux-image-generic-hwe-18.04 - 5.4.0.110.114 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.110.114 linux-image-virtual - 5.4.0.110.114 linux-cloud-tools-lowlatency - 5.4.0.110.114 linux-image-generic - 5.4.0.110.114 linux-image-oem - 5.4.0.110.114 linux-image-lowlatency-hwe-18.04 - 5.4.0.110.114 linux-headers-lowlatency-hwe-18.04 - 5.4.0.110.114 linux-generic-lpae - 5.4.0.110.114 linux-lowlatency-hwe-18.04-edge - 5.4.0.110.114 linux-image-extra-virtual-hwe-18.04 - 5.4.0.110.114 linux-oem - 5.4.0.110.114 linux-image-oem-osp1 - 5.4.0.110.114 linux-image-generic-lpae-hwe-18.04 - 5.4.0.110.114 linux-crashdump - 5.4.0.110.114 linux-generic-lpae-hwe-18.04-edge - 5.4.0.110.114 linux-tools-lowlatency-hwe-18.04 - 5.4.0.110.114 linux-headers-generic-hwe-18.04 - 5.4.0.110.114 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.110.114 linux-headers-virtual-hwe-18.04-edge - 5.4.0.110.114 linux-headers-generic-lpae - 5.4.0.110.114 linux-source - 5.4.0.110.114 linux-tools-virtual-hwe-18.04-edge - 5.4.0.110.114 linux-tools-generic-lpae - 5.4.0.110.114 linux-cloud-tools-generic - 5.4.0.110.114 linux-virtual - 5.4.0.110.114 linux-headers-virtual-hwe-18.04 - 5.4.0.110.114 linux-virtual-hwe-18.04 - 5.4.0.110.114 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.110.114 linux-tools-virtual - 5.4.0.110.114 linux-tools-oem - 5.4.0.110.114 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.110.114 linux-headers-oem - 5.4.0.110.114 linux-generic - 5.4.0.110.114 linux-tools-oem-osp1 - 5.4.0.110.114 linux-tools-generic-hwe-18.04-edge - 5.4.0.110.114 linux-image-virtual-hwe-18.04-edge - 5.4.0.110.114 linux-image-virtual-hwe-18.04 - 5.4.0.110.114 linux-lowlatency-hwe-18.04 - 5.4.0.110.114 linux-headers-lowlatency - 5.4.0.110.114 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.110.114 linux-image-generic-hwe-18.04-edge - 5.4.0.110.114 linux-generic-hwe-18.04-edge - 5.4.0.110.114 linux-generic-hwe-18.04 - 5.4.0.110.114 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.110.114 linux-tools-generic - 5.4.0.110.114 linux-image-extra-virtual - 5.4.0.110.114 linux-oem-tools-host - 5.4.0.110.114 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.110.114 linux-oem-osp1-tools-host - 5.4.0.110.114 linux-headers-oem-osp1 - 5.4.0.110.114 linux-generic-lpae-hwe-18.04 - 5.4.0.110.114 linux-headers-generic-hwe-18.04-edge - 5.4.0.110.114 linux-headers-generic - 5.4.0.110.114 linux-oem-osp1 - 5.4.0.110.114 linux-tools-generic-hwe-18.04 - 5.4.0.110.114 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.110.114 linux-tools-lowlatency - 5.4.0.110.114 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.110.114 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.110.114 linux-virtual-hwe-18.04-edge - 5.4.0.110.114 linux-headers-virtual - 5.4.0.110.114 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.110.114 linux-tools-virtual-hwe-18.04 - 5.4.0.110.114 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.110.114 linux-image-generic-lpae - 5.4.0.110.114 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.110.114 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.110.114 linux-lowlatency - 5.4.0.110.114 linux-image-lowlatency - 5.4.0.110.114 No subscription required Medium CVE-2020-27820 CVE-2021-26401 CVE-2022-1016 CVE-2022-20008 CVE-2022-25258 CVE-2022-25375 CVE-2022-26490 CVE-2022-27223 Ubuntu 20.04 LTS Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. (CVE-2022-1158) It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1516) It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-28388) It was discovered that the Microchip CAN BUS Analyzer interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-28389) It was discovered that the EMS CAN/USB interface implementation in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-28390) Update Instructions: Run `sudo pro fix USN-5416-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.14.0-1036-oem - 5.14.0-1036.40 linux-image-unsigned-5.14.0-1036-oem - 5.14.0-1036.40 linux-tools-5.14.0-1036-oem - 5.14.0-1036.40 linux-headers-5.14.0-1036-oem - 5.14.0-1036.40 linux-buildinfo-5.14.0-1036-oem - 5.14.0-1036.40 linux-modules-5.14.0-1036-oem - 5.14.0-1036.40 linux-oem-5.14-headers-5.14.0-1036 - 5.14.0-1036.40 linux-oem-5.14-tools-5.14.0-1036 - 5.14.0-1036.40 linux-oem-5.14-tools-host - 5.14.0-1036.40 No subscription required linux-image-oem-20.04c - 5.14.0.1036.33 linux-image-oem-20.04b - 5.14.0.1036.33 linux-image-oem-20.04d - 5.14.0.1036.33 linux-headers-oem-20.04 - 5.14.0.1036.33 linux-tools-oem-20.04c - 5.14.0.1036.33 linux-tools-oem-20.04b - 5.14.0.1036.33 linux-oem-20.04 - 5.14.0.1036.33 linux-image-oem-20.04 - 5.14.0.1036.33 linux-oem-20.04d - 5.14.0.1036.33 linux-oem-20.04c - 5.14.0.1036.33 linux-oem-20.04b - 5.14.0.1036.33 linux-tools-oem-20.04d - 5.14.0.1036.33 linux-headers-oem-20.04b - 5.14.0.1036.33 linux-headers-oem-20.04c - 5.14.0.1036.33 linux-headers-oem-20.04d - 5.14.0.1036.33 linux-tools-oem-20.04 - 5.14.0.1036.33 No subscription required Medium CVE-2022-1158 CVE-2022-1516 CVE-2022-28388 CVE-2022-28389 CVE-2022-28390 Ubuntu 20.04 LTS Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-26401) It was discovered that the MMC/SD subsystem in the Linux kernel did not properly handle read errors from SD cards in certain situations. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-20008) It was discovered that the USB gadget subsystem in the Linux kernel did not properly validate interface descriptor requests. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-25258) It was discovered that the Remote NDIS (RNDIS) USB gadget implementation in the Linux kernel did not properly validate the size of the RNDIS_MSG_SET command. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-25375) It was discovered that the ST21NFCA NFC driver in the Linux kernel did not properly validate the size of certain data in EVT_TRANSACTION events. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-26490) It was discovered that the USB SR9700 ethernet device driver for the Linux kernel did not properly validate the length of requests from the device. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-26966) It was discovered that the Xilinx USB2 device gadget driver in the Linux kernel did not properly validate endpoint indices from the host. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-27223) Miaoqian Lin discovered that the RDMA Transport (RTRS) client implementation in the Linux kernel contained a double-free when handling certain error conditions. An attacker could use this to cause a denial of service (system crash). (CVE-2022-29156) Update Instructions: Run `sudo pro fix USN-5417-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.13-headers-5.13.0-1023 - 5.13.0-1023.25~20.04.1 linux-buildinfo-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-cloud-tools-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-image-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-aws-5.13-tools-5.13.0-1023 - 5.13.0-1023.25~20.04.1 linux-image-unsigned-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-modules-extra-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-headers-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-modules-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1023 - 5.13.0-1023.25~20.04.1 linux-tools-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 No subscription required linux-modules-extra-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-buildinfo-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1023 - 5.13.0-1023.27~20.04.1 linux-image-unsigned-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-modules-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-headers-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-cloud-tools-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-tools-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-image-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-azure-5.13-tools-5.13.0-1023 - 5.13.0-1023.27~20.04.1 linux-azure-5.13-headers-5.13.0-1023 - 5.13.0-1023.27~20.04.1 No subscription required linux-modules-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 linux-buildinfo-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 linux-gcp-5.13-tools-5.13.0-1025 - 5.13.0-1025.30~20.04.1 linux-image-unsigned-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 linux-modules-extra-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 linux-gcp-5.13-headers-5.13.0-1025 - 5.13.0-1025.30~20.04.1 linux-headers-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 linux-image-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 linux-tools-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 No subscription required linux-hwe-5.13-cloud-tools-common - 5.13.0-41.46~20.04.1 linux-modules-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-image-unsigned-5.13.0-41-generic-64k - 5.13.0-41.46~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-41.46~20.04.1 linux-cloud-tools-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-image-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-tools-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-tools-5.13.0-41-generic-lpae - 5.13.0-41.46~20.04.1 linux-modules-5.13.0-41-generic-64k - 5.13.0-41.46~20.04.1 linux-modules-extra-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-buildinfo-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-41 - 5.13.0-41.46~20.04.1 linux-buildinfo-5.13.0-41-generic-64k - 5.13.0-41.46~20.04.1 linux-image-5.13.0-41-generic-64k - 5.13.0-41.46~20.04.1 linux-headers-5.13.0-41-generic-64k - 5.13.0-41.46~20.04.1 linux-headers-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-modules-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-image-unsigned-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-41.46~20.04.1 linux-buildinfo-5.13.0-41-generic-lpae - 5.13.0-41.46~20.04.1 linux-image-5.13.0-41-generic-lpae - 5.13.0-41.46~20.04.1 linux-tools-5.13.0-41-generic-64k - 5.13.0-41.46~20.04.1 linux-headers-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-image-unsigned-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-hwe-5.13-headers-5.13.0-41 - 5.13.0-41.46~20.04.1 linux-headers-5.13.0-41-generic-lpae - 5.13.0-41.46~20.04.1 linux-buildinfo-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-tools-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-cloud-tools-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-image-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-modules-5.13.0-41-generic-lpae - 5.13.0-41.46~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-41.46~20.04.1 linux-hwe-5.13-tools-5.13.0-41 - 5.13.0-41.46~20.04.1 No subscription required linux-headers-aws - 5.13.0.1023.25~20.04.16 linux-image-aws - 5.13.0.1023.25~20.04.16 linux-modules-extra-aws-edge - 5.13.0.1023.25~20.04.16 linux-image-aws-edge - 5.13.0.1023.25~20.04.16 linux-aws-edge - 5.13.0.1023.25~20.04.16 linux-aws - 5.13.0.1023.25~20.04.16 linux-headers-aws-edge - 5.13.0.1023.25~20.04.16 linux-modules-extra-aws - 5.13.0.1023.25~20.04.16 linux-tools-aws - 5.13.0.1023.25~20.04.16 linux-tools-aws-edge - 5.13.0.1023.25~20.04.16 No subscription required linux-tools-azure-edge - 5.13.0.1023.27~20.04.12 linux-cloud-tools-azure - 5.13.0.1023.27~20.04.12 linux-tools-azure - 5.13.0.1023.27~20.04.12 linux-image-azure-edge - 5.13.0.1023.27~20.04.12 linux-cloud-tools-azure-edge - 5.13.0.1023.27~20.04.12 linux-modules-extra-azure - 5.13.0.1023.27~20.04.12 linux-azure - 5.13.0.1023.27~20.04.12 linux-image-azure - 5.13.0.1023.27~20.04.12 linux-headers-azure-edge - 5.13.0.1023.27~20.04.12 linux-azure-edge - 5.13.0.1023.27~20.04.12 linux-modules-extra-azure-edge - 5.13.0.1023.27~20.04.12 linux-headers-azure - 5.13.0.1023.27~20.04.12 No subscription required linux-modules-extra-gcp-edge - 5.13.0.1025.30~20.04.1 linux-image-gcp-edge - 5.13.0.1025.30~20.04.1 linux-tools-gcp-edge - 5.13.0.1025.30~20.04.1 linux-headers-gcp-edge - 5.13.0.1025.30~20.04.1 linux-modules-extra-gcp - 5.13.0.1025.30~20.04.1 linux-tools-gcp - 5.13.0.1025.30~20.04.1 linux-gcp - 5.13.0.1025.30~20.04.1 linux-headers-gcp - 5.13.0.1025.30~20.04.1 linux-image-gcp - 5.13.0.1025.30~20.04.1 linux-gcp-edge - 5.13.0.1025.30~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-headers-generic-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-tools-lowlatency-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-tools-generic-64k-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-headers-lowlatency-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-image-extra-virtual-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-image-lowlatency-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-virtual-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-image-generic-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-headers-generic-64k-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-generic-lpae-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-tools-generic-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-image-virtual-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-generic-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-image-generic-lpae-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-tools-virtual-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-lowlatency-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-generic-64k-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-image-generic-64k-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-headers-virtual-hwe-20.04 - 5.13.0.41.46~20.04.26 No subscription required Medium CVE-2021-26401 CVE-2022-20008 CVE-2022-25258 CVE-2022-25375 CVE-2022-26490 CVE-2022-26966 CVE-2022-27223 CVE-2022-29156 Ubuntu 20.04 LTS It was discovered that LibTIFF incorrectly handled certain images. An attacker could possibly use this issue to cause a crash, resulting in a denial of service. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-35522) Chintan Shah discovered that LibTIFF incorrectly handled memory when handling certain images. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-0561, CVE-2022-0562, CVE-2022-0891) It was discovered that LibTIFF incorrectly handled certain images. An attacker could possibly use this issue to cause a crash, resulting in a denial of service. This issue only affects Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2022-0865) Update Instructions: Run `sudo pro fix USN-5421-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.3 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.3 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.3 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.3 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.3 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.3 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.3 No subscription required Medium CVE-2020-35522 CVE-2022-0561 CVE-2022-0562 CVE-2022-0865 CVE-2022-0891 Ubuntu 20.04 LTS Shinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. (CVE-2022-23308) It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-29824) Update Instructions: Run `sudo pro fix USN-5422-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.3 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.3 libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.3 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.3 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.3 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.3 No subscription required Medium CVE-2022-23308 CVE-2022-29824 Ubuntu 20.04 LTS Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20770) Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20771) Michał Dardas discovered that ClamAV incorrectly handled parsing HTML files. A remote attacker could possibly use this issue to cause ClamAV to consume resources, resulting in a denial of service. (CVE-2022-20785) Michał Dardas discovered that ClamAV incorrectly handled loading the signature database. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-20792) Alexander Patrakov and Antoine Gatineau discovered that ClamAV incorrectly handled the scan verdict cache check. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.(CVE-2022-20796) Update Instructions: Run `sudo pro fix USN-5423-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav-base - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.103.6+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.103.6+dfsg-0ubuntu0.20.04.1 clamdscan - 0.103.6+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-20770 CVE-2022-20771 CVE-2022-20785 CVE-2022-20792 CVE-2022-20796 Ubuntu 20.04 LTS It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database. Update Instructions: Run `sudo pro fix USN-5424-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.9 libldap-common - 2.4.49+dfsg-2ubuntu1.9 slapd-contrib - 2.4.49+dfsg-2ubuntu1.9 slapi-dev - 2.4.49+dfsg-2ubuntu1.9 ldap-utils - 2.4.49+dfsg-2ubuntu1.9 libldap2-dev - 2.4.49+dfsg-2ubuntu1.9 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.9 slapd - 2.4.49+dfsg-2ubuntu1.9 No subscription required Medium CVE-2022-29155 Ubuntu 20.04 LTS Yunho Kim discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information. This issue only affects Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 21.10 and Ubuntu 22.04 LTS. (CVE-2019-20838) It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to have unexpected behavior. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14155) Update Instructions: Run `sudo pro fix USN-5425-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pcregrep - 2:8.39-12ubuntu0.1 libpcre3-dev - 2:8.39-12ubuntu0.1 libpcre3 - 2:8.39-12ubuntu0.1 libpcrecpp0v5 - 2:8.39-12ubuntu0.1 libpcre16-3 - 2:8.39-12ubuntu0.1 libpcre32-3 - 2:8.39-12ubuntu0.1 No subscription required Low CVE-2019-20838 CVE-2020-14155 Ubuntu 20.04 LTS Jakub Wilk discovered that needrestart incorrectly used some regular expressions. A local attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5426-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: needrestart - 3.4-6ubuntu0.1 No subscription required Medium CVE-2022-30688 Ubuntu 20.04 LTS Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. (CVE-2021-3899) Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue to connect to arbitrary sockets as the root user. (CVE-2022-1242) Gerrit Venema discovered that Apport incorrectly handled user settings files. A local attacker could possibly use this issue to cause Apport to consume resources, leading to a denial of service. (CVE-2022-28652) Gerrit Venema discovered that Apport did not limit the amount of logging from D-Bus connections. A local attacker could possibly use this issue to fill up the Apport log file, leading to denial of service. (CVE-2022-28654) Gerrit Venema discovered that Apport did not filter D-Bus connection strings. A local attacker could possibly use this issue to cause Apport to make arbitrary network connections. (CVE-2022-28655) Gerrit Venema discovered that Apport did not limit the amount of memory being consumed during D-Bus connections. A local attacker could possibly use this issue to cause Apport to consume memory, leading to a denial of service. (CVE-2022-28656) Gerrit Venema discovered that Apport did not disable the python crash handler before chrooting into a container. A local attacker could possibly use this issue to execute arbitrary code. (CVE-2022-28657) Gerrit Venema discovered that Apport incorrectly handled filename argument whitespace. A local attacker could possibly use this issue to spoof arguments to the Apport daemon. (CVE-2022-28658) Update Instructions: Run `sudo pro fix USN-5427-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.24 apport-kde - 2.20.11-0ubuntu27.24 apport-retrace - 2.20.11-0ubuntu27.24 apport-valgrind - 2.20.11-0ubuntu27.24 python3-apport - 2.20.11-0ubuntu27.24 dh-apport - 2.20.11-0ubuntu27.24 apport-gtk - 2.20.11-0ubuntu27.24 apport - 2.20.11-0ubuntu27.24 apport-noui - 2.20.11-0ubuntu27.24 No subscription required Medium CVE-2021-3899 CVE-2022-1242 CVE-2022-28652 CVE-2022-28654 CVE-2022-28655 CVE-2022-28656 CVE-2022-28657 CVE-2022-28658 Ubuntu 20.04 LTS It was discovered that the methods of an Array object could be corrupted as a result of prototype pollution by sending a message to the parent process. If a user were tricked into opening a specially crafted website, an attacker could exploit this to execute JavaScript in a privileged context. Update Instructions: Run `sudo pro fix USN-5434-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 100.0.2+build1-0ubuntu0.20.04.1 firefox - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 100.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 100.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 100.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 100.0.2+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-1529 CVE-2022-1802 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass permission prompts, obtain sensitive information, bypass security restrictions, cause user confusion, or execute arbitrary code. (CVE-2022-29909, CVE-2022-29911, CVE-2022-29912, CVE-2022-29913, CVE-2022-29914, CVE-2022-29916, CVE-2022-29917) It was discovered that Thunderbird would show the wrong security status after viewing an attached message that is signed or encrypted. An attacker could potentially exploit this by tricking the user into trusting the authenticity of a message. (CVE-2022-1520) It was discovered that the methods of an Array object could be corrupted as a result of prototype pollution by sending a message to the parent process. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could exploit this to execute JavaScript in a privileged context. (CVE-2022-1529, CVE-2022-1802) Update Instructions: Run `sudo pro fix USN-5435-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:91.9.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:91.9.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:91.9.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:91.9.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-1520 CVE-2022-1529 CVE-2022-1802 CVE-2022-29909 CVE-2022-29911 CVE-2022-29912 CVE-2022-29913 CVE-2022-29914 CVE-2022-29916 CVE-2022-29917 Ubuntu 20.04 LTS It was discovered that HTMLDOC did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted HTML file, a remote attacker could possibly use this issue to cause HTMLDOC to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5438-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: htmldoc - 1.9.7-1ubuntu0.3 htmldoc-common - 1.9.7-1ubuntu0.3 No subscription required Medium CVE-2021-23165 Ubuntu 20.04 LTS Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user's objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser. Update Instructions: Run `sudo pro fix USN-5440-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.11-0ubuntu0.20.04.1 libpq-dev - 12.11-0ubuntu0.20.04.1 libecpg6 - 12.11-0ubuntu0.20.04.1 libpq5 - 12.11-0ubuntu0.20.04.1 libpgtypes3 - 12.11-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.11-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.11-0ubuntu0.20.04.1 libecpg-dev - 12.11-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.11-0ubuntu0.20.04.1 postgresql-doc-12 - 12.11-0ubuntu0.20.04.1 postgresql-12 - 12.11-0ubuntu0.20.04.1 postgresql-client-12 - 12.11-0ubuntu0.20.04.1 libecpg-compat3 - 12.11-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-1552 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5441-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.36.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.36.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.36.2-0ubuntu0.20.04.1 webkit2gtk-driver - 2.36.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.36.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.36.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.36.2-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.36.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.36.2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1975602 Ubuntu 20.04 LTS Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-29581) Bing-Jhong Billy Jheng discovered that the io_uring subsystem in the Linux kernel contained in integer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1116) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions. (CVE-2022-30594) Update Instructions: Run `sudo pro fix USN-5442-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1023 - 5.4.0-1023.25 linux-headers-5.4.0-1023-ibm - 5.4.0-1023.25 linux-tools-5.4.0-1023-ibm - 5.4.0-1023.25 linux-buildinfo-5.4.0-1023-ibm - 5.4.0-1023.25 linux-modules-extra-5.4.0-1023-ibm - 5.4.0-1023.25 linux-ibm-tools-common - 5.4.0-1023.25 linux-ibm-tools-5.4.0-1023 - 5.4.0-1023.25 linux-modules-5.4.0-1023-ibm - 5.4.0-1023.25 linux-ibm-source-5.4.0 - 5.4.0-1023.25 linux-ibm-cloud-tools-common - 5.4.0-1023.25 linux-image-unsigned-5.4.0-1023-ibm - 5.4.0-1023.25 linux-image-5.4.0-1023-ibm - 5.4.0-1023.25 No subscription required linux-headers-5.4.0-1065-kvm - 5.4.0-1065.68 linux-buildinfo-5.4.0-1065-kvm - 5.4.0-1065.68 linux-kvm-headers-5.4.0-1065 - 5.4.0-1065.68 linux-kvm-tools-5.4.0-1065 - 5.4.0-1065.68 linux-image-5.4.0-1065-kvm - 5.4.0-1065.68 linux-image-unsigned-5.4.0-1065-kvm - 5.4.0-1065.68 linux-tools-5.4.0-1065-kvm - 5.4.0-1065.68 linux-modules-5.4.0-1065-kvm - 5.4.0-1065.68 No subscription required linux-image-unsigned-5.4.0-1072-gke - 5.4.0-1072.77 linux-image-5.4.0-1072-gke - 5.4.0-1072.77 linux-modules-5.4.0-1072-gke - 5.4.0-1072.77 linux-headers-5.4.0-1072-gke - 5.4.0-1072.77 linux-tools-5.4.0-1072-gke - 5.4.0-1072.77 linux-buildinfo-5.4.0-1072-gke - 5.4.0-1072.77 linux-modules-extra-5.4.0-1072-gke - 5.4.0-1072.77 linux-gke-tools-5.4.0-1072 - 5.4.0-1072.77 linux-gke-headers-5.4.0-1072 - 5.4.0-1072.77 No subscription required linux-gcp-headers-5.4.0-1075 - 5.4.0-1075.80 linux-aws-headers-5.4.0-1075 - 5.4.0-1075.80 linux-modules-5.4.0-1075-aws - 5.4.0-1075.80 linux-image-5.4.0-1075-aws - 5.4.0-1075.80 linux-tools-5.4.0-1075-gcp - 5.4.0-1075.80 linux-image-5.4.0-1075-gcp - 5.4.0-1075.80 linux-buildinfo-5.4.0-1075-gcp - 5.4.0-1075.80 linux-aws-tools-5.4.0-1075 - 5.4.0-1075.80 linux-image-unsigned-5.4.0-1075-aws - 5.4.0-1075.80 linux-tools-5.4.0-1075-aws - 5.4.0-1075.80 linux-headers-5.4.0-1075-gcp - 5.4.0-1075.80 linux-modules-5.4.0-1075-gcp - 5.4.0-1075.80 linux-modules-extra-5.4.0-1075-gcp - 5.4.0-1075.80 linux-modules-extra-5.4.0-1075-aws - 5.4.0-1075.80 linux-cloud-tools-5.4.0-1075-aws - 5.4.0-1075.80 linux-headers-5.4.0-1075-aws - 5.4.0-1075.80 linux-aws-cloud-tools-5.4.0-1075 - 5.4.0-1075.80 linux-buildinfo-5.4.0-1075-aws - 5.4.0-1075.80 linux-image-unsigned-5.4.0-1075-gcp - 5.4.0-1075.80 linux-gcp-tools-5.4.0-1075 - 5.4.0-1075.80 No subscription required linux-azure-cloud-tools-5.4.0-1080 - 5.4.0-1080.83 linux-image-unsigned-5.4.0-1080-azure - 5.4.0-1080.83 linux-buildinfo-5.4.0-1080-azure - 5.4.0-1080.83 linux-headers-5.4.0-1080-azure - 5.4.0-1080.83 linux-cloud-tools-5.4.0-1080-azure - 5.4.0-1080.83 linux-azure-tools-5.4.0-1080 - 5.4.0-1080.83 linux-azure-headers-5.4.0-1080 - 5.4.0-1080.83 linux-tools-5.4.0-1080-azure - 5.4.0-1080.83 linux-modules-5.4.0-1080-azure - 5.4.0-1080.83 linux-image-5.4.0-1080-azure - 5.4.0-1080.83 linux-modules-extra-5.4.0-1080-azure - 5.4.0-1080.83 No subscription required linux-image-unsigned-5.4.0-1080-azure-fde - 5.4.0-1080.83+cvm1.1 linux-image-5.4.0-1080-azure-fde - 5.4.0-1080.83+cvm1.1 No subscription required linux-modules-5.4.0-113-lowlatency - 5.4.0-113.127 linux-tools-common - 5.4.0-113.127 linux-buildinfo-5.4.0-113-lowlatency - 5.4.0-113.127 linux-cloud-tools-5.4.0-113 - 5.4.0-113.127 linux-tools-5.4.0-113 - 5.4.0-113.127 linux-image-5.4.0-113-generic-lpae - 5.4.0-113.127 linux-doc - 5.4.0-113.127 linux-image-unsigned-5.4.0-113-lowlatency - 5.4.0-113.127 linux-image-5.4.0-113-generic - 5.4.0-113.127 linux-tools-5.4.0-113-generic - 5.4.0-113.127 linux-image-unsigned-5.4.0-113-generic - 5.4.0-113.127 linux-buildinfo-5.4.0-113-generic-lpae - 5.4.0-113.127 linux-libc-dev - 5.4.0-113.127 linux-source-5.4.0 - 5.4.0-113.127 linux-modules-5.4.0-113-generic - 5.4.0-113.127 linux-modules-5.4.0-113-generic-lpae - 5.4.0-113.127 linux-tools-5.4.0-113-generic-lpae - 5.4.0-113.127 linux-cloud-tools-5.4.0-113-generic - 5.4.0-113.127 linux-headers-5.4.0-113 - 5.4.0-113.127 linux-cloud-tools-5.4.0-113-lowlatency - 5.4.0-113.127 linux-modules-extra-5.4.0-113-generic - 5.4.0-113.127 linux-headers-5.4.0-113-lowlatency - 5.4.0-113.127 linux-tools-host - 5.4.0-113.127 linux-cloud-tools-common - 5.4.0-113.127 linux-buildinfo-5.4.0-113-generic - 5.4.0-113.127 linux-headers-5.4.0-113-generic - 5.4.0-113.127 linux-image-5.4.0-113-lowlatency - 5.4.0-113.127 linux-tools-5.4.0-113-lowlatency - 5.4.0-113.127 linux-headers-5.4.0-113-generic-lpae - 5.4.0-113.127 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1023.22 linux-image-ibm - 5.4.0.1023.22 linux-headers-ibm-lts-20.04 - 5.4.0.1023.22 linux-tools-ibm - 5.4.0.1023.22 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1023.22 linux-ibm-lts-20.04 - 5.4.0.1023.22 linux-image-ibm-lts-20.04 - 5.4.0.1023.22 linux-modules-extra-ibm - 5.4.0.1023.22 linux-ibm - 5.4.0.1023.22 linux-headers-ibm - 5.4.0.1023.22 No subscription required linux-kvm - 5.4.0.1065.64 linux-headers-kvm - 5.4.0.1065.64 linux-image-kvm - 5.4.0.1065.64 linux-tools-kvm - 5.4.0.1065.64 No subscription required linux-modules-extra-gke - 5.4.0.1072.81 linux-headers-gke-5.4 - 5.4.0.1072.81 linux-tools-gke-5.4 - 5.4.0.1072.81 linux-modules-extra-gke-5.4 - 5.4.0.1072.81 linux-gke-5.4 - 5.4.0.1072.81 linux-tools-gke - 5.4.0.1072.81 linux-gke - 5.4.0.1072.81 linux-headers-gke - 5.4.0.1072.81 linux-image-gke - 5.4.0.1072.81 linux-image-gke-5.4 - 5.4.0.1072.81 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1075.77 linux-tools-aws-lts-20.04 - 5.4.0.1075.77 linux-headers-aws-lts-20.04 - 5.4.0.1075.77 linux-aws-lts-20.04 - 5.4.0.1075.77 linux-image-aws-lts-20.04 - 5.4.0.1075.77 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1075.83 linux-gcp-lts-20.04 - 5.4.0.1075.83 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1075.83 linux-headers-gcp-lts-20.04 - 5.4.0.1075.83 linux-image-gcp-lts-20.04 - 5.4.0.1075.83 No subscription required linux-azure-lts-20.04 - 5.4.0.1080.79 linux-image-azure-lts-20.04 - 5.4.0.1080.79 linux-modules-extra-azure-lts-20.04 - 5.4.0.1080.79 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1080.79 linux-tools-azure-lts-20.04 - 5.4.0.1080.79 linux-headers-azure-lts-20.04 - 5.4.0.1080.79 No subscription required linux-image-azure-fde - 5.4.0.1080.83+cvm1.23 linux-tools-azure-fde - 5.4.0.1080.83+cvm1.23 linux-azure-fde - 5.4.0.1080.83+cvm1.23 linux-cloud-tools-azure-fde - 5.4.0.1080.83+cvm1.23 linux-modules-extra-azure-fde - 5.4.0.1080.83+cvm1.23 linux-headers-azure-fde - 5.4.0.1080.83+cvm1.23 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.113.117 linux-cloud-tools-virtual - 5.4.0.113.117 linux-image-generic-hwe-18.04 - 5.4.0.113.117 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.113.117 linux-headers-generic-lpae - 5.4.0.113.117 linux-oem-osp1-tools-host - 5.4.0.113.117 linux-image-generic - 5.4.0.113.117 linux-tools-lowlatency - 5.4.0.113.117 linux-image-oem - 5.4.0.113.117 linux-tools-virtual-hwe-18.04 - 5.4.0.113.117 linux-oem-osp1 - 5.4.0.113.117 linux-headers-lowlatency-hwe-18.04 - 5.4.0.113.117 linux-lowlatency-hwe-18.04-edge - 5.4.0.113.117 linux-image-extra-virtual-hwe-18.04 - 5.4.0.113.117 linux-image-generic-lpae-hwe-18.04 - 5.4.0.113.117 linux-crashdump - 5.4.0.113.117 linux-tools-lowlatency-hwe-18.04 - 5.4.0.113.117 linux-headers-generic-hwe-18.04 - 5.4.0.113.117 linux-headers-virtual-hwe-18.04-edge - 5.4.0.113.117 linux-lowlatency - 5.4.0.113.117 linux-tools-virtual-hwe-18.04-edge - 5.4.0.113.117 linux-tools-generic-lpae - 5.4.0.113.117 linux-oem - 5.4.0.113.117 linux-virtual - 5.4.0.113.117 linux-headers-virtual-hwe-18.04 - 5.4.0.113.117 linux-tools-generic - 5.4.0.113.117 linux-virtual-hwe-18.04-edge - 5.4.0.113.117 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.113.117 linux-tools-virtual - 5.4.0.113.117 linux-image-extra-virtual - 5.4.0.113.117 linux-generic-lpae-hwe-18.04-edge - 5.4.0.113.117 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.113.117 linux-generic-lpae - 5.4.0.113.117 linux-headers-oem - 5.4.0.113.117 linux-generic - 5.4.0.113.117 linux-tools-oem-osp1 - 5.4.0.113.117 linux-image-virtual - 5.4.0.113.117 linux-tools-generic-hwe-18.04-edge - 5.4.0.113.117 linux-image-virtual-hwe-18.04-edge - 5.4.0.113.117 linux-image-virtual-hwe-18.04 - 5.4.0.113.117 linux-lowlatency-hwe-18.04 - 5.4.0.113.117 linux-oem-tools-host - 5.4.0.113.117 linux-headers-lowlatency - 5.4.0.113.117 linux-image-generic-hwe-18.04-edge - 5.4.0.113.117 linux-generic-hwe-18.04-edge - 5.4.0.113.117 linux-tools-generic-hwe-18.04 - 5.4.0.113.117 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.113.117 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.113.117 linux-source - 5.4.0.113.117 linux-cloud-tools-generic - 5.4.0.113.117 linux-image-oem-osp1 - 5.4.0.113.117 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.113.117 linux-cloud-tools-lowlatency - 5.4.0.113.117 linux-tools-oem - 5.4.0.113.117 linux-headers-oem-osp1 - 5.4.0.113.117 linux-virtual-hwe-18.04 - 5.4.0.113.117 linux-generic-lpae-hwe-18.04 - 5.4.0.113.117 linux-headers-generic-hwe-18.04-edge - 5.4.0.113.117 linux-headers-generic - 5.4.0.113.117 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.113.117 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.113.117 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.113.117 linux-image-lowlatency-hwe-18.04 - 5.4.0.113.117 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.113.117 linux-headers-virtual - 5.4.0.113.117 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.113.117 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.113.117 linux-generic-hwe-18.04 - 5.4.0.113.117 linux-image-generic-lpae - 5.4.0.113.117 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.113.117 linux-image-lowlatency - 5.4.0.113.117 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.113.117 No subscription required High CVE-2022-1116 CVE-2022-29581 CVE-2022-30594 Ubuntu 20.04 LTS Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-29581) Bing-Jhong Billy Jheng discovered that the io_uring subsystem in the Linux kernel contained in integer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1116) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions. (CVE-2022-30594) Update Instructions: Run `sudo pro fix USN-5442-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1036-bluefield - 5.4.0-1036.39 linux-bluefield-headers-5.4.0-1036 - 5.4.0-1036.39 linux-headers-5.4.0-1036-bluefield - 5.4.0-1036.39 linux-modules-5.4.0-1036-bluefield - 5.4.0-1036.39 linux-bluefield-tools-5.4.0-1036 - 5.4.0-1036.39 linux-tools-5.4.0-1036-bluefield - 5.4.0-1036.39 linux-buildinfo-5.4.0-1036-bluefield - 5.4.0-1036.39 linux-image-5.4.0-1036-bluefield - 5.4.0-1036.39 No subscription required linux-headers-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-modules-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-image-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-gkeop-source-5.4.0 - 5.4.0-1043.44 linux-tools-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-image-unsigned-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-buildinfo-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-gkeop-headers-5.4.0-1043 - 5.4.0-1043.44 linux-cloud-tools-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-gkeop-tools-5.4.0-1043 - 5.4.0-1043.44 linux-modules-extra-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-gkeop-cloud-tools-5.4.0-1043 - 5.4.0-1043.44 No subscription required linux-raspi-tools-5.4.0-1062 - 5.4.0-1062.70 linux-headers-5.4.0-1062-raspi - 5.4.0-1062.70 linux-tools-5.4.0-1062-raspi - 5.4.0-1062.70 linux-raspi-headers-5.4.0-1062 - 5.4.0-1062.70 linux-buildinfo-5.4.0-1062-raspi - 5.4.0-1062.70 linux-image-5.4.0-1062-raspi - 5.4.0-1062.70 linux-modules-5.4.0-1062-raspi - 5.4.0-1062.70 No subscription required linux-modules-extra-5.4.0-1073-oracle - 5.4.0-1073.79 linux-modules-5.4.0-1073-oracle - 5.4.0-1073.79 linux-oracle-headers-5.4.0-1073 - 5.4.0-1073.79 linux-oracle-tools-5.4.0-1073 - 5.4.0-1073.79 linux-image-unsigned-5.4.0-1073-oracle - 5.4.0-1073.79 linux-headers-5.4.0-1073-oracle - 5.4.0-1073.79 linux-tools-5.4.0-1073-oracle - 5.4.0-1073.79 linux-image-5.4.0-1073-oracle - 5.4.0-1073.79 linux-buildinfo-5.4.0-1073-oracle - 5.4.0-1073.79 No subscription required linux-image-bluefield - 5.4.0.1036.37 linux-headers-bluefield - 5.4.0.1036.37 linux-tools-bluefield - 5.4.0.1036.37 linux-bluefield - 5.4.0.1036.37 No subscription required linux-image-gkeop-5.4 - 5.4.0.1043.46 linux-headers-gkeop - 5.4.0.1043.46 linux-gkeop-5.4 - 5.4.0.1043.46 linux-cloud-tools-gkeop-5.4 - 5.4.0.1043.46 linux-image-gkeop - 5.4.0.1043.46 linux-modules-extra-gkeop-5.4 - 5.4.0.1043.46 linux-gkeop - 5.4.0.1043.46 linux-cloud-tools-gkeop - 5.4.0.1043.46 linux-tools-gkeop-5.4 - 5.4.0.1043.46 linux-modules-extra-gkeop - 5.4.0.1043.46 linux-tools-gkeop - 5.4.0.1043.46 linux-headers-gkeop-5.4 - 5.4.0.1043.46 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1062.96 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1062.96 linux-raspi-hwe-18.04-edge - 5.4.0.1062.96 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1062.96 linux-raspi-hwe-18.04 - 5.4.0.1062.96 linux-image-raspi2 - 5.4.0.1062.96 linux-tools-raspi - 5.4.0.1062.96 linux-image-raspi - 5.4.0.1062.96 linux-tools-raspi2-hwe-18.04 - 5.4.0.1062.96 linux-tools-raspi2 - 5.4.0.1062.96 linux-raspi2-hwe-18.04 - 5.4.0.1062.96 linux-raspi2 - 5.4.0.1062.96 linux-headers-raspi2-hwe-18.04 - 5.4.0.1062.96 linux-image-raspi-hwe-18.04-edge - 5.4.0.1062.96 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1062.96 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1062.96 linux-raspi - 5.4.0.1062.96 linux-headers-raspi2 - 5.4.0.1062.96 linux-headers-raspi - 5.4.0.1062.96 linux-image-raspi-hwe-18.04 - 5.4.0.1062.96 linux-headers-raspi-hwe-18.04 - 5.4.0.1062.96 linux-tools-raspi-hwe-18.04 - 5.4.0.1062.96 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1062.96 linux-image-raspi2-hwe-18.04 - 5.4.0.1062.96 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1073.73 linux-headers-oracle-lts-20.04 - 5.4.0.1073.73 linux-image-oracle-lts-20.04 - 5.4.0.1073.73 linux-oracle-lts-20.04 - 5.4.0.1073.73 No subscription required High CVE-2022-1116 CVE-2022-29581 CVE-2022-30594 Ubuntu 20.04 LTS Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-29581) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions. (CVE-2022-30594) Update Instructions: Run `sudo pro fix USN-5443-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.13-headers-5.13.0-1025 - 5.13.0-1025.27~20.04.1 linux-image-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-headers-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-tools-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-cloud-tools-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-modules-extra-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-buildinfo-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-modules-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-aws-5.13-tools-5.13.0-1025 - 5.13.0-1025.27~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1025 - 5.13.0-1025.27~20.04.1 linux-image-unsigned-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 No subscription required linux-buildinfo-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-modules-extra-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-image-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1025 - 5.13.0-1025.29~20.04.1 linux-tools-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-azure-5.13-tools-5.13.0-1025 - 5.13.0-1025.29~20.04.1 linux-modules-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-image-unsigned-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-azure-5.13-headers-5.13.0-1025 - 5.13.0-1025.29~20.04.1 linux-cloud-tools-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-headers-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 No subscription required linux-hwe-5.13-cloud-tools-common - 5.13.0-44.49~20.04.1 linux-tools-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-hwe-5.13-headers-5.13.0-44 - 5.13.0-44.49~20.04.1 linux-modules-5.13.0-44-generic-lpae - 5.13.0-44.49~20.04.1 linux-buildinfo-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-headers-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-image-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-image-unsigned-5.13.0-44-generic-64k - 5.13.0-44.49~20.04.1 linux-cloud-tools-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-modules-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-image-5.13.0-44-generic-lpae - 5.13.0-44.49~20.04.1 linux-image-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-headers-5.13.0-44-generic-64k - 5.13.0-44.49~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-44 - 5.13.0-44.49~20.04.1 linux-tools-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-headers-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-buildinfo-5.13.0-44-generic-lpae - 5.13.0-44.49~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-44.49~20.04.1 linux-image-unsigned-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-cloud-tools-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-modules-5.13.0-44-generic-64k - 5.13.0-44.49~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-44.49~20.04.1 linux-buildinfo-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-modules-extra-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-tools-5.13.0-44-generic-lpae - 5.13.0-44.49~20.04.1 linux-modules-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-image-5.13.0-44-generic-64k - 5.13.0-44.49~20.04.1 linux-image-unsigned-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-headers-5.13.0-44-generic-lpae - 5.13.0-44.49~20.04.1 linux-buildinfo-5.13.0-44-generic-64k - 5.13.0-44.49~20.04.1 linux-hwe-5.13-tools-5.13.0-44 - 5.13.0-44.49~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-44.49~20.04.1 linux-tools-5.13.0-44-generic-64k - 5.13.0-44.49~20.04.1 No subscription required linux-headers-aws - 5.13.0.1025.27~20.04.20 linux-image-aws - 5.13.0.1025.27~20.04.20 linux-aws - 5.13.0.1025.27~20.04.20 linux-modules-extra-aws - 5.13.0.1025.27~20.04.20 linux-tools-aws - 5.13.0.1025.27~20.04.20 No subscription required linux-cloud-tools-azure - 5.13.0.1025.29~20.04.15 linux-tools-azure - 5.13.0.1025.29~20.04.15 linux-modules-extra-azure - 5.13.0.1025.29~20.04.15 linux-azure - 5.13.0.1025.29~20.04.15 linux-image-azure - 5.13.0.1025.29~20.04.15 linux-headers-azure - 5.13.0.1025.29~20.04.15 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-headers-generic-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-headers-lowlatency-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-image-extra-virtual-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-image-lowlatency-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-virtual-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-headers-generic-64k-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-generic-lpae-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-generic-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-tools-generic-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-tools-lowlatency-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-image-generic-lpae-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-tools-virtual-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-image-generic-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-tools-generic-64k-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-lowlatency-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-generic-64k-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-image-generic-64k-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-image-virtual-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-headers-virtual-hwe-20.04 - 5.13.0.44.49~20.04.28 No subscription required High CVE-2022-29581 CVE-2022-30594 Ubuntu 20.04 LTS Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-29581) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions. (CVE-2022-30594) Update Instructions: Run `sudo pro fix USN-5443-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 linux-gcp-5.13-headers-5.13.0-1027 - 5.13.0-1027.32~20.04.1 linux-tools-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 linux-image-unsigned-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 linux-modules-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 linux-modules-extra-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 linux-headers-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 linux-gcp-5.13-tools-5.13.0-1027 - 5.13.0-1027.32~20.04.1 linux-image-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 No subscription required linux-oracle-5.13-headers-5.13.0-1030 - 5.13.0-1030.35~20.04.1 linux-buildinfo-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-tools-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-image-unsigned-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-headers-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-image-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-modules-extra-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-modules-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-oracle-5.13-tools-5.13.0-1030 - 5.13.0-1030.35~20.04.1 No subscription required linux-modules-extra-gcp - 5.13.0.1027.32~20.04.1 linux-tools-gcp - 5.13.0.1027.32~20.04.1 linux-headers-gcp - 5.13.0.1027.32~20.04.1 linux-gcp - 5.13.0.1027.32~20.04.1 linux-image-gcp - 5.13.0.1027.32~20.04.1 No subscription required linux-headers-oracle - 5.13.0.1030.35~20.04.1 linux-image-oracle - 5.13.0.1030.35~20.04.1 linux-tools-oracle - 5.13.0.1030.35~20.04.1 linux-oracle - 5.13.0.1030.35~20.04.1 No subscription required High CVE-2022-29581 CVE-2022-30594 Ubuntu 20.04 LTS Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5444-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.14.0-1038-oem - 5.14.0-1038.42 linux-buildinfo-5.14.0-1038-oem - 5.14.0-1038.42 linux-oem-5.14-headers-5.14.0-1038 - 5.14.0-1038.42 linux-modules-iwlwifi-5.14.0-1038-oem - 5.14.0-1038.42 linux-image-5.14.0-1038-oem - 5.14.0-1038.42 linux-headers-5.14.0-1038-oem - 5.14.0-1038.42 linux-image-unsigned-5.14.0-1038-oem - 5.14.0-1038.42 linux-oem-5.14-tools-5.14.0-1038 - 5.14.0-1038.42 linux-modules-5.14.0-1038-oem - 5.14.0-1038.42 linux-oem-5.14-tools-host - 5.14.0-1038.42 No subscription required linux-image-oem-20.04c - 5.14.0.1038.35 linux-image-oem-20.04b - 5.14.0.1038.35 linux-image-oem-20.04d - 5.14.0.1038.35 linux-tools-oem-20.04d - 5.14.0.1038.35 linux-tools-oem-20.04c - 5.14.0.1038.35 linux-tools-oem-20.04b - 5.14.0.1038.35 linux-oem-20.04 - 5.14.0.1038.35 linux-image-oem-20.04 - 5.14.0.1038.35 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1038.35 linux-oem-20.04d - 5.14.0.1038.35 linux-oem-20.04c - 5.14.0.1038.35 linux-oem-20.04b - 5.14.0.1038.35 linux-headers-oem-20.04 - 5.14.0.1038.35 linux-headers-oem-20.04b - 5.14.0.1038.35 linux-headers-oem-20.04c - 5.14.0.1038.35 linux-headers-oem-20.04d - 5.14.0.1038.35 linux-tools-oem-20.04 - 5.14.0.1038.35 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1038.35 No subscription required High CVE-2022-29581 Ubuntu 20.04 LTS Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-11782) Tomas Bortoli discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-0203) Thomas Åkesson discovered that Subversion incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-17525) Update Instructions: Run `sudo pro fix USN-5445-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsvn-dev - 1.13.0-3ubuntu0.2 ruby-svn - 1.13.0-3ubuntu0.2 subversion-tools - 1.13.0-3ubuntu0.2 libapache2-mod-svn - 1.13.0-3ubuntu0.2 python-subversion - 1.13.0-3ubuntu0.2 libsvn1 - 1.13.0-3ubuntu0.2 subversion - 1.13.0-3ubuntu0.2 libsvn-doc - 1.13.0-3ubuntu0.2 libsvn-java - 1.13.0-3ubuntu0.2 libsvn-perl - 1.13.0-3ubuntu0.2 No subscription required Medium CVE-2018-11782 CVE-2019-0203 CVE-2020-17525 Ubuntu 20.04 LTS Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system. Update Instructions: Run `sudo pro fix USN-5446-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dpkg-dev - 1.19.7ubuntu3.2 dselect - 1.19.7ubuntu3.2 dpkg - 1.19.7ubuntu3.2 libdpkg-dev - 1.19.7ubuntu3.2 libdpkg-perl - 1.19.7ubuntu3.2 No subscription required Medium CVE-2022-1664 Ubuntu 20.04 LTS Ilya Averyanov discovered that an InfluxDB vulnerability allowed attackers to bypass authentication and gain access to any known database user. Update Instructions: Run `sudo pro fix USN-5451-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-influxdb-influxdb-dev - 1.6.4-1+deb10u1build0.20.04.1 influxdb - 1.6.4-1+deb10u1build0.20.04.1 influxdb-client - 1.6.4-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2019-20933 Ubuntu 20.04 LTS Joshua Mason discovered that CUPS incorrectly handled the secret key used to access the administrative web interface. A remote attacker could possibly use this issue to open a session as an administrator and execute arbitrary code. (CVE-2022-26691) It was discovered that CUPS incorrectly handled certain memory operations when handling IPP printing. A remote attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-8842, CVE-2020-10001) Update Instructions: Run `sudo pro fix USN-5454-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcups2-dev - 2.3.1-9ubuntu1.2 cups-bsd - 2.3.1-9ubuntu1.2 cups-common - 2.3.1-9ubuntu1.2 cups-core-drivers - 2.3.1-9ubuntu1.2 cups-server-common - 2.3.1-9ubuntu1.2 libcupsimage2 - 2.3.1-9ubuntu1.2 cups-client - 2.3.1-9ubuntu1.2 cups-ipp-utils - 2.3.1-9ubuntu1.2 libcups2 - 2.3.1-9ubuntu1.2 cups-ppdc - 2.3.1-9ubuntu1.2 cups - 2.3.1-9ubuntu1.2 libcupsimage2-dev - 2.3.1-9ubuntu1.2 cups-daemon - 2.3.1-9ubuntu1.2 No subscription required Medium CVE-2019-8842 CVE-2020-10001 CVE-2022-26691 Ubuntu 20.04 LTS Tim Boddy, Gustavo Grieco and others discovered that Expat, that is integrated in xmltok library, incorrectly handled certain files. An attacker could possibly use these issues to cause a denial of service, or possibly execute arbitrary code. These issues were only addressed in Ubuntu 16.04 ESM. (CVE-2012-1148, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2018-20843, CVE-2019-15903, CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827) It was discovered that Expat, that is integrated in xmltok library, incorrectly handled encoding validation of certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-25235) It was discovered that Expat, that is integrated in xmltok library, incorrectly handled namespace URIs of certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-25236) Update Instructions: Run `sudo pro fix USN-5455-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxmltok1 - 1.2-4ubuntu0.20.04.1~esm1 libxmltok1-dev - 1.2-4ubuntu0.20.04.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2012-1148 CVE-2015-1283 CVE-2016-0718 CVE-2016-4472 CVE-2018-20843 CVE-2019-15903 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 CVE-2022-25235 CVE-2022-25236 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5457-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.36.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.36.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.36.3-0ubuntu0.20.04.1 webkit2gtk-driver - 2.36.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.36.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.36.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.36.3-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.36.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.36.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-26700 CVE-2022-26709 CVE-2022-26716 CVE-2022-26717 CVE-2022-26719 Ubuntu 20.04 LTS Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environments, a local attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14342) It was discovered that cifs-utils incorrectly used host credentials when mounting a krb5 CIFS file system from within a container. An attacker inside a container could possibly use this issue to obtain access to sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-20208) It was discovered that cifs-utils incorrectly handled certain command-line arguments. A local attacker could possibly use this issue to obtain root privileges. (CVE-2022-27239) It was discovered that cifs-utils incorrectly handled verbose logging. A local attacker could possibly use this issue to obtain sensitive information. (CVE-2022-29869) Update Instructions: Run `sudo pro fix USN-5459-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cifs-utils - 2:6.9-1ubuntu0.2 No subscription required Medium CVE-2020-14342 CVE-2021-20208 CVE-2022-27239 CVE-2022-29869 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled empty password values. A remote attacker could use this issue to bypass server authentication. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-24882) It was discovered that FreeRDP incorrectly handled server configurations with an invalid SAM file path. A remote attacker could use this issue to bypass server authentication. (CVE-2022-24883) Update Instructions: Run `sudo pro fix USN-5461-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 freerdp2-shadow-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.3 libfreerdp2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 freerdp2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.3 freerdp2-wayland - 2.2.0+dfsg1-0ubuntu0.20.04.3 libwinpr2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.3 libfreerdp-shadow2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 libuwac0-0 - 2.2.0+dfsg1-0ubuntu0.20.04.3 freerdp2-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.3 libwinpr2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 libwinpr-tools2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 libuwac0-dev - 2.2.0+dfsg1-0ubuntu0.20.04.3 libfreerdp-shadow-subsystem2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 libfreerdp-client2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 winpr-utils - 2.2.0+dfsg1-0ubuntu0.20.04.3 No subscription required Medium CVE-2022-24882 CVE-2022-24883 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-28738) It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2022-28739) Update Instructions: Run `sudo pro fix USN-5462-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.7 ruby2.7-doc - 2.7.0-5ubuntu1.7 ruby2.7-dev - 2.7.0-5ubuntu1.7 libruby2.7 - 2.7.0-5ubuntu1.7 No subscription required Medium CVE-2022-28738 CVE-2022-28739 Ubuntu 20.04 LTS It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-46790) Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to intercept protocol traffic between FUSE and the kernel. (CVE-2022-30783) It was discovered that NTFS-3G incorrectly handled certain NTFS disk images. If a user or automated system were tricked into mounting a specially crafted disk image, a remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-30784, CVE-2022-30786, CVE-2022-30788, CVE-2022-30789) Roman Fiedler discovered that NTFS-3G incorrectly handled certain file handles. A local attacker could possibly use this issue to read and write arbitrary memory. (CVE-2022-30785, CVE-2022-30787) Update Instructions: Run `sudo pro fix USN-5463-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ntfs-3g - 1:2017.3.23AR.3-3ubuntu1.2 libntfs-3g883 - 1:2017.3.23AR.3-3ubuntu1.2 ntfs-3g-dev - 1:2017.3.23AR.3-3ubuntu1.2 No subscription required Medium CVE-2021-46790 CVE-2022-30783 CVE-2022-30784 CVE-2022-30785 CVE-2022-30786 CVE-2022-30787 CVE-2022-30788 CVE-2022-30789 Ubuntu 20.04 LTS Nils Bars discovered that e2fsprogs incorrectly handled certain file systems. A local attacker could use this issue with a crafted file system image to possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5464-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libss2 - 1.45.5-2ubuntu1.1 e2fslibs-dev - 1.45.5-2ubuntu1.1 libcomerr2 - 1.45.5-2ubuntu1.1 libcom-err2 - 1.45.5-2ubuntu1.1 e2fsprogs - 1.45.5-2ubuntu1.1 e2fsck-static - 1.45.5-2ubuntu1.1 logsave - 1.45.5-2ubuntu1.1 e2fslibs - 1.45.5-2ubuntu1.1 e2fsprogs-l10n - 1.45.5-2ubuntu1.1 libext2fs-dev - 1.45.5-2ubuntu1.1 libext2fs2 - 1.45.5-2ubuntu1.1 fuse2fs - 1.45.5-2ubuntu1.1 No subscription required ss-dev - 2.0-1.45.5-2ubuntu1.1 No subscription required comerr-dev - 2.1-1.45.5-2ubuntu1.1 No subscription required Medium CVE-2022-1304 Ubuntu 20.04 LTS It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499) Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966) It was discovered that the SCTP protocol implementation in the Linux kernel did not properly verify VTAGs in some situations. A remote attacker could possibly use this to cause a denial of service (connection disassociation). (CVE-2021-3772) Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. (CVE-2021-4197) Jann Horn discovered that the FUSE file system in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1011) Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. (CVE-2022-1158) Duoming Zhou discovered that the 6pack protocol implementation in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-1198) It was discovered that the PF_KEYv2 implementation in the Linux kernel did not properly initialize kernel memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1353) It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1516) Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in the guest. (CVE-2022-23036, CVE-2022-23037, CVE-2022-23038, CVE-2022-23039, CVE-2022-23040, CVE-2022-23041, CVE-2022-23042) It was discovered that the USB Gadget file system interface in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-24958) It was discovered that the USB SR9700 ethernet device driver for the Linux kernel did not properly validate the length of requests from the device. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-26966) 赵子轩 discovered that the 802.2 LLC type 2 driver in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could use this to cause a denial of service. (CVE-2022-28356) It was discovered that the Microchip CAN BUS Analyzer interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-28389) It was discovered that the EMS CAN/USB interface implementation in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-28390) Update Instructions: Run `sudo pro fix USN-5467-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1026 - 5.4.0-1026.29 linux-modules-extra-5.4.0-1026-ibm - 5.4.0-1026.29 linux-image-5.4.0-1026-ibm - 5.4.0-1026.29 linux-headers-5.4.0-1026-ibm - 5.4.0-1026.29 linux-modules-5.4.0-1026-ibm - 5.4.0-1026.29 linux-tools-5.4.0-1026-ibm - 5.4.0-1026.29 linux-ibm-tools-5.4.0-1026 - 5.4.0-1026.29 linux-ibm-source-5.4.0 - 5.4.0-1026.29 linux-ibm-cloud-tools-common - 5.4.0-1026.29 linux-ibm-tools-common - 5.4.0-1026.29 linux-image-unsigned-5.4.0-1026-ibm - 5.4.0-1026.29 linux-buildinfo-5.4.0-1026-ibm - 5.4.0-1026.29 No subscription required linux-buildinfo-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-gkeop-cloud-tools-5.4.0-1046 - 5.4.0-1046.48 linux-gkeop-tools-5.4.0-1046 - 5.4.0-1046.48 linux-gkeop-source-5.4.0 - 5.4.0-1046.48 linux-headers-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-modules-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-tools-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-gkeop-headers-5.4.0-1046 - 5.4.0-1046.48 linux-image-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-cloud-tools-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-image-unsigned-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-modules-extra-5.4.0-1046-gkeop - 5.4.0-1046.48 No subscription required linux-raspi-headers-5.4.0-1065 - 5.4.0-1065.75 linux-raspi-tools-5.4.0-1065 - 5.4.0-1065.75 linux-image-5.4.0-1065-raspi - 5.4.0-1065.75 linux-modules-5.4.0-1065-raspi - 5.4.0-1065.75 linux-buildinfo-5.4.0-1065-raspi - 5.4.0-1065.75 linux-tools-5.4.0-1065-raspi - 5.4.0-1065.75 linux-headers-5.4.0-1065-raspi - 5.4.0-1065.75 No subscription required linux-headers-5.4.0-1068-kvm - 5.4.0-1068.72 linux-kvm-tools-5.4.0-1068 - 5.4.0-1068.72 linux-image-5.4.0-1068-kvm - 5.4.0-1068.72 linux-image-unsigned-5.4.0-1068-kvm - 5.4.0-1068.72 linux-modules-5.4.0-1068-kvm - 5.4.0-1068.72 linux-tools-5.4.0-1068-kvm - 5.4.0-1068.72 linux-kvm-headers-5.4.0-1068 - 5.4.0-1068.72 linux-buildinfo-5.4.0-1068-kvm - 5.4.0-1068.72 No subscription required linux-modules-5.4.0-1074-gke - 5.4.0-1074.79 linux-image-unsigned-5.4.0-1074-gke - 5.4.0-1074.79 linux-tools-5.4.0-1074-gke - 5.4.0-1074.79 linux-buildinfo-5.4.0-1074-gke - 5.4.0-1074.79 linux-image-5.4.0-1074-gke - 5.4.0-1074.79 linux-modules-extra-5.4.0-1074-gke - 5.4.0-1074.79 linux-gke-tools-5.4.0-1074 - 5.4.0-1074.79 linux-gke-headers-5.4.0-1074 - 5.4.0-1074.79 linux-headers-5.4.0-1074-gke - 5.4.0-1074.79 No subscription required linux-image-5.4.0-1076-oracle - 5.4.0-1076.83 linux-image-unsigned-5.4.0-1076-oracle - 5.4.0-1076.83 linux-buildinfo-5.4.0-1076-oracle - 5.4.0-1076.83 linux-headers-5.4.0-1076-oracle - 5.4.0-1076.83 linux-oracle-tools-5.4.0-1076 - 5.4.0-1076.83 linux-modules-extra-5.4.0-1076-oracle - 5.4.0-1076.83 linux-oracle-headers-5.4.0-1076 - 5.4.0-1076.83 linux-tools-5.4.0-1076-oracle - 5.4.0-1076.83 linux-modules-5.4.0-1076-oracle - 5.4.0-1076.83 No subscription required linux-gcp-headers-5.4.0-1078 - 5.4.0-1078.84 linux-buildinfo-5.4.0-1078-aws - 5.4.0-1078.84 linux-image-unsigned-5.4.0-1078-gcp - 5.4.0-1078.84 linux-tools-5.4.0-1078-gcp - 5.4.0-1078.84 linux-cloud-tools-5.4.0-1078-aws - 5.4.0-1078.84 linux-aws-headers-5.4.0-1078 - 5.4.0-1078.84 linux-headers-5.4.0-1078-aws - 5.4.0-1078.84 linux-image-5.4.0-1078-gcp - 5.4.0-1078.84 linux-modules-5.4.0-1078-gcp - 5.4.0-1078.84 linux-aws-tools-5.4.0-1078 - 5.4.0-1078.84 linux-tools-5.4.0-1078-aws - 5.4.0-1078.84 linux-buildinfo-5.4.0-1078-gcp - 5.4.0-1078.84 linux-modules-extra-5.4.0-1078-gcp - 5.4.0-1078.84 linux-headers-5.4.0-1078-gcp - 5.4.0-1078.84 linux-modules-extra-5.4.0-1078-aws - 5.4.0-1078.84 linux-image-unsigned-5.4.0-1078-aws - 5.4.0-1078.84 linux-image-5.4.0-1078-aws - 5.4.0-1078.84 linux-aws-cloud-tools-5.4.0-1078 - 5.4.0-1078.84 linux-gcp-tools-5.4.0-1078 - 5.4.0-1078.84 linux-modules-5.4.0-1078-aws - 5.4.0-1078.84 No subscription required linux-modules-5.4.0-1083-azure - 5.4.0-1083.87 linux-modules-extra-5.4.0-1083-azure - 5.4.0-1083.87 linux-headers-5.4.0-1083-azure - 5.4.0-1083.87 linux-image-5.4.0-1083-azure - 5.4.0-1083.87 linux-image-unsigned-5.4.0-1083-azure - 5.4.0-1083.87 linux-buildinfo-5.4.0-1083-azure - 5.4.0-1083.87 linux-tools-5.4.0-1083-azure - 5.4.0-1083.87 linux-azure-tools-5.4.0-1083 - 5.4.0-1083.87 linux-azure-headers-5.4.0-1083 - 5.4.0-1083.87 linux-azure-cloud-tools-5.4.0-1083 - 5.4.0-1083.87 linux-cloud-tools-5.4.0-1083-azure - 5.4.0-1083.87 No subscription required linux-image-5.4.0-1083-azure-fde - 5.4.0-1083.87+cvm1.1 linux-image-unsigned-5.4.0-1083-azure-fde - 5.4.0-1083.87+cvm1.1 No subscription required linux-tools-common - 5.4.0-117.132 linux-cloud-tools-5.4.0-117-lowlatency - 5.4.0-117.132 linux-tools-5.4.0-117-generic-lpae - 5.4.0-117.132 linux-tools-host - 5.4.0-117.132 linux-cloud-tools-5.4.0-117 - 5.4.0-117.132 linux-tools-5.4.0-117 - 5.4.0-117.132 linux-buildinfo-5.4.0-117-lowlatency - 5.4.0-117.132 linux-doc - 5.4.0-117.132 linux-headers-5.4.0-117-generic - 5.4.0-117.132 linux-modules-5.4.0-117-lowlatency - 5.4.0-117.132 linux-libc-dev - 5.4.0-117.132 linux-source-5.4.0 - 5.4.0-117.132 linux-tools-5.4.0-117-generic - 5.4.0-117.132 linux-headers-5.4.0-117-lowlatency - 5.4.0-117.132 linux-cloud-tools-5.4.0-117-generic - 5.4.0-117.132 linux-modules-extra-5.4.0-117-generic - 5.4.0-117.132 linux-image-5.4.0-117-generic-lpae - 5.4.0-117.132 linux-modules-5.4.0-117-generic-lpae - 5.4.0-117.132 linux-buildinfo-5.4.0-117-generic - 5.4.0-117.132 linux-image-unsigned-5.4.0-117-lowlatency - 5.4.0-117.132 linux-headers-5.4.0-117 - 5.4.0-117.132 linux-tools-5.4.0-117-lowlatency - 5.4.0-117.132 linux-image-5.4.0-117-generic - 5.4.0-117.132 linux-modules-5.4.0-117-generic - 5.4.0-117.132 linux-cloud-tools-common - 5.4.0-117.132 linux-image-5.4.0-117-lowlatency - 5.4.0-117.132 linux-image-unsigned-5.4.0-117-generic - 5.4.0-117.132 linux-buildinfo-5.4.0-117-generic-lpae - 5.4.0-117.132 linux-headers-5.4.0-117-generic-lpae - 5.4.0-117.132 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1026.24 linux-modules-extra-ibm - 5.4.0.1026.24 linux-image-ibm - 5.4.0.1026.24 linux-headers-ibm-lts-20.04 - 5.4.0.1026.24 linux-tools-ibm - 5.4.0.1026.24 linux-image-ibm-lts-20.04 - 5.4.0.1026.24 linux-ibm-lts-20.04 - 5.4.0.1026.24 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1026.24 linux-ibm - 5.4.0.1026.24 linux-headers-ibm - 5.4.0.1026.24 No subscription required linux-headers-gkeop - 5.4.0.1046.48 linux-cloud-tools-gkeop-5.4 - 5.4.0.1046.48 linux-image-gkeop - 5.4.0.1046.48 linux-gkeop-5.4 - 5.4.0.1046.48 linux-image-gkeop-5.4 - 5.4.0.1046.48 linux-tools-gkeop - 5.4.0.1046.48 linux-gkeop - 5.4.0.1046.48 linux-cloud-tools-gkeop - 5.4.0.1046.48 linux-modules-extra-gkeop-5.4 - 5.4.0.1046.48 linux-headers-gkeop-5.4 - 5.4.0.1046.48 linux-modules-extra-gkeop - 5.4.0.1046.48 linux-tools-gkeop-5.4 - 5.4.0.1046.48 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1065.98 linux-raspi2 - 5.4.0.1065.98 linux-headers-raspi2 - 5.4.0.1065.98 linux-image-raspi-hwe-18.04 - 5.4.0.1065.98 linux-image-raspi2-hwe-18.04 - 5.4.0.1065.98 linux-tools-raspi - 5.4.0.1065.98 linux-headers-raspi2-hwe-18.04 - 5.4.0.1065.98 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1065.98 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1065.98 linux-raspi2-hwe-18.04-edge - 5.4.0.1065.98 linux-raspi-hwe-18.04 - 5.4.0.1065.98 linux-tools-raspi2-hwe-18.04 - 5.4.0.1065.98 linux-raspi2-hwe-18.04 - 5.4.0.1065.98 linux-image-raspi-hwe-18.04-edge - 5.4.0.1065.98 linux-image-raspi2 - 5.4.0.1065.98 linux-tools-raspi-hwe-18.04 - 5.4.0.1065.98 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1065.98 linux-tools-raspi2 - 5.4.0.1065.98 linux-headers-raspi-hwe-18.04 - 5.4.0.1065.98 linux-raspi-hwe-18.04-edge - 5.4.0.1065.98 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1065.98 linux-headers-raspi - 5.4.0.1065.98 linux-image-raspi - 5.4.0.1065.98 linux-raspi - 5.4.0.1065.98 No subscription required linux-kvm - 5.4.0.1068.66 linux-headers-kvm - 5.4.0.1068.66 linux-image-kvm - 5.4.0.1068.66 linux-tools-kvm - 5.4.0.1068.66 No subscription required linux-modules-extra-gke - 5.4.0.1074.83 linux-modules-extra-gke-5.4 - 5.4.0.1074.83 linux-gke-5.4 - 5.4.0.1074.83 linux-gke - 5.4.0.1074.83 linux-headers-gke - 5.4.0.1074.83 linux-tools-gke - 5.4.0.1074.83 linux-headers-gke-5.4 - 5.4.0.1074.83 linux-image-gke-5.4 - 5.4.0.1074.83 linux-image-gke - 5.4.0.1074.83 linux-tools-gke-5.4 - 5.4.0.1074.83 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1076.75 linux-oracle-lts-20.04 - 5.4.0.1076.75 linux-tools-oracle-lts-20.04 - 5.4.0.1076.75 linux-image-oracle-lts-20.04 - 5.4.0.1076.75 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1078.79 linux-image-aws-lts-20.04 - 5.4.0.1078.79 linux-headers-aws-lts-20.04 - 5.4.0.1078.79 linux-tools-aws-lts-20.04 - 5.4.0.1078.79 linux-aws-lts-20.04 - 5.4.0.1078.79 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1078.85 linux-gcp-lts-20.04 - 5.4.0.1078.85 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1078.85 linux-headers-gcp-lts-20.04 - 5.4.0.1078.85 linux-image-gcp-lts-20.04 - 5.4.0.1078.85 No subscription required linux-azure-lts-20.04 - 5.4.0.1083.81 linux-image-azure-lts-20.04 - 5.4.0.1083.81 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1083.81 linux-modules-extra-azure-lts-20.04 - 5.4.0.1083.81 linux-tools-azure-lts-20.04 - 5.4.0.1083.81 linux-headers-azure-lts-20.04 - 5.4.0.1083.81 No subscription required linux-image-azure-fde - 5.4.0.1083.87+cvm1.24 linux-tools-azure-fde - 5.4.0.1083.87+cvm1.24 linux-azure-fde - 5.4.0.1083.87+cvm1.24 linux-cloud-tools-azure-fde - 5.4.0.1083.87+cvm1.24 linux-modules-extra-azure-fde - 5.4.0.1083.87+cvm1.24 linux-headers-azure-fde - 5.4.0.1083.87+cvm1.24 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.117.120 linux-cloud-tools-virtual - 5.4.0.117.120 linux-image-generic-hwe-18.04 - 5.4.0.117.120 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.117.120 linux-image-virtual - 5.4.0.117.120 linux-tools-generic-hwe-18.04 - 5.4.0.117.120 linux-oem-osp1-tools-host - 5.4.0.117.120 linux-image-generic - 5.4.0.117.120 linux-tools-lowlatency - 5.4.0.117.120 linux-image-oem - 5.4.0.117.120 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.117.120 linux-headers-lowlatency-hwe-18.04 - 5.4.0.117.120 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.117.120 linux-lowlatency-hwe-18.04-edge - 5.4.0.117.120 linux-image-extra-virtual-hwe-18.04 - 5.4.0.117.120 linux-image-oem-osp1 - 5.4.0.117.120 linux-image-generic-lpae-hwe-18.04 - 5.4.0.117.120 linux-crashdump - 5.4.0.117.120 linux-generic-lpae-hwe-18.04-edge - 5.4.0.117.120 linux-tools-lowlatency-hwe-18.04 - 5.4.0.117.120 linux-headers-generic-hwe-18.04 - 5.4.0.117.120 linux-headers-virtual-hwe-18.04-edge - 5.4.0.117.120 linux-headers-generic-lpae - 5.4.0.117.120 linux-source - 5.4.0.117.120 linux-lowlatency - 5.4.0.117.120 linux-tools-virtual-hwe-18.04-edge - 5.4.0.117.120 linux-tools-generic-lpae - 5.4.0.117.120 linux-tools-virtual - 5.4.0.117.120 linux-virtual - 5.4.0.117.120 linux-virtual-hwe-18.04 - 5.4.0.117.120 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.117.120 linux-headers-virtual - 5.4.0.117.120 linux-tools-oem - 5.4.0.117.120 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.117.120 linux-generic-lpae - 5.4.0.117.120 linux-headers-oem - 5.4.0.117.120 linux-generic - 5.4.0.117.120 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.117.120 linux-tools-generic-hwe-18.04-edge - 5.4.0.117.120 linux-oem - 5.4.0.117.120 linux-image-virtual-hwe-18.04 - 5.4.0.117.120 linux-headers-lowlatency - 5.4.0.117.120 linux-image-generic-hwe-18.04-edge - 5.4.0.117.120 linux-generic-hwe-18.04-edge - 5.4.0.117.120 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.117.120 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.117.120 linux-image-extra-virtual - 5.4.0.117.120 linux-cloud-tools-generic - 5.4.0.117.120 linux-oem-tools-host - 5.4.0.117.120 linux-tools-generic - 5.4.0.117.120 linux-cloud-tools-lowlatency - 5.4.0.117.120 linux-headers-oem-osp1 - 5.4.0.117.120 linux-generic-lpae-hwe-18.04 - 5.4.0.117.120 linux-tools-oem-osp1 - 5.4.0.117.120 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.117.120 linux-headers-generic-hwe-18.04-edge - 5.4.0.117.120 linux-headers-generic - 5.4.0.117.120 linux-headers-virtual-hwe-18.04 - 5.4.0.117.120 linux-oem-osp1 - 5.4.0.117.120 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.117.120 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.117.120 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.117.120 linux-image-lowlatency-hwe-18.04 - 5.4.0.117.120 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.117.120 linux-virtual-hwe-18.04-edge - 5.4.0.117.120 linux-tools-virtual-hwe-18.04 - 5.4.0.117.120 linux-lowlatency-hwe-18.04 - 5.4.0.117.120 linux-generic-hwe-18.04 - 5.4.0.117.120 linux-image-generic-lpae - 5.4.0.117.120 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.117.120 linux-image-virtual-hwe-18.04-edge - 5.4.0.117.120 linux-image-lowlatency - 5.4.0.117.120 No subscription required High CVE-2021-3772 CVE-2021-4197 CVE-2022-1011 CVE-2022-1158 CVE-2022-1198 CVE-2022-1353 CVE-2022-1516 CVE-2022-21499 CVE-2022-23036 CVE-2022-23037 CVE-2022-23038 CVE-2022-23039 CVE-2022-23040 CVE-2022-23041 CVE-2022-23042 CVE-2022-24958 CVE-2022-26966 CVE-2022-28356 CVE-2022-28389 CVE-2022-28390 Ubuntu 20.04 LTS It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499) Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966) Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. (CVE-2022-1158) Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code. (CVE-2022-1972) It was discovered that the USB Gadget file system interface in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-24958) It was discovered that the EMS CAN/USB interface implementation in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-28390) Update Instructions: Run `sudo pro fix USN-5468-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-intel-5.13-tools-host - 5.13.0-1014.15 linux-intel-5.13-tools-5.13.0-1014 - 5.13.0-1014.15 linux-intel-5.13-cloud-tools-5.13.0-1014 - 5.13.0-1014.15 linux-cloud-tools-5.13.0-1014-intel - 5.13.0-1014.15 linux-intel-5.13-headers-5.13.0-1014 - 5.13.0-1014.15 linux-headers-5.13.0-1014-intel - 5.13.0-1014.15 linux-tools-5.13.0-1014-intel - 5.13.0-1014.15 linux-modules-extra-5.13.0-1014-intel - 5.13.0-1014.15 linux-buildinfo-5.13.0-1014-intel - 5.13.0-1014.15 linux-intel-5.13-tools-common - 5.13.0-1014.15 linux-intel-5.13-source-5.13.0 - 5.13.0-1014.15 linux-modules-5.13.0-1014-intel - 5.13.0-1014.15 linux-intel-5.13-cloud-tools-common - 5.13.0-1014.15 linux-image-5.13.0-1014-intel - 5.13.0-1014.15 linux-image-unsigned-5.13.0-1014-intel - 5.13.0-1014.15 No subscription required linux-modules-extra-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-aws-5.13-headers-5.13.0-1028 - 5.13.0-1028.31~20.04.1 linux-image-unsigned-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-modules-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-tools-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-aws-5.13-tools-5.13.0-1028 - 5.13.0-1028.31~20.04.1 linux-headers-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-cloud-tools-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-image-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1028 - 5.13.0-1028.31~20.04.1 linux-buildinfo-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 No subscription required linux-image-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-headers-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1028 - 5.13.0-1028.33~20.04.1 linux-azure-5.13-tools-5.13.0-1028 - 5.13.0-1028.33~20.04.1 linux-modules-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-buildinfo-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-tools-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-image-unsigned-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-azure-5.13-headers-5.13.0-1028 - 5.13.0-1028.33~20.04.1 linux-modules-extra-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-cloud-tools-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 No subscription required linux-gcp-5.13-tools-5.13.0-1030 - 5.13.0-1030.36~20.04.1 linux-tools-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 linux-image-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 linux-modules-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 linux-modules-extra-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 linux-image-unsigned-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 linux-gcp-5.13-headers-5.13.0-1030 - 5.13.0-1030.36~20.04.1 linux-headers-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 linux-buildinfo-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 No subscription required linux-headers-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 linux-oracle-5.13-headers-5.13.0-1033 - 5.13.0-1033.39~20.04.1 linux-image-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 linux-buildinfo-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 linux-modules-extra-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 linux-oracle-5.13-tools-5.13.0-1033 - 5.13.0-1033.39~20.04.1 linux-tools-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 linux-image-unsigned-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 linux-modules-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 No subscription required linux-hwe-5.13-cloud-tools-common - 5.13.0-48.54~20.04.1 linux-tools-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-hwe-5.13-headers-5.13.0-48 - 5.13.0-48.54~20.04.1 linux-image-unsigned-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-headers-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-modules-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-buildinfo-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-image-unsigned-5.13.0-48-generic-64k - 5.13.0-48.54~20.04.1 linux-image-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-48 - 5.13.0-48.54~20.04.1 linux-modules-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-tools-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-cloud-tools-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-image-5.13.0-48-generic-64k - 5.13.0-48.54~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-48.54~20.04.1 linux-modules-5.13.0-48-generic-64k - 5.13.0-48.54~20.04.1 linux-headers-5.13.0-48-generic-64k - 5.13.0-48.54~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-48.54~20.04.1 linux-headers-5.13.0-48-generic-lpae - 5.13.0-48.54~20.04.1 linux-image-unsigned-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-tools-5.13.0-48-generic-lpae - 5.13.0-48.54~20.04.1 linux-modules-5.13.0-48-generic-lpae - 5.13.0-48.54~20.04.1 linux-tools-5.13.0-48-generic-64k - 5.13.0-48.54~20.04.1 linux-modules-extra-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-image-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-cloud-tools-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-buildinfo-5.13.0-48-generic-64k - 5.13.0-48.54~20.04.1 linux-image-5.13.0-48-generic-lpae - 5.13.0-48.54~20.04.1 linux-headers-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-48.54~20.04.1 linux-buildinfo-5.13.0-48-generic-lpae - 5.13.0-48.54~20.04.1 linux-buildinfo-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-hwe-5.13-tools-5.13.0-48 - 5.13.0-48.54~20.04.1 No subscription required linux-intel - 5.13.0.1014.14 linux-image-intel - 5.13.0.1014.14 linux-cloud-tools-intel - 5.13.0.1014.14 linux-tools-intel - 5.13.0.1014.14 linux-headers-intel - 5.13.0.1014.14 No subscription required linux-headers-aws - 5.13.0.1028.31~20.04.22 linux-image-aws - 5.13.0.1028.31~20.04.22 linux-aws - 5.13.0.1028.31~20.04.22 linux-tools-aws - 5.13.0.1028.31~20.04.22 linux-modules-extra-aws - 5.13.0.1028.31~20.04.22 No subscription required linux-cloud-tools-azure - 5.13.0.1028.33~20.04.17 linux-tools-azure - 5.13.0.1028.33~20.04.17 linux-modules-extra-azure - 5.13.0.1028.33~20.04.17 linux-azure - 5.13.0.1028.33~20.04.17 linux-image-azure - 5.13.0.1028.33~20.04.17 linux-headers-azure - 5.13.0.1028.33~20.04.17 No subscription required linux-headers-gcp - 5.13.0.1030.36~20.04.1 linux-gcp - 5.13.0.1030.36~20.04.1 linux-image-gcp - 5.13.0.1030.36~20.04.1 linux-modules-extra-gcp - 5.13.0.1030.36~20.04.1 linux-tools-gcp - 5.13.0.1030.36~20.04.1 No subscription required linux-headers-oracle - 5.13.0.1033.39~20.04.1 linux-tools-oracle - 5.13.0.1033.39~20.04.1 linux-image-oracle - 5.13.0.1033.39~20.04.1 linux-oracle - 5.13.0.1033.39~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-headers-generic-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-image-virtual-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-headers-lowlatency-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-image-extra-virtual-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-image-lowlatency-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-virtual-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-image-generic-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-headers-generic-64k-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-generic-lpae-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-generic-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-tools-generic-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-tools-lowlatency-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-image-generic-lpae-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-tools-virtual-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-tools-generic-64k-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-lowlatency-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-generic-64k-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-image-generic-64k-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-headers-virtual-hwe-20.04 - 5.13.0.48.54~20.04.30 No subscription required High CVE-2022-1158 CVE-2022-21499 CVE-2022-24958 CVE-2022-28390 Ubuntu 20.04 LTS It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499) Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966) Minh Yuan discovered that the floppy driver in the Linux kernel contained a race condition in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1836) Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code. (CVE-2022-1972) Update Instructions: Run `sudo pro fix USN-5470-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-tools-5.14.0-1042 - 5.14.0-1042.47 linux-buildinfo-5.14.0-1042-oem - 5.14.0-1042.47 linux-image-5.14.0-1042-oem - 5.14.0-1042.47 linux-oem-5.14-headers-5.14.0-1042 - 5.14.0-1042.47 linux-tools-5.14.0-1042-oem - 5.14.0-1042.47 linux-headers-5.14.0-1042-oem - 5.14.0-1042.47 linux-modules-iwlwifi-5.14.0-1042-oem - 5.14.0-1042.47 linux-modules-5.14.0-1042-oem - 5.14.0-1042.47 linux-oem-5.14-tools-host - 5.14.0-1042.47 linux-image-unsigned-5.14.0-1042-oem - 5.14.0-1042.47 No subscription required linux-image-oem-20.04c - 5.14.0.1042.38 linux-image-oem-20.04b - 5.14.0.1042.38 linux-image-oem-20.04d - 5.14.0.1042.38 linux-headers-oem-20.04 - 5.14.0.1042.38 linux-tools-oem-20.04c - 5.14.0.1042.38 linux-tools-oem-20.04b - 5.14.0.1042.38 linux-oem-20.04 - 5.14.0.1042.38 linux-image-oem-20.04 - 5.14.0.1042.38 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1042.38 linux-oem-20.04d - 5.14.0.1042.38 linux-oem-20.04c - 5.14.0.1042.38 linux-oem-20.04b - 5.14.0.1042.38 linux-tools-oem-20.04d - 5.14.0.1042.38 linux-headers-oem-20.04b - 5.14.0.1042.38 linux-headers-oem-20.04c - 5.14.0.1042.38 linux-headers-oem-20.04d - 5.14.0.1042.38 linux-tools-oem-20.04 - 5.14.0.1042.38 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1042.38 No subscription required High CVE-2022-21499 Ubuntu 20.04 LTS It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding (LPC) or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-20445, CVE-2020-20446, CVE-2020-20453) It was discovered that FFmpeg incorrectly handled certain input. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-20450) It was discovered that FFmpeg incorrectly handled file conversion to APNG format. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-21041) It was discovered that FFmpeg incorrectly handled remuxing RTP-hint tracks. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-21688) It was discovered that FFmpeg incorrectly handled certain specially crafted AVI files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-21697) It was discovered that FFmpeg incorrectly handled writing MOV video tags. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-22015) It was discovered that FFmpeg incorrectly handled writing MOV files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue affected only Ubuntu 18.04 LTS. (CVE-2020-22016) It was discovered that FFmpeg incorrectly handled memory when using certain filters. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-22017, CVE-2020-22020, CVE-2020-22022, CVE-2020-22023, CVE-2022-22025, CVE-2020-22026, CVE-2020-22028, CVE-2020-22031, CVE-2020-22032, CVE-2020-22034, CVE-2020-22036, CVE-2020-22042) It was discovered that FFmpeg incorrectly handled memory when using certain filters. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-22019, CVE-2020-22021, CVE-2020-22033) It was discovered that FFmpeg incorrectly handled memory when using certain filters. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 21.10. (CVE-2020-22027, CVE-2020-22029, CVE-2020-22030, CVE-2020-22035) It was discovered that FFmpeg incorrectly handled certain specially crafted JPEG files. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-22037) It was discovered that FFmpeg incorrectly performed calculations in EXR codec. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-35965) It was discovered that FFmpeg did not verify return values of functions init_vlc and init_get_bits. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2021-38114, CVE-2021-38171) It was discovered that FFmpeg incorrectly handled certain specially crafted files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.10 and Ubuntu 22.04 LTS. (CVE-2022-1475) Update Instructions: Run `sudo pro fix USN-5472-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavresample-dev - 7:4.2.7-0ubuntu0.1 libavcodec-extra - 7:4.2.7-0ubuntu0.1 libavformat-dev - 7:4.2.7-0ubuntu0.1 libswscale5 - 7:4.2.7-0ubuntu0.1 libavresample4 - 7:4.2.7-0ubuntu0.1 libavcodec-dev - 7:4.2.7-0ubuntu0.1 libavutil-dev - 7:4.2.7-0ubuntu0.1 libavfilter-extra - 7:4.2.7-0ubuntu0.1 libswscale-dev - 7:4.2.7-0ubuntu0.1 libswresample-dev - 7:4.2.7-0ubuntu0.1 libswresample3 - 7:4.2.7-0ubuntu0.1 libavdevice-dev - 7:4.2.7-0ubuntu0.1 libavformat58 - 7:4.2.7-0ubuntu0.1 libavdevice58 - 7:4.2.7-0ubuntu0.1 libavfilter-dev - 7:4.2.7-0ubuntu0.1 libpostproc55 - 7:4.2.7-0ubuntu0.1 libpostproc-dev - 7:4.2.7-0ubuntu0.1 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1 libavutil56 - 7:4.2.7-0ubuntu0.1 libavfilter7 - 7:4.2.7-0ubuntu0.1 ffmpeg - 7:4.2.7-0ubuntu0.1 ffmpeg-doc - 7:4.2.7-0ubuntu0.1 libavcodec58 - 7:4.2.7-0ubuntu0.1 No subscription required Medium CVE-2020-20445 CVE-2020-20446 CVE-2020-20450 CVE-2020-20453 CVE-2020-21041 CVE-2020-21688 CVE-2020-21697 CVE-2020-22015 CVE-2020-22016 CVE-2020-22017 CVE-2020-22019 CVE-2020-22020 CVE-2020-22021 CVE-2020-22022 CVE-2020-22023 CVE-2020-22025 CVE-2020-22026 CVE-2020-22027 CVE-2020-22028 CVE-2020-22029 CVE-2020-22030 CVE-2020-22031 CVE-2020-22032 CVE-2020-22033 CVE-2020-22034 CVE-2020-22035 CVE-2020-22036 CVE-2020-22037 CVE-2020-22042 CVE-2020-35965 CVE-2021-38114 CVE-2021-38171 CVE-2021-38291 CVE-2022-1475 Ubuntu 20.04 LTS The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.50 version of the Mozilla certificate authority bundle. Update Instructions: Run `sudo pro fix USN-5473-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates - 20211016~20.04.1 No subscription required None https://launchpad.net/bugs/1976631 Ubuntu 20.04 LTS It was dicovered that Varnish Cache did not clear a pointer between the handling of one client request and the next request within the same connection. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2019-20637) It was discovered that Varnish Cache could have an assertion failure when a TLS termination proxy uses PROXY version 2. A remote attacker could possibly use this issue to restart the daemon and cause a performance loss. (CVE-2020-11653) It was discovered that Varnish Cache allowed request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-36740) It was discovered that Varnish Cache allowed request smuggling for HTTP/1 connections. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2022-23959) Update Instructions: Run `sudo pro fix USN-5474-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: varnish - 6.2.1-2ubuntu0.1 varnish-doc - 6.2.1-2ubuntu0.1 libvarnishapi-dev - 6.2.1-2ubuntu0.1 libvarnishapi2 - 6.2.1-2ubuntu0.1 No subscription required Medium CVE-2019-20637 CVE-2020-11653 CVE-2021-36740 CVE-2022-23959 Ubuntu 20.04 LTS USN-5474-1 fixed vulnerabilities in Varnish Cache. Unfortunately the fix for CVE-2020-11653 was incomplete. This update fixes the problem. Original advisory details: It was discovered that Varnish Cache could have an assertion failure when a TLS termination proxy uses PROXY version 2. A remote attacker could possibly use this issue to restart the daemon and cause a performance loss. (CVE-2020-11653) Update Instructions: Run `sudo pro fix USN-5474-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: varnish - 6.2.1-2ubuntu0.2 varnish-doc - 6.2.1-2ubuntu0.2 libvarnishapi-dev - 6.2.1-2ubuntu0.2 libvarnishapi2 - 6.2.1-2ubuntu0.2 No subscription required Low CVE-2020-11653 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the browser UI, conduct cross-site scripting (XSS) attacks, bypass content security policy (CSP) restrictions, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5475-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 101.0.1+build1-0ubuntu0.20.04.1 firefox - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 101.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 101.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 101.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 101.0.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-1919 CVE-2022-31736 CVE-2022-31737 CVE-2022-31738 CVE-2022-31740 CVE-2022-31741 CVE-2022-31742 CVE-2022-31743 CVE-2022-31744 CVE-2022-31745 CVE-2022-31747 CVE-2022-31748 Ubuntu 20.04 LTS Han Zheng discovered that Liblouis incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. This issue was addressed in Ubuntu 21.10 and Ubuntu 22.04 LTS. (CVE-2022-26981) It was discovered that Liblouis incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2022-31783) Update Instructions: Run `sudo pro fix USN-5476-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblouis-dev - 3.12.0-3ubuntu0.1 python3-louis - 3.12.0-3ubuntu0.1 liblouis-data - 3.12.0-3ubuntu0.1 liblouis20 - 3.12.0-3ubuntu0.1 liblouis-bin - 3.12.0-3ubuntu0.1 No subscription required Medium CVE-2022-26981 CVE-2022-31783 Ubuntu 20.04 LTS Charles Fol discovered that PHP incorrectly handled initializing certain arrays when handling the pg_query_params function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-31625) Charles Fol discovered that PHP incorrectly handled passwords in mysqlnd. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-31626) Update Instructions: Run `sudo pro fix USN-5479-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.12 php7.4-readline - 7.4.3-4ubuntu2.12 php7.4-dba - 7.4.3-4ubuntu2.12 php7.4-common - 7.4.3-4ubuntu2.12 php7.4-xmlrpc - 7.4.3-4ubuntu2.12 php7.4-intl - 7.4.3-4ubuntu2.12 php7.4-phpdbg - 7.4.3-4ubuntu2.12 php7.4-ldap - 7.4.3-4ubuntu2.12 php7.4-soap - 7.4.3-4ubuntu2.12 php7.4-xsl - 7.4.3-4ubuntu2.12 php7.4-pgsql - 7.4.3-4ubuntu2.12 php7.4-pspell - 7.4.3-4ubuntu2.12 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.12 php7.4-zip - 7.4.3-4ubuntu2.12 php7.4-curl - 7.4.3-4ubuntu2.12 php7.4-odbc - 7.4.3-4ubuntu2.12 php7.4-json - 7.4.3-4ubuntu2.12 php7.4-mbstring - 7.4.3-4ubuntu2.12 php7.4-imap - 7.4.3-4ubuntu2.12 php7.4-bz2 - 7.4.3-4ubuntu2.12 php7.4-cgi - 7.4.3-4ubuntu2.12 php7.4 - 7.4.3-4ubuntu2.12 php7.4-bcmath - 7.4.3-4ubuntu2.12 php7.4-dev - 7.4.3-4ubuntu2.12 php7.4-interbase - 7.4.3-4ubuntu2.12 php7.4-tidy - 7.4.3-4ubuntu2.12 php7.4-gmp - 7.4.3-4ubuntu2.12 php7.4-sqlite3 - 7.4.3-4ubuntu2.12 php7.4-fpm - 7.4.3-4ubuntu2.12 php7.4-sybase - 7.4.3-4ubuntu2.12 php7.4-cli - 7.4.3-4ubuntu2.12 libphp7.4-embed - 7.4.3-4ubuntu2.12 php7.4-enchant - 7.4.3-4ubuntu2.12 php7.4-mysql - 7.4.3-4ubuntu2.12 php7.4-snmp - 7.4.3-4ubuntu2.12 php7.4-xml - 7.4.3-4ubuntu2.12 php7.4-opcache - 7.4.3-4ubuntu2.12 No subscription required Medium CVE-2022-31625 CVE-2022-31626 Ubuntu 20.04 LTS It was discovered that BlueZ incorrectly validated certain capabilities and lengths when handling the A2DP profile. A remote attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5481-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbluetooth3 - 5.53-0ubuntu3.6 bluez-tests - 5.53-0ubuntu3.6 bluez-obexd - 5.53-0ubuntu3.6 bluetooth - 5.53-0ubuntu3.6 bluez - 5.53-0ubuntu3.6 bluez-hcidump - 5.53-0ubuntu3.6 bluez-cups - 5.53-0ubuntu3.6 libbluetooth-dev - 5.53-0ubuntu3.6 No subscription required None https://launchpad.net/bugs/1977968 Ubuntu 20.04 LTS USN-5482-1 fixed several vulnerabilities in SPIP. This update provides the corresponding updates for Ubuntu 20.04 LTS for CVE-2021-44118, CVE-2021-44120, CVE-2021-44122 and CVE-2021-44123. Original advisory details: It was discovered that SPIP incorrectly validated inputs. An authenticated attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-28984) Charles Fol and Théo Gordyjan discovered that SPIP is vulnerable to Cross Site Scripting (XSS). If a user were tricked into browsing a malicious SVG file, an attacker could possibly exploit this issue to execute arbitrary code. This issue was only fixed in Ubuntu 21.10. (CVE-2021-44118, CVE-2021-44120, CVE-2021-44122, CVE-2021-44123) It was discovered that SPIP incorrectly handled certain forms. A remote authenticated editor could possibly use this issue to execute arbitrary code, and a remote unauthenticated attacker could possibly use this issue to obtain sensitive information. (CVE-2022-26846, CVE-2022-26847) Update Instructions: Run `sudo pro fix USN-5482-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: spip - 3.2.7-1ubuntu0.1 No subscription required Medium CVE-2021-44118 CVE-2021-44120 CVE-2021-44122 CVE-2021-44123 Ubuntu 20.04 LTS It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5483-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libexempi8 - 2.5.1-1ubuntu0.1 exempi - 2.5.1-1ubuntu0.1 libexempi-dev - 2.5.1-1ubuntu0.1 No subscription required Medium CVE-2018-12648 CVE-2021-36045 CVE-2021-36046 CVE-2021-36047 CVE-2021-36048 CVE-2021-36050 CVE-2021-36051 CVE-2021-36052 CVE-2021-36053 CVE-2021-36054 CVE-2021-36055 CVE-2021-36056 CVE-2021-36058 CVE-2021-36064 CVE-2021-39847 CVE-2021-40716 CVE-2021-40732 CVE-2021-42528 CVE-2021-42529 CVE-2021-42530 CVE-2021-42531 CVE-2021-42532 Ubuntu 20.04 LTS It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21123) It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21125) It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21166) Update Instructions: Run `sudo pro fix USN-5485-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.13.0-1017-intel - 5.13.0-1017.19 linux-image-unsigned-5.13.0-1017-intel - 5.13.0-1017.19 linux-intel-5.13-tools-host - 5.13.0-1017.19 linux-modules-extra-5.13.0-1017-intel - 5.13.0-1017.19 linux-intel-5.13-cloud-tools-common - 5.13.0-1017.19 linux-tools-5.13.0-1017-intel - 5.13.0-1017.19 linux-buildinfo-5.13.0-1017-intel - 5.13.0-1017.19 linux-cloud-tools-5.13.0-1017-intel - 5.13.0-1017.19 linux-intel-5.13-tools-5.13.0-1017 - 5.13.0-1017.19 linux-intel-5.13-source-5.13.0 - 5.13.0-1017.19 linux-intel-5.13-cloud-tools-5.13.0-1017 - 5.13.0-1017.19 linux-intel-5.13-headers-5.13.0-1017 - 5.13.0-1017.19 linux-headers-5.13.0-1017-intel - 5.13.0-1017.19 linux-modules-5.13.0-1017-intel - 5.13.0-1017.19 linux-intel-5.13-tools-common - 5.13.0-1017.19 No subscription required linux-image-unsigned-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-modules-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-modules-extra-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1031 - 5.13.0-1031.35~20.04.1 linux-headers-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-aws-5.13-tools-5.13.0-1031 - 5.13.0-1031.35~20.04.1 linux-buildinfo-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-cloud-tools-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-image-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-tools-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-aws-5.13-headers-5.13.0-1031 - 5.13.0-1031.35~20.04.1 No subscription required linux-buildinfo-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-azure-5.13-tools-5.13.0-1031 - 5.13.0-1031.37~20.04.1 linux-image-unsigned-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-image-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1031 - 5.13.0-1031.37~20.04.1 linux-azure-5.13-headers-5.13.0-1031 - 5.13.0-1031.37~20.04.1 linux-modules-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-headers-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-tools-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-modules-extra-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-cloud-tools-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 No subscription required linux-gcp-5.13-tools-5.13.0-1033 - 5.13.0-1033.40~20.04.1 linux-image-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 linux-image-unsigned-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 linux-tools-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 linux-gcp-5.13-headers-5.13.0-1033 - 5.13.0-1033.40~20.04.1 linux-modules-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 linux-modules-extra-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 linux-buildinfo-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 linux-headers-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 No subscription required linux-image-unsigned-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-headers-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-modules-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-modules-extra-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-buildinfo-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-tools-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-image-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-oracle-5.13-tools-5.13.0-1036 - 5.13.0-1036.43~20.04.1 linux-oracle-5.13-headers-5.13.0-1036 - 5.13.0-1036.43~20.04.1 No subscription required linux-hwe-5.13-headers-5.13.0-51 - 5.13.0-51.58~20.04.1 linux-image-unsigned-5.13.0-51-generic-64k - 5.13.0-51.58~20.04.1 linux-headers-5.13.0-51-generic-64k - 5.13.0-51.58~20.04.1 linux-modules-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-cloud-tools-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-51 - 5.13.0-51.58~20.04.1 linux-buildinfo-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-51.58~20.04.1 linux-buildinfo-5.13.0-51-generic-64k - 5.13.0-51.58~20.04.1 linux-modules-5.13.0-51-generic-lpae - 5.13.0-51.58~20.04.1 linux-image-5.13.0-51-generic-64k - 5.13.0-51.58~20.04.1 linux-tools-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-tools-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-headers-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-cloud-tools-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-modules-5.13.0-51-generic-64k - 5.13.0-51.58~20.04.1 linux-headers-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-image-5.13.0-51-generic-lpae - 5.13.0-51.58~20.04.1 linux-tools-5.13.0-51-generic-64k - 5.13.0-51.58~20.04.1 linux-image-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-51.58~20.04.1 linux-buildinfo-5.13.0-51-generic-lpae - 5.13.0-51.58~20.04.1 linux-tools-5.13.0-51-generic-lpae - 5.13.0-51.58~20.04.1 linux-image-unsigned-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-image-unsigned-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-image-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-headers-5.13.0-51-generic-lpae - 5.13.0-51.58~20.04.1 linux-hwe-5.13-cloud-tools-common - 5.13.0-51.58~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-51.58~20.04.1 linux-hwe-5.13-tools-5.13.0-51 - 5.13.0-51.58~20.04.1 linux-modules-extra-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-buildinfo-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-modules-5.13.0-51-generic - 5.13.0-51.58~20.04.1 No subscription required linux-intel - 5.13.0.1017.15 linux-cloud-tools-intel - 5.13.0.1017.15 linux-headers-intel - 5.13.0.1017.15 linux-image-intel - 5.13.0.1017.15 linux-tools-intel - 5.13.0.1017.15 No subscription required linux-image-aws - 5.13.0.1031.35~20.04.25 linux-aws - 5.13.0.1031.35~20.04.25 linux-headers-aws - 5.13.0.1031.35~20.04.25 linux-tools-aws - 5.13.0.1031.35~20.04.25 linux-modules-extra-aws - 5.13.0.1031.35~20.04.25 No subscription required linux-cloud-tools-azure - 5.13.0.1031.37~20.04.20 linux-modules-extra-azure - 5.13.0.1031.37~20.04.20 linux-azure - 5.13.0.1031.37~20.04.20 linux-image-azure - 5.13.0.1031.37~20.04.20 linux-headers-azure - 5.13.0.1031.37~20.04.20 linux-tools-azure - 5.13.0.1031.37~20.04.20 No subscription required linux-modules-extra-gcp - 5.13.0.1033.40~20.04.1 linux-gcp - 5.13.0.1033.40~20.04.1 linux-image-gcp - 5.13.0.1033.40~20.04.1 linux-tools-gcp - 5.13.0.1033.40~20.04.1 linux-headers-gcp - 5.13.0.1033.40~20.04.1 No subscription required linux-headers-oracle - 5.13.0.1036.43~20.04.1 linux-tools-oracle - 5.13.0.1036.43~20.04.1 linux-image-oracle - 5.13.0.1036.43~20.04.1 linux-oracle - 5.13.0.1036.43~20.04.1 No subscription required linux-image-extra-virtual-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-tools-lowlatency-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-headers-generic-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-generic-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-tools-virtual-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-lowlatency-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-image-generic-lpae-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-tools-generic-64k-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-image-virtual-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-headers-lowlatency-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-image-lowlatency-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-virtual-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-headers-generic-64k-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-generic-lpae-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-image-generic-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-tools-generic-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-headers-virtual-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-generic-64k-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-image-generic-64k-hwe-20.04 - 5.13.0.51.58~20.04.31 No subscription required linux-buildinfo-5.4.0-1028-ibm - 5.4.0-1028.32 linux-modules-5.4.0-1028-ibm - 5.4.0-1028.32 linux-ibm-cloud-tools-common - 5.4.0-1028.32 linux-ibm-headers-5.4.0-1028 - 5.4.0-1028.32 linux-image-5.4.0-1028-ibm - 5.4.0-1028.32 linux-tools-5.4.0-1028-ibm - 5.4.0-1028.32 linux-ibm-tools-common - 5.4.0-1028.32 linux-ibm-source-5.4.0 - 5.4.0-1028.32 linux-headers-5.4.0-1028-ibm - 5.4.0-1028.32 linux-modules-extra-5.4.0-1028-ibm - 5.4.0-1028.32 linux-ibm-tools-5.4.0-1028 - 5.4.0-1028.32 linux-image-unsigned-5.4.0-1028-ibm - 5.4.0-1028.32 No subscription required linux-gkeop-tools-5.4.0-1048 - 5.4.0-1048.51 linux-modules-extra-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-headers-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-modules-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-image-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-gkeop-headers-5.4.0-1048 - 5.4.0-1048.51 linux-cloud-tools-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-gkeop-cloud-tools-5.4.0-1048 - 5.4.0-1048.51 linux-tools-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-gkeop-source-5.4.0 - 5.4.0-1048.51 linux-image-unsigned-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-buildinfo-5.4.0-1048-gkeop - 5.4.0-1048.51 No subscription required linux-image-unsigned-5.4.0-1070-kvm - 5.4.0-1070.75 linux-headers-5.4.0-1070-kvm - 5.4.0-1070.75 linux-tools-5.4.0-1070-kvm - 5.4.0-1070.75 linux-kvm-headers-5.4.0-1070 - 5.4.0-1070.75 linux-kvm-tools-5.4.0-1070 - 5.4.0-1070.75 linux-modules-5.4.0-1070-kvm - 5.4.0-1070.75 linux-buildinfo-5.4.0-1070-kvm - 5.4.0-1070.75 linux-image-5.4.0-1070-kvm - 5.4.0-1070.75 No subscription required linux-image-5.4.0-1076-gke - 5.4.0-1076.82 linux-gke-headers-5.4.0-1076 - 5.4.0-1076.82 linux-tools-5.4.0-1076-gke - 5.4.0-1076.82 linux-modules-5.4.0-1076-gke - 5.4.0-1076.82 linux-image-unsigned-5.4.0-1076-gke - 5.4.0-1076.82 linux-gke-tools-5.4.0-1076 - 5.4.0-1076.82 linux-headers-5.4.0-1076-gke - 5.4.0-1076.82 linux-buildinfo-5.4.0-1076-gke - 5.4.0-1076.82 linux-modules-extra-5.4.0-1076-gke - 5.4.0-1076.82 No subscription required linux-tools-5.4.0-1078-oracle - 5.4.0-1078.86 linux-image-unsigned-5.4.0-1078-oracle - 5.4.0-1078.86 linux-oracle-headers-5.4.0-1078 - 5.4.0-1078.86 linux-oracle-tools-5.4.0-1078 - 5.4.0-1078.86 linux-modules-5.4.0-1078-oracle - 5.4.0-1078.86 linux-buildinfo-5.4.0-1078-oracle - 5.4.0-1078.86 linux-modules-extra-5.4.0-1078-oracle - 5.4.0-1078.86 linux-image-5.4.0-1078-oracle - 5.4.0-1078.86 linux-headers-5.4.0-1078-oracle - 5.4.0-1078.86 No subscription required linux-image-unsigned-5.4.0-1080-aws - 5.4.0-1080.87 linux-image-unsigned-5.4.0-1080-gcp - 5.4.0-1080.87 linux-buildinfo-5.4.0-1080-aws - 5.4.0-1080.87 linux-gcp-tools-5.4.0-1080 - 5.4.0-1080.87 linux-headers-5.4.0-1080-gcp - 5.4.0-1080.87 linux-image-5.4.0-1080-aws - 5.4.0-1080.87 linux-tools-5.4.0-1080-aws - 5.4.0-1080.87 linux-gcp-headers-5.4.0-1080 - 5.4.0-1080.87 linux-cloud-tools-5.4.0-1080-aws - 5.4.0-1080.87 linux-aws-cloud-tools-5.4.0-1080 - 5.4.0-1080.87 linux-tools-5.4.0-1080-gcp - 5.4.0-1080.87 linux-modules-extra-5.4.0-1080-gcp - 5.4.0-1080.87 linux-image-5.4.0-1080-gcp - 5.4.0-1080.87 linux-aws-tools-5.4.0-1080 - 5.4.0-1080.87 linux-buildinfo-5.4.0-1080-gcp - 5.4.0-1080.87 linux-headers-5.4.0-1080-aws - 5.4.0-1080.87 linux-modules-5.4.0-1080-aws - 5.4.0-1080.87 linux-aws-headers-5.4.0-1080 - 5.4.0-1080.87 linux-modules-extra-5.4.0-1080-aws - 5.4.0-1080.87 linux-modules-5.4.0-1080-gcp - 5.4.0-1080.87 No subscription required linux-headers-5.4.0-1085-azure - 5.4.0-1085.90 linux-modules-5.4.0-1085-azure - 5.4.0-1085.90 linux-modules-extra-5.4.0-1085-azure - 5.4.0-1085.90 linux-azure-headers-5.4.0-1085 - 5.4.0-1085.90 linux-cloud-tools-5.4.0-1085-azure - 5.4.0-1085.90 linux-azure-tools-5.4.0-1085 - 5.4.0-1085.90 linux-tools-5.4.0-1085-azure - 5.4.0-1085.90 linux-image-unsigned-5.4.0-1085-azure - 5.4.0-1085.90 linux-image-5.4.0-1085-azure - 5.4.0-1085.90 linux-azure-cloud-tools-5.4.0-1085 - 5.4.0-1085.90 linux-buildinfo-5.4.0-1085-azure - 5.4.0-1085.90 No subscription required linux-image-5.4.0-1085-azure-fde - 5.4.0-1085.90+cvm1.1 linux-image-unsigned-5.4.0-1085-azure-fde - 5.4.0-1085.90+cvm1.1 No subscription required linux-tools-5.4.0-120 - 5.4.0-120.136 linux-source-5.4.0 - 5.4.0-120.136 linux-cloud-tools-5.4.0-120-generic - 5.4.0-120.136 linux-modules-5.4.0-120-generic - 5.4.0-120.136 linux-cloud-tools-common - 5.4.0-120.136 linux-buildinfo-5.4.0-120-generic - 5.4.0-120.136 linux-tools-5.4.0-120-generic - 5.4.0-120.136 linux-buildinfo-5.4.0-120-generic-lpae - 5.4.0-120.136 linux-headers-5.4.0-120-lowlatency - 5.4.0-120.136 linux-libc-dev - 5.4.0-120.136 linux-headers-5.4.0-120-generic - 5.4.0-120.136 linux-image-5.4.0-120-generic - 5.4.0-120.136 linux-headers-5.4.0-120 - 5.4.0-120.136 linux-image-unsigned-5.4.0-120-generic - 5.4.0-120.136 linux-tools-host - 5.4.0-120.136 linux-tools-common - 5.4.0-120.136 linux-tools-5.4.0-120-lowlatency - 5.4.0-120.136 linux-cloud-tools-5.4.0-120 - 5.4.0-120.136 linux-image-5.4.0-120-lowlatency - 5.4.0-120.136 linux-headers-5.4.0-120-generic-lpae - 5.4.0-120.136 linux-image-unsigned-5.4.0-120-lowlatency - 5.4.0-120.136 linux-cloud-tools-5.4.0-120-lowlatency - 5.4.0-120.136 linux-doc - 5.4.0-120.136 linux-modules-extra-5.4.0-120-generic - 5.4.0-120.136 linux-modules-5.4.0-120-lowlatency - 5.4.0-120.136 linux-image-5.4.0-120-generic-lpae - 5.4.0-120.136 linux-buildinfo-5.4.0-120-lowlatency - 5.4.0-120.136 linux-tools-5.4.0-120-generic-lpae - 5.4.0-120.136 linux-modules-5.4.0-120-generic-lpae - 5.4.0-120.136 No subscription required linux-tools-ibm - 5.4.0.1028.25 linux-modules-extra-ibm - 5.4.0.1028.25 linux-image-ibm-lts-20.04 - 5.4.0.1028.25 linux-tools-ibm-lts-20.04 - 5.4.0.1028.25 linux-ibm-lts-20.04 - 5.4.0.1028.25 linux-ibm - 5.4.0.1028.25 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1028.25 linux-headers-ibm - 5.4.0.1028.25 linux-image-ibm - 5.4.0.1028.25 linux-headers-ibm-lts-20.04 - 5.4.0.1028.25 No subscription required linux-cloud-tools-gkeop-5.4 - 5.4.0.1048.49 linux-image-gkeop - 5.4.0.1048.49 linux-image-gkeop-5.4 - 5.4.0.1048.49 linux-modules-extra-gkeop - 5.4.0.1048.49 linux-tools-gkeop-5.4 - 5.4.0.1048.49 linux-headers-gkeop - 5.4.0.1048.49 linux-tools-gkeop - 5.4.0.1048.49 linux-gkeop-5.4 - 5.4.0.1048.49 linux-cloud-tools-gkeop - 5.4.0.1048.49 linux-headers-gkeop-5.4 - 5.4.0.1048.49 linux-modules-extra-gkeop-5.4 - 5.4.0.1048.49 linux-gkeop - 5.4.0.1048.49 No subscription required linux-kvm - 5.4.0.1070.67 linux-image-kvm - 5.4.0.1070.67 linux-tools-kvm - 5.4.0.1070.67 linux-headers-kvm - 5.4.0.1070.67 No subscription required linux-tools-gke-5.4 - 5.4.0.1076.84 linux-headers-gke-5.4 - 5.4.0.1076.84 linux-modules-extra-gke-5.4 - 5.4.0.1076.84 linux-image-gke-5.4 - 5.4.0.1076.84 linux-gke - 5.4.0.1076.84 linux-gke-5.4 - 5.4.0.1076.84 linux-image-gke - 5.4.0.1076.84 linux-headers-gke - 5.4.0.1076.84 linux-modules-extra-gke - 5.4.0.1076.84 linux-tools-gke - 5.4.0.1076.84 No subscription required linux-image-oracle-lts-20.04 - 5.4.0.1078.76 linux-headers-oracle-lts-20.04 - 5.4.0.1078.76 linux-tools-oracle-lts-20.04 - 5.4.0.1078.76 linux-oracle-lts-20.04 - 5.4.0.1078.76 No subscription required linux-headers-aws-lts-20.04 - 5.4.0.1080.80 linux-aws-lts-20.04 - 5.4.0.1080.80 linux-modules-extra-aws-lts-20.04 - 5.4.0.1080.80 linux-tools-aws-lts-20.04 - 5.4.0.1080.80 linux-image-aws-lts-20.04 - 5.4.0.1080.80 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1080.86 linux-gcp-lts-20.04 - 5.4.0.1080.86 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1080.86 linux-headers-gcp-lts-20.04 - 5.4.0.1080.86 linux-image-gcp-lts-20.04 - 5.4.0.1080.86 No subscription required linux-azure-lts-20.04 - 5.4.0.1085.82 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1085.82 linux-tools-azure-lts-20.04 - 5.4.0.1085.82 linux-headers-azure-lts-20.04 - 5.4.0.1085.82 linux-image-azure-lts-20.04 - 5.4.0.1085.82 linux-modules-extra-azure-lts-20.04 - 5.4.0.1085.82 No subscription required linux-tools-azure-fde - 5.4.0.1085.90+cvm1.25 linux-cloud-tools-azure-fde - 5.4.0.1085.90+cvm1.25 linux-headers-azure-fde - 5.4.0.1085.90+cvm1.25 linux-image-azure-fde - 5.4.0.1085.90+cvm1.25 linux-azure-fde - 5.4.0.1085.90+cvm1.25 linux-modules-extra-azure-fde - 5.4.0.1085.90+cvm1.25 No subscription required linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.120.121 linux-image-virtual - 5.4.0.120.121 linux-tools-lowlatency - 5.4.0.120.121 linux-tools-virtual-hwe-18.04 - 5.4.0.120.121 linux-headers-lowlatency-hwe-18.04 - 5.4.0.120.121 linux-lowlatency-hwe-18.04-edge - 5.4.0.120.121 linux-image-generic-lpae-hwe-18.04 - 5.4.0.120.121 linux-headers-generic-hwe-18.04 - 5.4.0.120.121 linux-source - 5.4.0.120.121 linux-cloud-tools-generic - 5.4.0.120.121 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.120.121 linux-generic - 5.4.0.120.121 linux-generic-hwe-18.04-edge - 5.4.0.120.121 linux-generic-lpae-hwe-18.04 - 5.4.0.120.121 linux-headers-generic-hwe-18.04-edge - 5.4.0.120.121 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.120.121 linux-virtual-hwe-18.04-edge - 5.4.0.120.121 linux-image-lowlatency - 5.4.0.120.121 linux-image-oem-osp1 - 5.4.0.120.121 linux-crashdump - 5.4.0.120.121 linux-headers-virtual-hwe-18.04-edge - 5.4.0.120.121 linux-tools-virtual-hwe-18.04-edge - 5.4.0.120.121 linux-headers-virtual-hwe-18.04 - 5.4.0.120.121 linux-generic-lpae-hwe-18.04-edge - 5.4.0.120.121 linux-generic-lpae - 5.4.0.120.121 linux-tools-oem-osp1 - 5.4.0.120.121 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.120.121 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.120.121 linux-image-generic-hwe-18.04-edge - 5.4.0.120.121 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.120.121 linux-oem - 5.4.0.120.121 linux-image-extra-virtual - 5.4.0.120.121 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.120.121 linux-headers-virtual - 5.4.0.120.121 linux-lowlatency-hwe-18.04 - 5.4.0.120.121 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.120.121 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.120.121 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.120.121 linux-image-generic-hwe-18.04 - 5.4.0.120.121 linux-image-oem - 5.4.0.120.121 linux-tools-lowlatency-hwe-18.04 - 5.4.0.120.121 linux-lowlatency - 5.4.0.120.121 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.120.121 linux-tools-virtual - 5.4.0.120.121 linux-virtual - 5.4.0.120.121 linux-tools-generic - 5.4.0.120.121 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.120.121 linux-headers-oem - 5.4.0.120.121 linux-tools-generic-hwe-18.04-edge - 5.4.0.120.121 linux-image-virtual-hwe-18.04 - 5.4.0.120.121 linux-image-virtual-hwe-18.04-edge - 5.4.0.120.121 linux-cloud-tools-lowlatency - 5.4.0.120.121 linux-headers-lowlatency - 5.4.0.120.121 linux-oem-osp1 - 5.4.0.120.121 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.120.121 linux-image-lowlatency-hwe-18.04 - 5.4.0.120.121 linux-cloud-tools-virtual - 5.4.0.120.121 linux-headers-generic-lpae - 5.4.0.120.121 linux-oem-osp1-tools-host - 5.4.0.120.121 linux-image-generic - 5.4.0.120.121 linux-image-extra-virtual-hwe-18.04 - 5.4.0.120.121 linux-tools-generic-lpae - 5.4.0.120.121 linux-virtual-hwe-18.04 - 5.4.0.120.121 linux-tools-oem - 5.4.0.120.121 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.120.121 linux-image-generic-lpae - 5.4.0.120.121 linux-oem-tools-host - 5.4.0.120.121 linux-headers-oem-osp1 - 5.4.0.120.121 linux-headers-generic - 5.4.0.120.121 linux-generic-hwe-18.04 - 5.4.0.120.121 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.120.121 linux-tools-generic-hwe-18.04 - 5.4.0.120.121 No subscription required Medium CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 Ubuntu 20.04 LTS It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21123) It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21125) It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21166) Update Instructions: Run `sudo pro fix USN-5485-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-tools-5.14.0-1044 - 5.14.0-1044.49 linux-buildinfo-5.14.0-1044-oem - 5.14.0-1044.49 linux-image-unsigned-5.14.0-1044-oem - 5.14.0-1044.49 linux-headers-5.14.0-1044-oem - 5.14.0-1044.49 linux-tools-5.14.0-1044-oem - 5.14.0-1044.49 linux-modules-iwlwifi-5.14.0-1044-oem - 5.14.0-1044.49 linux-oem-5.14-headers-5.14.0-1044 - 5.14.0-1044.49 linux-image-5.14.0-1044-oem - 5.14.0-1044.49 linux-modules-5.14.0-1044-oem - 5.14.0-1044.49 linux-oem-5.14-tools-host - 5.14.0-1044.49 No subscription required linux-image-oem-20.04c - 5.14.0.1044.40 linux-image-oem-20.04b - 5.14.0.1044.40 linux-image-oem-20.04d - 5.14.0.1044.40 linux-headers-oem-20.04 - 5.14.0.1044.40 linux-tools-oem-20.04c - 5.14.0.1044.40 linux-tools-oem-20.04b - 5.14.0.1044.40 linux-oem-20.04 - 5.14.0.1044.40 linux-image-oem-20.04 - 5.14.0.1044.40 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1044.40 linux-oem-20.04d - 5.14.0.1044.40 linux-oem-20.04c - 5.14.0.1044.40 linux-oem-20.04b - 5.14.0.1044.40 linux-tools-oem-20.04d - 5.14.0.1044.40 linux-headers-oem-20.04b - 5.14.0.1044.40 linux-headers-oem-20.04c - 5.14.0.1044.40 linux-headers-oem-20.04d - 5.14.0.1044.40 linux-tools-oem-20.04 - 5.14.0.1044.40 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1044.40 No subscription required Medium CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 Ubuntu 20.04 LTS It was discovered that some Intel processors did not implement sufficient control flow management. A local attacker could use this to cause a denial of service. (CVE-2021-0127) Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. (CVE-2021-0145) Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges. (CVE-2021-0146) It was discovered that some Intel processors did not properly restrict access in some situations. A local attacker could use this to obtain sensitive information. (CVE-2021-33117) Brandon Miller discovered that some Intel processors did not properly restrict access in some situations. A local attacker could use this to obtain sensitive information or a remote attacker could use this to cause a denial of service. (CVE-2021-33120) It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21123, CVE-2022-21127) Alysa Milburn, Jason Brandt, Avishai Redelman and Nir Lavi discovered that some Intel processors improperly optimised security-critical code. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21151) It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21166) Update Instructions: Run `sudo pro fix USN-5486-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20220510.0ubuntu0.20.04.1 No subscription required Medium CVE-2021-0127 CVE-2021-0145 CVE-2021-0146 CVE-2021-33117 CVE-2021-33120 CVE-2022-21123 CVE-2022-21127 CVE-2022-21151 CVE-2022-21166 Ubuntu 20.04 LTS It was discovered that Apache HTTP Server mod_proxy_ajp incorrectly handled certain crafted request. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-26377) It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-28614) It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to cause a crash or expose sensitive information. (CVE-2022-28615) It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-29404) It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to cause a crash. (CVE-2022-30522) It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2022-30556) It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to bypass IP based authentication. (CVE-2022-31813) Update Instructions: Run `sudo pro fix USN-5487-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.12 libapache2-mod-md - 2.4.41-4ubuntu3.12 apache2-utils - 2.4.41-4ubuntu3.12 apache2-dev - 2.4.41-4ubuntu3.12 apache2-suexec-pristine - 2.4.41-4ubuntu3.12 apache2-suexec-custom - 2.4.41-4ubuntu3.12 apache2 - 2.4.41-4ubuntu3.12 apache2-doc - 2.4.41-4ubuntu3.12 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.12 apache2-ssl-dev - 2.4.41-4ubuntu3.12 apache2-bin - 2.4.41-4ubuntu3.12 No subscription required Medium CVE-2022-26377 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556 CVE-2022-31813 Ubuntu 20.04 LTS Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. Update Instructions: Run `sudo pro fix USN-5488-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.15 libssl-dev - 1.1.1f-1ubuntu2.15 openssl - 1.1.1f-1ubuntu2.15 libssl-doc - 1.1.1f-1ubuntu2.15 No subscription required Medium CVE-2022-2068 Ubuntu 20.04 LTS Alexander Bulekov discovered that QEMU incorrectly handled floppy disk emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly leak sensitive information. (CVE-2021-3507) It was discovered that QEMU incorrectly handled NVME controller emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2021-3929) It was discovered that QEMU incorrectly handled QXL display device emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-4206, CVE-2021-4207) Jietao Xiao, Jinku Li, Wenbo Shen, and Nanzi Yang discovered that QEMU incorrectly handled the virtiofsd shared file system daemon. An attacker inside the guest could use this issue to create files with incorrect ownership, possibly leading to privilege escalation. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-0358) It was discovered that QEMU incorrectly handled virtio-net devices. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-26353) It was discovered that QEMU incorrectly handled vhost-vsock devices. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-26354) Update Instructions: Run `sudo pro fix USN-5489-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.23 qemu-system-common - 1:4.2-3ubuntu6.23 qemu-user-static - 1:4.2-3ubuntu6.23 qemu-system-misc - 1:4.2-3ubuntu6.23 qemu-block-extra - 1:4.2-3ubuntu6.23 qemu-system-s390x - 1:4.2-3ubuntu6.23 qemu-user - 1:4.2-3ubuntu6.23 qemu-system-sparc - 1:4.2-3ubuntu6.23 qemu-guest-agent - 1:4.2-3ubuntu6.23 qemu-system - 1:4.2-3ubuntu6.23 qemu-utils - 1:4.2-3ubuntu6.23 qemu-system-data - 1:4.2-3ubuntu6.23 qemu-kvm - 1:4.2-3ubuntu6.23 qemu-user-binfmt - 1:4.2-3ubuntu6.23 qemu-system-x86 - 1:4.2-3ubuntu6.23 qemu-system-arm - 1:4.2-3ubuntu6.23 qemu-system-gui - 1:4.2-3ubuntu6.23 qemu - 1:4.2-3ubuntu6.23 qemu-system-ppc - 1:4.2-3ubuntu6.23 qemu-system-mips - 1:4.2-3ubuntu6.23 qemu-system-x86-xen - 1:4.2-3ubuntu6.23 No subscription required Medium CVE-2021-3507 CVE-2021-3929 CVE-2021-4206 CVE-2021-4207 CVE-2022-0358 CVE-2022-26353 CVE-2022-26354 Ubuntu 20.04 LTS Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5491-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.6 squidclient - 4.10-1ubuntu1.6 squid - 4.10-1ubuntu1.6 squid-cgi - 4.10-1ubuntu1.6 squid-purge - 4.10-1ubuntu1.6 No subscription required Medium CVE-2021-46784 Ubuntu 20.04 LTS It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). Update Instructions: Run `sudo pro fix USN-5493-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-common - 5.4.0-121.137 linux-headers-5.4.0-121 - 5.4.0-121.137 linux-headers-5.4.0-121-generic - 5.4.0-121.137 linux-tools-host - 5.4.0-121.137 linux-doc - 5.4.0-121.137 linux-headers-5.4.0-121-generic-lpae - 5.4.0-121.137 linux-image-unsigned-5.4.0-121-lowlatency - 5.4.0-121.137 linux-cloud-tools-5.4.0-121-generic - 5.4.0-121.137 linux-cloud-tools-5.4.0-121 - 5.4.0-121.137 linux-tools-5.4.0-121 - 5.4.0-121.137 linux-libc-dev - 5.4.0-121.137 linux-source-5.4.0 - 5.4.0-121.137 linux-tools-5.4.0-121-generic - 5.4.0-121.137 linux-modules-5.4.0-121-generic - 5.4.0-121.137 linux-tools-5.4.0-121-lowlatency - 5.4.0-121.137 linux-buildinfo-5.4.0-121-lowlatency - 5.4.0-121.137 linux-image-5.4.0-121-generic - 5.4.0-121.137 linux-image-5.4.0-121-generic-lpae - 5.4.0-121.137 linux-modules-extra-5.4.0-121-generic - 5.4.0-121.137 linux-image-5.4.0-121-lowlatency - 5.4.0-121.137 linux-modules-5.4.0-121-lowlatency - 5.4.0-121.137 linux-cloud-tools-5.4.0-121-lowlatency - 5.4.0-121.137 linux-buildinfo-5.4.0-121-generic-lpae - 5.4.0-121.137 linux-modules-5.4.0-121-generic-lpae - 5.4.0-121.137 linux-cloud-tools-common - 5.4.0-121.137 linux-headers-5.4.0-121-lowlatency - 5.4.0-121.137 linux-buildinfo-5.4.0-121-generic - 5.4.0-121.137 linux-tools-5.4.0-121-generic-lpae - 5.4.0-121.137 linux-image-unsigned-5.4.0-121-generic - 5.4.0-121.137 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.121.122 linux-cloud-tools-virtual - 5.4.0.121.122 linux-image-generic-hwe-18.04 - 5.4.0.121.122 linux-generic-lpae-hwe-18.04-edge - 5.4.0.121.122 linux-headers-generic-lpae - 5.4.0.121.122 linux-image-virtual - 5.4.0.121.122 linux-oem-osp1-tools-host - 5.4.0.121.122 linux-image-generic - 5.4.0.121.122 linux-tools-lowlatency - 5.4.0.121.122 linux-image-oem - 5.4.0.121.122 linux-tools-virtual-hwe-18.04 - 5.4.0.121.122 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.121.122 linux-headers-lowlatency-hwe-18.04 - 5.4.0.121.122 linux-lowlatency-hwe-18.04-edge - 5.4.0.121.122 linux-image-extra-virtual-hwe-18.04 - 5.4.0.121.122 linux-image-oem-osp1 - 5.4.0.121.122 linux-image-generic-lpae-hwe-18.04 - 5.4.0.121.122 linux-crashdump - 5.4.0.121.122 linux-tools-lowlatency-hwe-18.04 - 5.4.0.121.122 linux-headers-generic-hwe-18.04 - 5.4.0.121.122 linux-headers-virtual-hwe-18.04-edge - 5.4.0.121.122 linux-lowlatency - 5.4.0.121.122 linux-source - 5.4.0.121.122 linux-tools-virtual-hwe-18.04-edge - 5.4.0.121.122 linux-tools-generic-lpae - 5.4.0.121.122 linux-cloud-tools-generic - 5.4.0.121.122 linux-virtual - 5.4.0.121.122 linux-headers-virtual-hwe-18.04 - 5.4.0.121.122 linux-virtual-hwe-18.04 - 5.4.0.121.122 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.121.122 linux-headers-virtual - 5.4.0.121.122 linux-tools-virtual - 5.4.0.121.122 linux-tools-oem - 5.4.0.121.122 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.121.122 linux-generic-lpae - 5.4.0.121.122 linux-headers-oem - 5.4.0.121.122 linux-generic - 5.4.0.121.122 linux-tools-oem-osp1 - 5.4.0.121.122 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.121.122 linux-tools-generic-hwe-18.04-edge - 5.4.0.121.122 linux-image-virtual-hwe-18.04 - 5.4.0.121.122 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.121.122 linux-cloud-tools-lowlatency - 5.4.0.121.122 linux-headers-lowlatency - 5.4.0.121.122 linux-image-generic-hwe-18.04-edge - 5.4.0.121.122 linux-generic-hwe-18.04-edge - 5.4.0.121.122 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.121.122 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.121.122 linux-oem - 5.4.0.121.122 linux-tools-generic - 5.4.0.121.122 linux-image-extra-virtual - 5.4.0.121.122 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.121.122 linux-oem-tools-host - 5.4.0.121.122 linux-headers-oem-osp1 - 5.4.0.121.122 linux-generic-lpae-hwe-18.04 - 5.4.0.121.122 linux-tools-generic-hwe-18.04 - 5.4.0.121.122 linux-headers-generic-hwe-18.04-edge - 5.4.0.121.122 linux-headers-generic - 5.4.0.121.122 linux-oem-osp1 - 5.4.0.121.122 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.121.122 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.121.122 linux-image-lowlatency-hwe-18.04 - 5.4.0.121.122 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.121.122 linux-virtual-hwe-18.04-edge - 5.4.0.121.122 linux-lowlatency-hwe-18.04 - 5.4.0.121.122 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.121.122 linux-generic-hwe-18.04 - 5.4.0.121.122 linux-image-generic-lpae - 5.4.0.121.122 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.121.122 linux-image-virtual-hwe-18.04-edge - 5.4.0.121.122 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.121.122 linux-image-lowlatency - 5.4.0.121.122 No subscription required Medium CVE-2022-28388 Ubuntu 20.04 LTS It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). Update Instructions: Run `sudo pro fix USN-5493-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-hwe-5.13-headers-5.13.0-52 - 5.13.0-52.59~20.04.1 linux-buildinfo-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 linux-image-5.13.0-52-generic-64k - 5.13.0-52.59~20.04.1 linux-hwe-5.13-cloud-tools-common - 5.13.0-52.59~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-52 - 5.13.0-52.59~20.04.1 linux-buildinfo-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-tools-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-52.59~20.04.1 linux-tools-5.13.0-52-generic-lpae - 5.13.0-52.59~20.04.1 linux-modules-extra-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-tools-5.13.0-52-generic-64k - 5.13.0-52.59~20.04.1 linux-tools-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 linux-cloud-tools-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-image-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-headers-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-image-unsigned-5.13.0-52-generic-64k - 5.13.0-52.59~20.04.1 linux-hwe-5.13-tools-5.13.0-52 - 5.13.0-52.59~20.04.1 linux-image-unsigned-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-modules-5.13.0-52-generic-lpae - 5.13.0-52.59~20.04.1 linux-headers-5.13.0-52-generic-64k - 5.13.0-52.59~20.04.1 linux-modules-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-headers-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 linux-buildinfo-5.13.0-52-generic-lpae - 5.13.0-52.59~20.04.1 linux-buildinfo-5.13.0-52-generic-64k - 5.13.0-52.59~20.04.1 linux-modules-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-52.59~20.04.1 linux-modules-5.13.0-52-generic-64k - 5.13.0-52.59~20.04.1 linux-headers-5.13.0-52-generic-lpae - 5.13.0-52.59~20.04.1 linux-image-5.13.0-52-generic-lpae - 5.13.0-52.59~20.04.1 linux-image-unsigned-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-52.59~20.04.1 linux-cloud-tools-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 linux-image-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-image-generic-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-headers-generic-64k-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-image-generic-lpae-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-generic-lpae-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-tools-virtual-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-tools-generic-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-lowlatency-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-headers-generic-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-image-virtual-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-generic-64k-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-tools-lowlatency-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-tools-generic-64k-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-image-generic-64k-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-headers-lowlatency-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-headers-virtual-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-generic-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-image-extra-virtual-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-image-lowlatency-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-virtual-hwe-20.04 - 5.13.0.52.59~20.04.31 No subscription required Medium CVE-2022-28388 Ubuntu 20.04 LTS Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32205) Harry Sintonen discovered that curl incorrectly handled certain HTTP compressions. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-32206) Harry Sintonen incorrectly handled certain file permissions. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32207) Harry Sintonen discovered that curl incorrectly handled certain FTP-KRB messages. An attacker could possibly use this to perform a machine-in-the-middle attack. (CVE-2022-32208) Update Instructions: Run `sudo pro fix USN-5495-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.12 libcurl4-openssl-dev - 7.68.0-1ubuntu2.12 libcurl3-gnutls - 7.68.0-1ubuntu2.12 libcurl4-doc - 7.68.0-1ubuntu2.12 libcurl3-nss - 7.68.0-1ubuntu2.12 libcurl4-nss-dev - 7.68.0-1ubuntu2.12 libcurl4 - 7.68.0-1ubuntu2.12 curl - 7.68.0-1ubuntu2.12 No subscription required Medium CVE-2022-32205 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208 Ubuntu 20.04 LTS Mike Stroyan discovered that cloud-init could log password hashes when reporting schema failures. An attacker with access to these logs could potentially use this to gain user credentials. Update Instructions: Run `sudo pro fix USN-5496-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cloud-init - 22.2-0ubuntu1~20.04.3 No subscription required Medium CVE-2022-2084 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain SQL. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5501-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.12 python-django-doc - 2:2.2.12-1ubuntu0.12 No subscription required Medium CVE-2022-34265 Ubuntu 20.04 LTS Alex Chernyakhovsky discovered that OpenSSL incorrectly handled AES OCB mode when using the AES-NI assembly optimized implementation on 32-bit x86 platforms. A remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5502-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.16 libssl-dev - 1.1.1f-1ubuntu2.16 openssl - 1.1.1f-1ubuntu2.16 libssl-doc - 1.1.1f-1ubuntu2.16 No subscription required Medium CVE-2022-2097 Ubuntu 20.04 LTS Demi Marie Obenour discovered that GnuPG incorrectly handled injection in the status message. A remote attacker could possibly use this issue to forge signatures. Update Instructions: Run `sudo pro fix USN-5503-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dirmngr - 2.2.19-3ubuntu2.2 gpgv-static - 2.2.19-3ubuntu2.2 gpgv-win32 - 2.2.19-3ubuntu2.2 scdaemon - 2.2.19-3ubuntu2.2 gpgsm - 2.2.19-3ubuntu2.2 gpgv - 2.2.19-3ubuntu2.2 gpg - 2.2.19-3ubuntu2.2 gnupg-agent - 2.2.19-3ubuntu2.2 gnupg2 - 2.2.19-3ubuntu2.2 gpgconf - 2.2.19-3ubuntu2.2 gpgv2 - 2.2.19-3ubuntu2.2 gnupg-utils - 2.2.19-3ubuntu2.2 gpg-wks-server - 2.2.19-3ubuntu2.2 gpg-agent - 2.2.19-3ubuntu2.2 gnupg - 2.2.19-3ubuntu2.2 gpg-wks-client - 2.2.19-3ubuntu2.2 gnupg-l10n - 2.2.19-3ubuntu2.2 No subscription required Medium CVE-2022-34903 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass CSP restrictions, bypass sandboxed iframe restrictions, obtain sensitive information, bypass the HTML sanitizer, or execute arbitrary code. (CVE-2022-2200, CVE-2022-34468, CVE-2022-34470, CVE-2022-34473, CVE-2022-34474, CVE-2022-34475, CVE-2022-34476, CVE-2022-34477, CVE-2022-34479, CVE-2022-34480, CVE-2022-34481, CVE-2022-34484, CVE-2022-34485) It was discovered that Firefox could be made to save an image with an executable extension in the filename when dragging and dropping an image in some circumstances. If a user were tricked into dragging and dropping a specially crafted image, an attacker could potentially exploit this to trick the user into executing arbitrary code. (CVE-2022-34482, CVE-2022-34483) It was discovered that a compromised server could trick Firefox into an addon downgrade in some circumstances. An attacker could potentially exploit this to trick the browser into downgrading an addon to a prior version. (CVE-2022-34471) It was discovered that an unavailable PAC file caused OCSP requests to be blocked, resulting in incorrect error pages being displayed. (CVE-2022-34472) Update Instructions: Run `sudo pro fix USN-5504-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 102.0+build2-0ubuntu0.20.04.1 firefox - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 102.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 102.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 102.0+build2-0ubuntu0.20.04.1 firefox-dev - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 102.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-2200 CVE-2022-34468 CVE-2022-34470 CVE-2022-34471 CVE-2022-34472 CVE-2022-34473 CVE-2022-34474 CVE-2022-34475 CVE-2022-34476 CVE-2022-34477 CVE-2022-34479 CVE-2022-34480 CVE-2022-34481 CVE-2022-34482 CVE-2022-34483 CVE-2022-34484 CVE-2022-34485 Ubuntu 20.04 LTS Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-22747) Ronald Crane discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-34480) Update Instructions: Run `sudo pro fix USN-5506-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.8 libnss3 - 2:3.49.1-1ubuntu1.8 libnss3-tools - 2:3.49.1-1ubuntu1.8 No subscription required Medium CVE-2022-22747 CVE-2022-34480 Ubuntu 20.04 LTS It was discovered that Python LDAP incorrectly handled certain regular expressions. An remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5508-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pyldap - 3.2.0-4ubuntu2.1 python3-ldap - 3.2.0-4ubuntu2.1 No subscription required Medium CVE-2021-46823 Ubuntu 20.04 LTS Julian Brook discovered that Dovecot incorrectly handled multiple passdb configuration entries. In certain configurations, a remote attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-5509-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dovecot-auth-lua - 1:2.3.7.2-1ubuntu3.6 dovecot-pgsql - 1:2.3.7.2-1ubuntu3.6 dovecot-mysql - 1:2.3.7.2-1ubuntu3.6 dovecot-core - 1:2.3.7.2-1ubuntu3.6 dovecot-sieve - 1:2.3.7.2-1ubuntu3.6 dovecot-ldap - 1:2.3.7.2-1ubuntu3.6 dovecot-sqlite - 1:2.3.7.2-1ubuntu3.6 dovecot-dev - 1:2.3.7.2-1ubuntu3.6 dovecot-pop3d - 1:2.3.7.2-1ubuntu3.6 dovecot-imapd - 1:2.3.7.2-1ubuntu3.6 dovecot-managesieved - 1:2.3.7.2-1ubuntu3.6 dovecot-lucene - 1:2.3.7.2-1ubuntu3.6 mail-stack-delivery - 1:2.3.7.2-1ubuntu3.6 dovecot-gssapi - 1:2.3.7.2-1ubuntu3.6 dovecot-solr - 1:2.3.7.2-1ubuntu3.6 dovecot-submissiond - 1:2.3.7.2-1ubuntu3.6 dovecot-lmtpd - 1:2.3.7.2-1ubuntu3.6 No subscription required Medium CVE-2022-30550 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code and escalate privileges. Update Instructions: Run `sudo pro fix USN-5510-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.3 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.3 xwayland - 2:1.20.13-1ubuntu1~20.04.3 xdmx - 2:1.20.13-1ubuntu1~20.04.3 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.3 xvfb - 2:1.20.13-1ubuntu1~20.04.3 xnest - 2:1.20.13-1ubuntu1~20.04.3 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.3 xserver-common - 2:1.20.13-1ubuntu1~20.04.3 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.3 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.3 No subscription required Medium CVE-2022-2319 CVE-2022-2320 Ubuntu 20.04 LTS Carlo Marcelo Arenas Belón discovered that an issue related to CVE-2022-24765 still affected Git. An attacker could possibly use this issue to run arbitrary commands as administrator. (CVE-2022-29187) Update Instructions: Run `sudo pro fix USN-5511-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.5 gitweb - 1:2.25.1-1ubuntu3.5 git-all - 1:2.25.1-1ubuntu3.5 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.5 git-el - 1:2.25.1-1ubuntu3.5 gitk - 1:2.25.1-1ubuntu3.5 git-gui - 1:2.25.1-1ubuntu3.5 git-mediawiki - 1:2.25.1-1ubuntu3.5 git-daemon-run - 1:2.25.1-1ubuntu3.5 git-man - 1:2.25.1-1ubuntu3.5 git-doc - 1:2.25.1-1ubuntu3.5 git-svn - 1:2.25.1-1ubuntu3.5 git-cvs - 1:2.25.1-1ubuntu3.5 git-email - 1:2.25.1-1ubuntu3.5 No subscription required Medium CVE-2022-29187 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass CSP restrictions, or execute arbitrary code. (CVE-2022-2200, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31744, CVE-2022-31747, CVE-2022-34468, CVE-2022-34470, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484) It was discovered that an unavailable PAC file caused OCSP requests to be blocked, resulting in incorrect error pages being displayed. (CVE-2022-34472) It was discovered that the Braille space character could be used to cause Thunderbird to display the wrong sender address for signed messages. An attacker could potentially exploit this to trick the user into believing a message had been sent from somebody they trusted. (CVE-2022-1834) It was discovered that Thunderbird would consider an email with a mismatched OpenPGP signature date as valid. An attacker could potentially exploit this by replaying an older message in order to trick the user into believing that the statements in the message are current. (CVE-2022-2226) Update Instructions: Run `sudo pro fix USN-5512-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:91.11.0+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:91.11.0+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:91.11.0+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:91.11.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-1834 CVE-2022-31736 CVE-2022-31737 CVE-2022-31738 CVE-2022-31740 CVE-2022-31741 CVE-2022-31742 CVE-2022-31747 CVE-2022-2200 CVE-2022-31744 CVE-2022-34468 CVE-2022-34470 CVE-2022-34472 CVE-2022-34479 CVE-2022-34481 CVE-2022-34484 CVE-2022-2226 Ubuntu 20.04 LTS It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1195) Duoming Zhou discovered that the AX.25 amateur radio protocol implementation in the Linux kernel did not handle detach events properly in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1199) Duoming Zhou discovered race conditions in the AX.25 amateur radio protocol implementation in the Linux kernel during device detach operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1204) Duoming Zhou discovered race conditions in the AX.25 amateur radio protocol implementation in the Linux kernel, leading to use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1205) Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle guest TLB mapping invalidation requests in some situations. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2022-1789) Minh Yuan discovered that the floppy driver in the Linux kernel contained a race condition in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-33981) Update Instructions: Run `sudo pro fix USN-5514-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1029-ibm - 5.4.0-1029.33 linux-ibm-headers-5.4.0-1029 - 5.4.0-1029.33 linux-tools-5.4.0-1029-ibm - 5.4.0-1029.33 linux-modules-5.4.0-1029-ibm - 5.4.0-1029.33 linux-buildinfo-5.4.0-1029-ibm - 5.4.0-1029.33 linux-image-5.4.0-1029-ibm - 5.4.0-1029.33 linux-ibm-tools-common - 5.4.0-1029.33 linux-ibm-tools-5.4.0-1029 - 5.4.0-1029.33 linux-ibm-source-5.4.0 - 5.4.0-1029.33 linux-ibm-cloud-tools-common - 5.4.0-1029.33 linux-headers-5.4.0-1029-ibm - 5.4.0-1029.33 linux-modules-extra-5.4.0-1029-ibm - 5.4.0-1029.33 No subscription required linux-cloud-tools-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-image-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-modules-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-headers-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-gkeop-tools-5.4.0-1049 - 5.4.0-1049.52 linux-gkeop-cloud-tools-5.4.0-1049 - 5.4.0-1049.52 linux-tools-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-modules-extra-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-gkeop-source-5.4.0 - 5.4.0-1049.52 linux-image-unsigned-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-buildinfo-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-gkeop-headers-5.4.0-1049 - 5.4.0-1049.52 No subscription required linux-raspi-headers-5.4.0-1066 - 5.4.0-1066.76 linux-tools-5.4.0-1066-raspi - 5.4.0-1066.76 linux-raspi-tools-5.4.0-1066 - 5.4.0-1066.76 linux-modules-5.4.0-1066-raspi - 5.4.0-1066.76 linux-buildinfo-5.4.0-1066-raspi - 5.4.0-1066.76 linux-image-5.4.0-1066-raspi - 5.4.0-1066.76 linux-headers-5.4.0-1066-raspi - 5.4.0-1066.76 No subscription required linux-kvm-tools-5.4.0-1071 - 5.4.0-1071.76 linux-tools-5.4.0-1071-kvm - 5.4.0-1071.76 linux-kvm-headers-5.4.0-1071 - 5.4.0-1071.76 linux-buildinfo-5.4.0-1071-kvm - 5.4.0-1071.76 linux-modules-5.4.0-1071-kvm - 5.4.0-1071.76 linux-image-5.4.0-1071-kvm - 5.4.0-1071.76 linux-headers-5.4.0-1071-kvm - 5.4.0-1071.76 linux-image-unsigned-5.4.0-1071-kvm - 5.4.0-1071.76 No subscription required linux-image-unsigned-5.4.0-1078-gke - 5.4.0-1078.84 linux-modules-5.4.0-1078-gke - 5.4.0-1078.84 linux-gke-headers-5.4.0-1078 - 5.4.0-1078.84 linux-image-5.4.0-1078-gke - 5.4.0-1078.84 linux-headers-5.4.0-1078-gke - 5.4.0-1078.84 linux-tools-5.4.0-1078-gke - 5.4.0-1078.84 linux-modules-extra-5.4.0-1078-gke - 5.4.0-1078.84 linux-buildinfo-5.4.0-1078-gke - 5.4.0-1078.84 linux-gke-tools-5.4.0-1078 - 5.4.0-1078.84 No subscription required linux-oracle-tools-5.4.0-1079 - 5.4.0-1079.87 linux-oracle-headers-5.4.0-1079 - 5.4.0-1079.87 linux-modules-extra-5.4.0-1079-oracle - 5.4.0-1079.87 linux-image-5.4.0-1079-oracle - 5.4.0-1079.87 linux-image-unsigned-5.4.0-1079-oracle - 5.4.0-1079.87 linux-tools-5.4.0-1079-oracle - 5.4.0-1079.87 linux-modules-5.4.0-1079-oracle - 5.4.0-1079.87 linux-headers-5.4.0-1079-oracle - 5.4.0-1079.87 linux-buildinfo-5.4.0-1079-oracle - 5.4.0-1079.87 No subscription required linux-aws-cloud-tools-5.4.0-1081 - 5.4.0-1081.88 linux-buildinfo-5.4.0-1081-aws - 5.4.0-1081.88 linux-modules-5.4.0-1081-aws - 5.4.0-1081.88 linux-modules-extra-5.4.0-1081-aws - 5.4.0-1081.88 linux-aws-tools-5.4.0-1081 - 5.4.0-1081.88 linux-tools-5.4.0-1081-aws - 5.4.0-1081.88 linux-aws-headers-5.4.0-1081 - 5.4.0-1081.88 linux-image-5.4.0-1081-aws - 5.4.0-1081.88 linux-headers-5.4.0-1081-aws - 5.4.0-1081.88 linux-image-unsigned-5.4.0-1081-aws - 5.4.0-1081.88 linux-cloud-tools-5.4.0-1081-aws - 5.4.0-1081.88 No subscription required linux-tools-5.4.0-1084-gcp - 5.4.0-1084.92 linux-modules-5.4.0-1084-gcp - 5.4.0-1084.92 linux-image-5.4.0-1084-gcp - 5.4.0-1084.92 linux-headers-5.4.0-1084-gcp - 5.4.0-1084.92 linux-image-unsigned-5.4.0-1084-gcp - 5.4.0-1084.92 linux-gcp-tools-5.4.0-1084 - 5.4.0-1084.92 linux-modules-extra-5.4.0-1084-gcp - 5.4.0-1084.92 linux-buildinfo-5.4.0-1084-gcp - 5.4.0-1084.92 linux-gcp-headers-5.4.0-1084 - 5.4.0-1084.92 No subscription required linux-modules-5.4.0-1086-azure - 5.4.0-1086.91 linux-modules-extra-5.4.0-1086-azure - 5.4.0-1086.91 linux-image-unsigned-5.4.0-1086-azure - 5.4.0-1086.91 linux-image-5.4.0-1086-azure - 5.4.0-1086.91 linux-azure-tools-5.4.0-1086 - 5.4.0-1086.91 linux-azure-headers-5.4.0-1086 - 5.4.0-1086.91 linux-tools-5.4.0-1086-azure - 5.4.0-1086.91 linux-buildinfo-5.4.0-1086-azure - 5.4.0-1086.91 linux-cloud-tools-5.4.0-1086-azure - 5.4.0-1086.91 linux-headers-5.4.0-1086-azure - 5.4.0-1086.91 linux-azure-cloud-tools-5.4.0-1086 - 5.4.0-1086.91 No subscription required linux-image-5.4.0-1086-azure-fde - 5.4.0-1086.91+cvm1.1 linux-image-unsigned-5.4.0-1086-azure-fde - 5.4.0-1086.91+cvm1.1 No subscription required linux-tools-common - 5.4.0-122.138 linux-headers-5.4.0-122 - 5.4.0-122.138 linux-image-unsigned-5.4.0-122-lowlatency - 5.4.0-122.138 linux-tools-host - 5.4.0-122.138 linux-doc - 5.4.0-122.138 linux-headers-5.4.0-122-generic-lpae - 5.4.0-122.138 linux-cloud-tools-5.4.0-122 - 5.4.0-122.138 linux-tools-5.4.0-122 - 5.4.0-122.138 linux-source-5.4.0 - 5.4.0-122.138 linux-image-5.4.0-122-generic - 5.4.0-122.138 linux-tools-5.4.0-122-lowlatency - 5.4.0-122.138 linux-headers-5.4.0-122-generic - 5.4.0-122.138 linux-modules-5.4.0-122-generic - 5.4.0-122.138 linux-cloud-tools-5.4.0-122-lowlatency - 5.4.0-122.138 linux-tools-5.4.0-122-generic - 5.4.0-122.138 linux-modules-5.4.0-122-generic-lpae - 5.4.0-122.138 linux-modules-5.4.0-122-lowlatency - 5.4.0-122.138 linux-buildinfo-5.4.0-122-generic - 5.4.0-122.138 linux-cloud-tools-5.4.0-122-generic - 5.4.0-122.138 linux-cloud-tools-common - 5.4.0-122.138 linux-buildinfo-5.4.0-122-generic-lpae - 5.4.0-122.138 linux-image-5.4.0-122-lowlatency - 5.4.0-122.138 linux-modules-extra-5.4.0-122-generic - 5.4.0-122.138 linux-tools-5.4.0-122-generic-lpae - 5.4.0-122.138 linux-image-5.4.0-122-generic-lpae - 5.4.0-122.138 linux-libc-dev - 5.4.0-122.138 linux-image-unsigned-5.4.0-122-generic - 5.4.0-122.138 linux-buildinfo-5.4.0-122-lowlatency - 5.4.0-122.138 linux-headers-5.4.0-122-lowlatency - 5.4.0-122.138 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1029.58 linux-image-ibm - 5.4.0.1029.58 linux-headers-ibm-lts-20.04 - 5.4.0.1029.58 linux-tools-ibm - 5.4.0.1029.58 linux-image-ibm-lts-20.04 - 5.4.0.1029.58 linux-ibm-lts-20.04 - 5.4.0.1029.58 linux-modules-extra-ibm - 5.4.0.1029.58 linux-ibm - 5.4.0.1029.58 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1029.58 linux-headers-ibm - 5.4.0.1029.58 No subscription required linux-headers-gkeop - 5.4.0.1049.50 linux-cloud-tools-gkeop-5.4 - 5.4.0.1049.50 linux-image-gkeop - 5.4.0.1049.50 linux-gkeop-5.4 - 5.4.0.1049.50 linux-image-gkeop-5.4 - 5.4.0.1049.50 linux-tools-gkeop - 5.4.0.1049.50 linux-cloud-tools-gkeop - 5.4.0.1049.50 linux-modules-extra-gkeop-5.4 - 5.4.0.1049.50 linux-gkeop - 5.4.0.1049.50 linux-headers-gkeop-5.4 - 5.4.0.1049.50 linux-modules-extra-gkeop - 5.4.0.1049.50 linux-tools-gkeop-5.4 - 5.4.0.1049.50 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1066.99 linux-raspi2 - 5.4.0.1066.99 linux-headers-raspi2 - 5.4.0.1066.99 linux-image-raspi-hwe-18.04 - 5.4.0.1066.99 linux-image-raspi2-hwe-18.04 - 5.4.0.1066.99 linux-tools-raspi - 5.4.0.1066.99 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1066.99 linux-headers-raspi-hwe-18.04 - 5.4.0.1066.99 linux-headers-raspi2-hwe-18.04 - 5.4.0.1066.99 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1066.99 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1066.99 linux-headers-raspi - 5.4.0.1066.99 linux-raspi2-hwe-18.04-edge - 5.4.0.1066.99 linux-raspi-hwe-18.04 - 5.4.0.1066.99 linux-tools-raspi2-hwe-18.04 - 5.4.0.1066.99 linux-raspi2-hwe-18.04 - 5.4.0.1066.99 linux-image-raspi-hwe-18.04-edge - 5.4.0.1066.99 linux-image-raspi2 - 5.4.0.1066.99 linux-tools-raspi-hwe-18.04 - 5.4.0.1066.99 linux-raspi-hwe-18.04-edge - 5.4.0.1066.99 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1066.99 linux-image-raspi - 5.4.0.1066.99 linux-tools-raspi2 - 5.4.0.1066.99 linux-raspi - 5.4.0.1066.99 No subscription required linux-kvm - 5.4.0.1071.68 linux-headers-kvm - 5.4.0.1071.68 linux-image-kvm - 5.4.0.1071.68 linux-tools-kvm - 5.4.0.1071.68 No subscription required linux-modules-extra-gke - 5.4.0.1078.86 linux-image-gke-5.4 - 5.4.0.1078.86 linux-headers-gke-5.4 - 5.4.0.1078.86 linux-modules-extra-gke-5.4 - 5.4.0.1078.86 linux-gke-5.4 - 5.4.0.1078.86 linux-tools-gke - 5.4.0.1078.86 linux-gke - 5.4.0.1078.86 linux-headers-gke - 5.4.0.1078.86 linux-image-gke - 5.4.0.1078.86 linux-tools-gke-5.4 - 5.4.0.1078.86 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1079.76 linux-oracle-lts-20.04 - 5.4.0.1079.76 linux-headers-oracle-lts-20.04 - 5.4.0.1079.76 linux-image-oracle-lts-20.04 - 5.4.0.1079.76 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1081.81 linux-image-aws-lts-20.04 - 5.4.0.1081.81 linux-headers-aws-lts-20.04 - 5.4.0.1081.81 linux-tools-aws-lts-20.04 - 5.4.0.1081.81 linux-aws-lts-20.04 - 5.4.0.1081.81 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1084.89 linux-gcp-lts-20.04 - 5.4.0.1084.89 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1084.89 linux-headers-gcp-lts-20.04 - 5.4.0.1084.89 linux-image-gcp-lts-20.04 - 5.4.0.1084.89 No subscription required linux-azure-lts-20.04 - 5.4.0.1086.83 linux-image-azure-lts-20.04 - 5.4.0.1086.83 linux-modules-extra-azure-lts-20.04 - 5.4.0.1086.83 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1086.83 linux-tools-azure-lts-20.04 - 5.4.0.1086.83 linux-headers-azure-lts-20.04 - 5.4.0.1086.83 No subscription required linux-tools-azure-fde - 5.4.0.1086.91+cvm1.27 linux-cloud-tools-azure-fde - 5.4.0.1086.91+cvm1.27 linux-azure-fde - 5.4.0.1086.91+cvm1.27 linux-image-azure-fde - 5.4.0.1086.91+cvm1.27 linux-modules-extra-azure-fde - 5.4.0.1086.91+cvm1.27 linux-headers-azure-fde - 5.4.0.1086.91+cvm1.27 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.122.123 linux-image-generic-hwe-18.04 - 5.4.0.122.123 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.122.123 linux-headers-generic-lpae - 5.4.0.122.123 linux-headers-generic - 5.4.0.122.123 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.122.123 linux-image-virtual - 5.4.0.122.123 linux-oem-osp1-tools-host - 5.4.0.122.123 linux-image-generic - 5.4.0.122.123 linux-tools-lowlatency - 5.4.0.122.123 linux-image-oem - 5.4.0.122.123 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.122.123 linux-headers-lowlatency-hwe-18.04 - 5.4.0.122.123 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.122.123 linux-lowlatency-hwe-18.04-edge - 5.4.0.122.123 linux-image-extra-virtual-hwe-18.04 - 5.4.0.122.123 linux-oem - 5.4.0.122.123 linux-image-oem-osp1 - 5.4.0.122.123 linux-image-generic-lpae-hwe-18.04 - 5.4.0.122.123 linux-crashdump - 5.4.0.122.123 linux-tools-lowlatency-hwe-18.04 - 5.4.0.122.123 linux-headers-generic-hwe-18.04 - 5.4.0.122.123 linux-headers-virtual-hwe-18.04-edge - 5.4.0.122.123 linux-source - 5.4.0.122.123 linux-lowlatency - 5.4.0.122.123 linux-tools-generic-lpae - 5.4.0.122.123 linux-tools-virtual - 5.4.0.122.123 linux-virtual - 5.4.0.122.123 linux-headers-virtual-hwe-18.04 - 5.4.0.122.123 linux-tools-generic - 5.4.0.122.123 linux-virtual-hwe-18.04 - 5.4.0.122.123 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.122.123 linux-cloud-tools-generic - 5.4.0.122.123 linux-tools-oem - 5.4.0.122.123 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.122.123 linux-generic-lpae - 5.4.0.122.123 linux-headers-oem - 5.4.0.122.123 linux-generic - 5.4.0.122.123 linux-tools-oem-osp1 - 5.4.0.122.123 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.122.123 linux-image-virtual-hwe-18.04-edge - 5.4.0.122.123 linux-image-virtual-hwe-18.04 - 5.4.0.122.123 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.122.123 linux-lowlatency-hwe-18.04 - 5.4.0.122.123 linux-oem-tools-host - 5.4.0.122.123 linux-headers-lowlatency - 5.4.0.122.123 linux-image-generic-hwe-18.04-edge - 5.4.0.122.123 linux-generic-hwe-18.04-edge - 5.4.0.122.123 linux-tools-generic-hwe-18.04-edge - 5.4.0.122.123 linux-cloud-tools-virtual - 5.4.0.122.123 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.122.123 linux-image-extra-virtual - 5.4.0.122.123 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.122.123 linux-cloud-tools-lowlatency - 5.4.0.122.123 linux-headers-oem-osp1 - 5.4.0.122.123 linux-tools-virtual-hwe-18.04-edge - 5.4.0.122.123 linux-tools-generic-hwe-18.04 - 5.4.0.122.123 linux-headers-generic-hwe-18.04-edge - 5.4.0.122.123 linux-generic-lpae-hwe-18.04-edge - 5.4.0.122.123 linux-oem-osp1 - 5.4.0.122.123 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.122.123 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.122.123 linux-image-lowlatency-hwe-18.04 - 5.4.0.122.123 linux-generic-lpae-hwe-18.04 - 5.4.0.122.123 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.122.123 linux-virtual-hwe-18.04-edge - 5.4.0.122.123 linux-headers-virtual - 5.4.0.122.123 linux-tools-virtual-hwe-18.04 - 5.4.0.122.123 linux-generic-hwe-18.04 - 5.4.0.122.123 linux-image-generic-lpae - 5.4.0.122.123 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.122.123 linux-image-lowlatency - 5.4.0.122.123 No subscription required Medium CVE-2022-1195 CVE-2022-1199 CVE-2022-1204 CVE-2022-1205 CVE-2022-1789 CVE-2022-33981 Ubuntu 20.04 LTS It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494) Update Instructions: Run `sudo pro fix USN-5517-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-iwlwifi-5.14.0-1045-oem - 5.14.0-1045.51 linux-oem-5.14-tools-5.14.0-1045 - 5.14.0-1045.51 linux-buildinfo-5.14.0-1045-oem - 5.14.0-1045.51 linux-image-unsigned-5.14.0-1045-oem - 5.14.0-1045.51 linux-tools-5.14.0-1045-oem - 5.14.0-1045.51 linux-modules-5.14.0-1045-oem - 5.14.0-1045.51 linux-image-5.14.0-1045-oem - 5.14.0-1045.51 linux-oem-5.14-headers-5.14.0-1045 - 5.14.0-1045.51 linux-headers-5.14.0-1045-oem - 5.14.0-1045.51 linux-oem-5.14-tools-host - 5.14.0-1045.51 No subscription required linux-image-oem-20.04c - 5.14.0.1045.41 linux-image-oem-20.04b - 5.14.0.1045.41 linux-image-oem-20.04d - 5.14.0.1045.41 linux-tools-oem-20.04d - 5.14.0.1045.41 linux-tools-oem-20.04c - 5.14.0.1045.41 linux-tools-oem-20.04b - 5.14.0.1045.41 linux-oem-20.04 - 5.14.0.1045.41 linux-image-oem-20.04 - 5.14.0.1045.41 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1045.41 linux-oem-20.04d - 5.14.0.1045.41 linux-oem-20.04c - 5.14.0.1045.41 linux-oem-20.04b - 5.14.0.1045.41 linux-headers-oem-20.04 - 5.14.0.1045.41 linux-headers-oem-20.04b - 5.14.0.1045.41 linux-headers-oem-20.04c - 5.14.0.1045.41 linux-headers-oem-20.04d - 5.14.0.1045.41 linux-tools-oem-20.04 - 5.14.0.1045.41 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1045.41 No subscription required Medium CVE-2022-1679 CVE-2022-34494 Ubuntu 20.04 LTS It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5519-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python2.7-dev - 2.7.18-1~20.04.3 python2.7-doc - 2.7.18-1~20.04.3 python2.7-examples - 2.7.18-1~20.04.3 libpython2.7-stdlib - 2.7.18-1~20.04.3 libpython2.7-minimal - 2.7.18-1~20.04.3 libpython2.7 - 2.7.18-1~20.04.3 libpython2.7-testsuite - 2.7.18-1~20.04.3 python2.7 - 2.7.18-1~20.04.3 idle-python2.7 - 2.7.18-1~20.04.3 libpython2.7-dev - 2.7.18-1~20.04.3 python2.7-minimal - 2.7.18-1~20.04.3 No subscription required python3.8-full - 3.8.10-0ubuntu1~20.04.5 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.5 python3.8-venv - 3.8.10-0ubuntu1~20.04.5 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.5 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.5 idle-python3.8 - 3.8.10-0ubuntu1~20.04.5 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.5 python3.8 - 3.8.10-0ubuntu1~20.04.5 python3.8-doc - 3.8.10-0ubuntu1~20.04.5 python3.8-minimal - 3.8.10-0ubuntu1~20.04.5 python3.8-examples - 3.8.10-0ubuntu1~20.04.5 python3.8-dev - 3.8.10-0ubuntu1~20.04.5 libpython3.8 - 3.8.10-0ubuntu1~20.04.5 No subscription required Low CVE-2015-20107 Ubuntu 20.04 LTS It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. Update Instructions: Run `sudo pro fix USN-5520-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhttp-daemon-perl - 6.06-1ubuntu0.1 No subscription required Medium CVE-2022-31081 Ubuntu 20.04 LTS Several security issues were discovered in WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5522-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.36.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.36.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.36.4-0ubuntu0.20.04.1 webkit2gtk-driver - 2.36.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.36.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.36.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.36.4-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.36.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.36.4-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-22677 CVE-2022-26710 Ubuntu 20.04 LTS USN-5523-1 fixed several vulnerabilities in LibTIFF. This update provides the fixes for CVE-2022-0907, CVE-2022-0908, CVE-2022-0909, CVE-2022-0924 and CVE-2022-22844 for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that LibTIFF was not properly perf orming checks to guarantee that allocated memory space existed, which could lead to a NULL pointer dereference via a specially crafted file. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0907, CVE-2022-0908) It was discovered that LibTIFF was not properly performing checks to avoid division calculations where the denominator value was zero, which could lead to an undefined behavior situation via a specially crafted file. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0909) It was discovered that LibTIFF was not properly performing bounds checks, which could lead to an out-of-bounds read via a specially crafted file. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. (CVE-2022-0924) It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bounds checking operations, which could lead to an out-of-bounds read via a specially crafted file. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. (CVE-2020-19131) It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data, which could lead to an out-of-bounds read via a specially crafted file. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. (CVE-2020-19144) It was discovered that LibTIFF was not properly performing checks when setting the value for data later used as reference during memory access, which could lead to an out-of-bounds read via a specially crafted file. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. (CVE-2022-22844) Update Instructions: Run `sudo pro fix USN-5523-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.4 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.4 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.4 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.4 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.4 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.4 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.4 No subscription required Medium CVE-2022-0907 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 CVE-2022-22844 Ubuntu 20.04 LTS It was discovered that HarfBuzz incorrectly handled certain glyph sizes. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5524-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-harfbuzz-0.0 - 2.6.4-1ubuntu4.2 libharfbuzz-gobject0 - 2.6.4-1ubuntu4.2 libharfbuzz-dev - 2.6.4-1ubuntu4.2 libharfbuzz-icu0 - 2.6.4-1ubuntu4.2 libharfbuzz0b - 2.6.4-1ubuntu4.2 libharfbuzz-bin - 2.6.4-1ubuntu4.2 libharfbuzz-doc - 2.6.4-1ubuntu4.2 No subscription required Medium CVE-2022-33068 Ubuntu 20.04 LTS It was discovered that Apache XML Security for Java incorrectly passed a configuration property when creating specific key elements. This allows an attacker to abuse an XPath Transform to extract sensitive information. Update Instructions: Run `sudo pro fix USN-5525-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxml-security-java-doc - 2.0.10-2+deb11u1build0.20.04.1 libxml-security-java - 2.0.10-2+deb11u1build0.20.04.1 No subscription required Medium CVE-2021-40690 Ubuntu 20.04 LTS Aapo Oksman discovered that PyJWT incorrectly handled signatures constructed from SSH public keys. A remote attacker could use this to forge a JWT signature. Update Instructions: Run `sudo pro fix USN-5526-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-jwt - 1.7.1-2ubuntu2.1 No subscription required Medium CVE-2022-29217 Ubuntu 20.04 LTS It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5528-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freetype2-doc - 2.10.1-2ubuntu0.2 libfreetype6-dev - 2.10.1-2ubuntu0.2 libfreetype-dev - 2.10.1-2ubuntu0.2 freetype2-demos - 2.10.1-2ubuntu0.2 libfreetype6 - 2.10.1-2ubuntu0.2 No subscription required Medium CVE-2022-27404 CVE-2022-27405 CVE-2022-27406 CVE-2022-31782 Ubuntu 20.04 LTS Pietro Borrello discovered that protobuf-c contained an invalid arithmetic shift. This vulnerability allowed attackers to cause a denial of service (system crash) via unspecified vectors (CVE-2022-33070). It was discovered that protobuf-c contained an unsigned integer overflow. This vulnerability allowed attackers to cause a denial of service (system crash) via unspecified vectors. Todd Miller discovered that protobuf-c contained a possible NULL dereference. This could cause a vulnerability that allowed attackers to cause a denial of service (system crash) via unspecified vectors. Update Instructions: Run `sudo pro fix USN-5531-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libprotobuf-c-dev - 1.3.3-1ubuntu0.1 protobuf-c-compiler - 1.3.3-1ubuntu0.1 libprotobuf-c1 - 1.3.3-1ubuntu0.1 No subscription required Medium CVE-2022-33070 Ubuntu 20.04 LTS It was discovered that Bottle incorrectly handled errors during early request binding. An attacker could possibly use this issue to disclose sensitive information. (CVE-2022-31799) Update Instructions: Run `sudo pro fix USN-5532-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-bottle - 0.12.15-2.1ubuntu0.2 python-bottle-doc - 0.12.15-2.1ubuntu0.2 No subscription required Medium CVE-2022-31799 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, bypass Subresource Integrity protections, obtain sensitive information, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5536-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 103.0+build1-0ubuntu0.20.04.1 firefox - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 103.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 103.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 103.0+build1-0ubuntu0.20.04.1 firefox-dev - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 103.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-2505 CVE-2022-36315 CVE-2022-36316 CVE-2022-36318 CVE-2022-36319 CVE-2022-36320 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.30 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.39. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-39.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-30.html https://www.oracle.com/security-alerts/cpujul2022.html Update Instructions: Run `sudo pro fix USN-5537-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.30-0ubuntu0.20.04.2 libmysqlclient-dev - 8.0.30-0ubuntu0.20.04.2 mysql-testsuite-8.0 - 8.0.30-0ubuntu0.20.04.2 mysql-router - 8.0.30-0ubuntu0.20.04.2 mysql-server - 8.0.30-0ubuntu0.20.04.2 libmysqlclient21 - 8.0.30-0ubuntu0.20.04.2 mysql-client-core-8.0 - 8.0.30-0ubuntu0.20.04.2 mysql-server-core-8.0 - 8.0.30-0ubuntu0.20.04.2 mysql-server-8.0 - 8.0.30-0ubuntu0.20.04.2 mysql-testsuite - 8.0.30-0ubuntu0.20.04.2 mysql-client-8.0 - 8.0.30-0ubuntu0.20.04.2 mysql-source-8.0 - 8.0.30-0ubuntu0.20.04.2 No subscription required Medium CVE-2022-21509 CVE-2022-21515 CVE-2022-21517 CVE-2022-21522 CVE-2022-21525 CVE-2022-21526 CVE-2022-21527 CVE-2022-21528 CVE-2022-21529 CVE-2022-21530 CVE-2022-21531 CVE-2022-21534 CVE-2022-21537 CVE-2022-21538 CVE-2022-21539 CVE-2022-21547 CVE-2022-21553 CVE-2022-21569 Ubuntu 20.04 LTS It was discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5538-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtirpc3 - 1.2.5-1ubuntu0.1 libtirpc-common - 1.2.5-1ubuntu0.1 libtirpc-dev - 1.2.5-1ubuntu0.1 No subscription required Medium CVE-2021-46828 Ubuntu 20.04 LTS It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1195) Duoming Zhou discovered that the AX.25 amateur radio protocol implementation in the Linux kernel did not handle detach events properly in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1199) Duoming Zhou discovered race conditions in the AX.25 amateur radio protocol implementation in the Linux kernel during device detach operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1204) Duoming Zhou discovered race conditions in the AX.25 amateur radio protocol implementation in the Linux kernel, leading to use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1205) Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle guest TLB mapping invalidation requests in some situations. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2022-1789) It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-28388) Minh Yuan discovered that the floppy driver in the Linux kernel contained a race condition in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-33981) Update Instructions: Run `sudo pro fix USN-5539-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1042-bluefield - 5.4.0-1042.47 linux-headers-5.4.0-1042-bluefield - 5.4.0-1042.47 linux-bluefield-headers-5.4.0-1042 - 5.4.0-1042.47 linux-tools-5.4.0-1042-bluefield - 5.4.0-1042.47 linux-image-5.4.0-1042-bluefield - 5.4.0-1042.47 linux-buildinfo-5.4.0-1042-bluefield - 5.4.0-1042.47 linux-image-unsigned-5.4.0-1042-bluefield - 5.4.0-1042.47 linux-bluefield-tools-5.4.0-1042 - 5.4.0-1042.47 No subscription required linux-bluefield - 5.4.0.1042.41 linux-tools-bluefield - 5.4.0.1042.41 linux-image-bluefield - 5.4.0.1042.41 linux-headers-bluefield - 5.4.0.1042.41 No subscription required Medium CVE-2022-1195 CVE-2022-1199 CVE-2022-1204 CVE-2022-1205 CVE-2022-1789 CVE-2022-28388 CVE-2022-33981 Ubuntu 20.04 LTS It was discovered that Samba did not handle MaxQueryDuration when being used in AD DC configurations, contrary to expectations. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-3670) Luke Howard discovered that Samba incorrectly handled certain restrictions associated with changing passwords. A remote attacker being requested to change passwords could possibly use this issue to escalate privileges. (CVE-2022-2031) Luca Moro discovered that Samba incorrectly handled certain SMB1 communications. A remote attacker could possibly use this issue to obtain sensitive memory contents. (CVE-2022-32742) Joseph Sutton discovered that Samba incorrectly handled certain password change requests. A remote attacker could use this issue to change passwords of other users, resulting in privilege escalation. (CVE-2022-32744) Joseph Sutton discovered that Samba incorrectly handled certain LDAP add or modify requests. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2022-32745) Joseph Sutton and Andrew Bartlett discovered that Samba incorrectly handled certain LDAP add or modify requests. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2022-32746) Update Instructions: Run `sudo pro fix USN-5542-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: registry-tools - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-testsuite - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba - 2:4.13.17~dfsg-0ubuntu1.20.04.1 libnss-winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.1 libpam-winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.1 winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.1 smbclient - 2:4.13.17~dfsg-0ubuntu1.20.04.1 libwbclient0 - 2:4.13.17~dfsg-0ubuntu1.20.04.1 libwbclient-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-common-bin - 2:4.13.17~dfsg-0ubuntu1.20.04.1 libsmbclient - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-dsdb-modules - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.1 libsmbclient-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-vfs-modules - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-common - 2:4.13.17~dfsg-0ubuntu1.20.04.1 ctdb - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-libs - 2:4.13.17~dfsg-0ubuntu1.20.04.1 python3-samba - 2:4.13.17~dfsg-0ubuntu1.20.04.1 No subscription required Medium CVE-2021-3670 CVE-2022-2031 CVE-2022-32742 CVE-2022-32744 CVE-2022-32745 CVE-2022-32746 Ubuntu 20.04 LTS Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled memory operations when processing certain requests. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5543-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: snmptrapd - 5.8+dfsg-2ubuntu2.4 libsnmp-dev - 5.8+dfsg-2ubuntu2.4 libsnmp-base - 5.8+dfsg-2ubuntu2.4 snmp - 5.8+dfsg-2ubuntu2.4 libsnmp-perl - 5.8+dfsg-2ubuntu2.4 tkmib - 5.8+dfsg-2ubuntu2.4 snmpd - 5.8+dfsg-2ubuntu2.4 libsnmp35 - 5.8+dfsg-2ubuntu2.4 No subscription required Medium CVE-2022-24805 CVE-2022-24806 CVE-2022-24807 CVE-2022-24808 CVE-2022-24809 CVE-2022-24810 Ubuntu 20.04 LTS It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) Felix Fu discovered that the Sun RPC implementation in the Linux kernel did not properly handle socket states, leading to a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-28893) Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. (CVE-2022-34918) Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652) Update Instructions: Run `sudo pro fix USN-5544-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-hwe-5.15-headers-5.15.0-43 - 5.15.0-43.46~20.04.1 linux-image-unsigned-5.15.0-43-generic-64k - 5.15.0-43.46~20.04.1 linux-tools-5.15.0-43-generic-64k - 5.15.0-43.46~20.04.1 linux-hwe-5.15-tools-5.15.0-43 - 5.15.0-43.46~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-43 - 5.15.0-43.46~20.04.1 linux-image-unsigned-5.15.0-43-lowlatency-64k - 5.15.0-43.46~20.04.1 linux-image-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-43.46~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-43.46~20.04.1 linux-cloud-tools-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-43.46~20.04.1 linux-tools-5.15.0-43-generic-lpae - 5.15.0-43.46~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-43.46~20.04.1 linux-image-unsigned-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-image-5.15.0-43-generic-64k - 5.15.0-43.46~20.04.1 linux-headers-5.15.0-43-generic-64k - 5.15.0-43.46~20.04.1 linux-modules-extra-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-modules-5.15.0-43-lowlatency-64k - 5.15.0-43.46~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-43 - 5.15.0-43.46~20.04.1 linux-image-5.15.0-43-generic-lpae - 5.15.0-43.46~20.04.1 linux-headers-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-43.46~20.04.1 linux-buildinfo-5.15.0-43-lowlatency-64k - 5.15.0-43.46~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-43 - 5.15.0-43.46~20.04.1 linux-modules-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-tools-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-image-unsigned-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-modules-5.15.0-43-generic-64k - 5.15.0-43.46~20.04.1 linux-modules-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-modules-5.15.0-43-generic-lpae - 5.15.0-43.46~20.04.1 linux-buildinfo-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-headers-5.15.0-43-lowlatency-64k - 5.15.0-43.46~20.04.1 linux-modules-iwlwifi-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-buildinfo-5.15.0-43-generic-64k - 5.15.0-43.46~20.04.1 linux-headers-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-modules-iwlwifi-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-tools-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-43.46~20.04.1 linux-cloud-tools-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-tools-5.15.0-43-lowlatency-64k - 5.15.0-43.46~20.04.1 linux-buildinfo-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-43.46~20.04.1 linux-headers-5.15.0-43-generic-lpae - 5.15.0-43.46~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-43 - 5.15.0-43.46~20.04.1 linux-image-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-buildinfo-5.15.0-43-generic-lpae - 5.15.0-43.46~20.04.1 linux-image-5.15.0-43-lowlatency-64k - 5.15.0-43.46~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-headers-lowlatency-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-image-lowlatency-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-lowlatency-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-lowlatency-64k-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-tools-lowlatency-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-lowlatency-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.13 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-image-virtual-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-headers-virtual-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-headers-generic-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-image-virtual-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-generic-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-image-extra-virtual-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-virtual-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-headers-generic-64k-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-generic-lpae-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-virtual-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-image-generic-64k-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-tools-generic-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-generic-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-image-generic-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-generic-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-generic-lpae-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-tools-generic-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-headers-generic-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-image-generic-lpae-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-tools-virtual-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-tools-generic-64k-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-tools-virtual-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-image-generic-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-generic-64k-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-headers-virtual-hwe-20.04 - 5.15.0.43.46~20.04.14 No subscription required High CVE-2022-1652 CVE-2022-1679 CVE-2022-28893 CVE-2022-34918 Ubuntu 20.04 LTS Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. Update Instructions: Run `sudo pro fix USN-5545-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-tools-5.14.0-1046 - 5.14.0-1046.53 linux-buildinfo-5.14.0-1046-oem - 5.14.0-1046.53 linux-tools-5.14.0-1046-oem - 5.14.0-1046.53 linux-oem-5.14-headers-5.14.0-1046 - 5.14.0-1046.53 linux-image-5.14.0-1046-oem - 5.14.0-1046.53 linux-modules-iwlwifi-5.14.0-1046-oem - 5.14.0-1046.53 linux-headers-5.14.0-1046-oem - 5.14.0-1046.53 linux-image-unsigned-5.14.0-1046-oem - 5.14.0-1046.53 linux-modules-5.14.0-1046-oem - 5.14.0-1046.53 linux-oem-5.14-tools-host - 5.14.0-1046.53 No subscription required linux-image-oem-20.04c - 5.14.0.1046.42 linux-image-oem-20.04b - 5.14.0.1046.42 linux-image-oem-20.04d - 5.14.0.1046.42 linux-headers-oem-20.04 - 5.14.0.1046.42 linux-tools-oem-20.04c - 5.14.0.1046.42 linux-tools-oem-20.04b - 5.14.0.1046.42 linux-oem-20.04 - 5.14.0.1046.42 linux-image-oem-20.04 - 5.14.0.1046.42 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1046.42 linux-oem-20.04d - 5.14.0.1046.42 linux-oem-20.04c - 5.14.0.1046.42 linux-oem-20.04b - 5.14.0.1046.42 linux-tools-oem-20.04d - 5.14.0.1046.42 linux-headers-oem-20.04b - 5.14.0.1046.42 linux-headers-oem-20.04c - 5.14.0.1046.42 linux-headers-oem-20.04d - 5.14.0.1046.42 linux-tools-oem-20.04 - 5.14.0.1046.42 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1046.42 No subscription required High CVE-2022-34918 Ubuntu 20.04 LTS Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. (CVE-2022-21449) It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17. (CVE-2022-21426) It was discovered that OpenJDK incorrectly handled converting certain object arguments into their textual representations. An attacker could possibly use this issue to cause a denial of service. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17. (CVE-2022-21434) It was discovered that OpenJDK incorrectly validated the encoded length of certain object identifiers. An attacker could possibly use this issue to cause a denial of service. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17. (CVE-2022-21443) It was discovered that OpenJDK incorrectly validated certain paths. An attacker could possibly use this issue to bypass the secure validation feature and expose sensitive information in XML files. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17. (CVE-2022-21476) It was discovered that OpenJDK incorrectly parsed certain URI strings. An attacker could possibly use this issue to make applications accept invalid of malformed URI strings. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17. (CVE-2022-21496) It was discovered that OpenJDK incorrectly generated class code in the Hotspot component. An attacker could possibly use this issue to obtain sensitive information. (CVE-2022-21540) It was dicovered that OpenJDK incorrectly restricted access to the invokeBasic() method in the Hotspot component. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2022-21541) It was discovered that OpenJDK incorrectly computed exponentials. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17. (CVE-2022-21549) It was discovered that OpenJDK includes a copy of Xalan that incorrectly handled integer truncation. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-34169) Update Instructions: Run `sudo pro fix USN-5546-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-doc - 11.0.16+8-0ubuntu1~20.04 openjdk-11-jdk - 11.0.16+8-0ubuntu1~20.04 openjdk-11-source - 11.0.16+8-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.16+8-0ubuntu1~20.04 openjdk-11-demo - 11.0.16+8-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.16+8-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.16+8-0ubuntu1~20.04 openjdk-11-jre - 11.0.16+8-0ubuntu1~20.04 No subscription required openjdk-17-jdk-headless - 17.0.4+8-1~20.04 openjdk-17-jre-headless - 17.0.4+8-1~20.04 openjdk-17-jre - 17.0.4+8-1~20.04 openjdk-17-jdk - 17.0.4+8-1~20.04 openjdk-17-jre-zero - 17.0.4+8-1~20.04 openjdk-17-source - 17.0.4+8-1~20.04 openjdk-17-demo - 17.0.4+8-1~20.04 openjdk-17-doc - 17.0.4+8-1~20.04 No subscription required openjdk-8-doc - 8u342-b07-0ubuntu1~20.04 openjdk-8-jre-headless - 8u342-b07-0ubuntu1~20.04 openjdk-8-jre - 8u342-b07-0ubuntu1~20.04 openjdk-8-demo - 8u342-b07-0ubuntu1~20.04 openjdk-8-jre-zero - 8u342-b07-0ubuntu1~20.04 openjdk-8-jdk - 8u342-b07-0ubuntu1~20.04 openjdk-8-source - 8u342-b07-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u342-b07-0ubuntu1~20.04 No subscription required High CVE-2022-21426 CVE-2022-21434 CVE-2022-21443 CVE-2022-21449 CVE-2022-21476 CVE-2022-21496 CVE-2022-21540 CVE-2022-21541 CVE-2022-21549 CVE-2022-34169 Ubuntu 20.04 LTS Le Wu discovered that the NVIDIA graphics drivers did not properly perform input validation in some situations. A local user could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-31607) Tal Lossos discovered that the NVIDIA graphics drivers incorrectly handled certain memory operations, leading to a null-pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2022-31615) Artem S. Tashkinov discovered that the NVIDIA graphics drivers Dynamic Boost D-Bus component did not properly restrict access to its endpoint. When enabled in non-default configurations, a local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-31608) Update Instructions: Run `sudo pro fix USN-5547-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nvidia-compute-utils-390 - 390.154-0ubuntu0.20.04.1 nvidia-kernel-common-390 - 390.154-0ubuntu0.20.04.1 libnvidia-decode-390 - 390.154-0ubuntu0.20.04.1 nvidia-utils-390 - 390.154-0ubuntu0.20.04.1 libnvidia-gl-390 - 390.154-0ubuntu0.20.04.1 libnvidia-compute-390 - 390.154-0ubuntu0.20.04.1 nvidia-384-dev - 390.154-0ubuntu0.20.04.1 nvidia-headless-no-dkms-390 - 390.154-0ubuntu0.20.04.1 libcuda1-384 - 390.154-0ubuntu0.20.04.1 nvidia-384 - 390.154-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-390 - 390.154-0ubuntu0.20.04.1 libnvidia-encode-390 - 390.154-0ubuntu0.20.04.1 nvidia-opencl-icd-384 - 390.154-0ubuntu0.20.04.1 libnvidia-common-390 - 390.154-0ubuntu0.20.04.1 nvidia-dkms-390 - 390.154-0ubuntu0.20.04.1 nvidia-libopencl1-384 - 390.154-0ubuntu0.20.04.1 libnvidia-fbc1-390 - 390.154-0ubuntu0.20.04.1 nvidia-driver-390 - 390.154-0ubuntu0.20.04.1 nvidia-kernel-source-390 - 390.154-0ubuntu0.20.04.1 libnvidia-cfg1-390 - 390.154-0ubuntu0.20.04.1 nvidia-headless-390 - 390.154-0ubuntu0.20.04.1 libnvidia-ifr1-390 - 390.154-0ubuntu0.20.04.1 No subscription required libnvidia-compute-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-ifr1-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-driver-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-decode-440-server - 450.203.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-headless-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-gl-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-common-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-common-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-extra-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-utils-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-utils-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-headless-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-cfg1-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-kernel-common-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-encode-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-dkms-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-kernel-source-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-encode-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-driver-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-compute-utils-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-cfg1-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-fbc1-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-kernel-common-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440-server - 450.203.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-dkms-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-ifr1-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-gl-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-fbc1-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-compute-utils-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-compute-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-decode-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-extra-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-kernel-source-440-server - 450.203.03-0ubuntu0.20.04.1 No subscription required libnvidia-common-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-common-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-gl-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-gl-470-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-cfg1-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-ifr1-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-utils-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-ifr1-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-gl-470 - 470.141.03-0ubuntu0.20.04.1 libnvidia-compute-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-decode-470-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-gl-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-gl-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-utils-470-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-cfg1-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-cfg1-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-compute-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-compute-utils-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-compute-utils-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-compute-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-common-465 - 470.141.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460 - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-common-460 - 470.141.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-encode-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-decode-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-compute-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-compute-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-compute-utils-470 - 470.141.03-0ubuntu0.20.04.1 libnvidia-ifr1-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-common-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-utils-470 - 470.141.03-0ubuntu0.20.04.1 libnvidia-cfg1-470-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-extra-470-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-encode-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-source-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-source-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-encode-460-server - 470.141.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-fbc1-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-driver-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-dkms-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-fbc1-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-common-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-dkms-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-dkms-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-encode-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-dkms-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-extra-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-extra-460 - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-source-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-compute-utils-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-driver-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-driver-470 - 470.141.03-0ubuntu0.20.04.1 libnvidia-extra-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-dkms-470 - 470.141.03-0ubuntu0.20.04.1 libnvidia-fbc1-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-fbc1-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-extra-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-utils-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-compute-utils-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-driver-460 - 470.141.03-0ubuntu0.20.04.1 nvidia-utils-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-decode-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-driver-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-decode-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-encode-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-fbc1-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-common-470-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-common-470-server - 470.141.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-source-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-common-470 - 470.141.03-0ubuntu0.20.04.1 libnvidia-cfg1-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-decode-470 - 470.141.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-ifr1-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-ifr1-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-source-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-common-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-470-server - 470.141.03-0ubuntu0.20.04.1 No subscription required libnvidia-fbc1-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-common-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-utils-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-decode-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-kernel-common-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-compute-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-headless-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-cfg1-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-dkms-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-encode-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-driver-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-common-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-extra-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-gl-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-headless-no-dkms-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-fbc1-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-driver-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-kernel-source-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-headless-no-dkms-510-server - 510.85.02-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-510-server - 510.85.02-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-compute-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-kernel-source-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-gl-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-utils-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-fbc1-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-cfg1-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-encode-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-compute-utils-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-headless-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-decode-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-kernel-source-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-kernel-common-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-decode-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-encode-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-kernel-common-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-headless-no-dkms-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-dkms-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-extra-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-common-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-compute-utils-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-utils-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-compute-utils-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-compute-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-dkms-510 - 510.85.02-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-extra-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-gl-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-driver-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-headless-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-cfg1-495 - 510.85.02-0ubuntu0.20.04.1 No subscription required nvidia-dkms-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-fbc1-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-compute-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-utils-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-common-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-cfg1-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-encode-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-encode-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-decode-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-driver-515 - 515.65.01-0ubuntu0.20.04.1 nvidia-kernel-common-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-cfg1-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-decode-515 - 515.65.01-0ubuntu0.20.04.1 nvidia-utils-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-extra-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-kernel-common-515 - 515.65.01-0ubuntu0.20.04.1 nvidia-compute-utils-515-server - 515.65.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-kernel-source-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-dkms-515 - 515.65.01-0ubuntu0.20.04.1 nvidia-headless-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-kernel-source-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-gl-515 - 515.65.01-0ubuntu0.20.04.1 nvidia-compute-utils-515 - 515.65.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-515-server - 515.65.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-gl-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-compute-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-fbc1-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-common-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-driver-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-extra-515 - 515.65.01-0ubuntu0.20.04.1 nvidia-headless-515 - 515.65.01-0ubuntu0.20.04.1 No subscription required High CVE-2022-31607 CVE-2022-31608 CVE-2022-31615 Ubuntu 20.04 LTS It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5548-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.4 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.4 libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.4 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.4 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.4 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.4 No subscription required Medium CVE-2016-3709 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain FileResponse. An attacker could possibly use this issue to expose sensitive information or gain access over user machine. Update Instructions: Run `sudo pro fix USN-5549-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.13 python-django-doc - 2:2.2.12-1ubuntu0.13 No subscription required Medium CVE-2022-36359 Ubuntu 20.04 LTS It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-4209) It was discovered that GnuTLS incorrectly handled the verification of certain pkcs7 signatures. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-2509) Update Instructions: Run `sudo pro fix USN-5550-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-doc - 3.6.13-2ubuntu1.7 libgnutls28-dev - 3.6.13-2ubuntu1.7 libgnutls-openssl27 - 3.6.13-2ubuntu1.7 libgnutls30 - 3.6.13-2ubuntu1.7 libgnutls-dane0 - 3.6.13-2ubuntu1.7 gnutls-bin - 3.6.13-2ubuntu1.7 guile-gnutls - 3.6.13-2ubuntu1.7 libgnutlsxx28 - 3.6.13-2ubuntu1.7 No subscription required Medium CVE-2021-4209 CVE-2022-2509 Ubuntu 20.04 LTS It was discovered that mod-wsgi did not correctly remove the X-Client-IP header when processing requests from untrusted proxies. A remote attacker could use this issue to pass the header to WSGI applications, contrary to expectations. Update Instructions: Run `sudo pro fix USN-5551-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-wsgi - 4.6.8-1ubuntu3.1 libapache2-mod-wsgi-py3 - 4.6.8-1ubuntu3.1 No subscription required Medium CVE-2022-2255 Ubuntu 20.04 LTS It was discovered that phpLiteAdmin incorrectly handled certain GET requests. An attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. Update Instructions: Run `sudo pro fix USN-5552-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: phpliteadmin-themes - 1.9.8.2-1ubuntu0.20.04.1 phpliteadmin - 1.9.8.2-1ubuntu0.20.04.1 No subscription required Medium CVE-2021-46709 Ubuntu 20.04 LTS Pedro Ribeiro discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5554-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgdk-pixbuf2.0-0 - 2.40.0+dfsg-3ubuntu0.3 libgdk-pixbuf2.0-common - 2.40.0+dfsg-3ubuntu0.3 libgdk-pixbuf2.0-bin - 2.40.0+dfsg-3ubuntu0.3 libgdk-pixbuf2.0-dev - 2.40.0+dfsg-3ubuntu0.3 libgdk-pixbuf2.0-doc - 2.40.0+dfsg-3ubuntu0.3 gir1.2-gdkpixbuf-2.0 - 2.40.0+dfsg-3ubuntu0.3 No subscription required Medium CVE-2021-46829 Ubuntu 20.04 LTS It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-1920, CVE-2022-1921) It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1922, CVE-2022-1923, CVE-2022-1924, CVE-2022-1925, CVE-2022-2122) Update Instructions: Run `sudo pro fix USN-5555-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gstreamer1.0-gtk3 - 1.16.3-0ubuntu1.1 gstreamer1.0-pulseaudio - 1.16.3-0ubuntu1.1 gstreamer1.0-plugins-good-doc - 1.16.3-0ubuntu1.1 libgstreamer-plugins-good1.0-dev - 1.16.3-0ubuntu1.1 libgstreamer-plugins-good1.0-0 - 1.16.3-0ubuntu1.1 gstreamer1.0-plugins-good - 1.16.3-0ubuntu1.1 gstreamer1.0-qt5 - 1.16.3-0ubuntu1.1 No subscription required Medium CVE-2022-1920 CVE-2022-1921 CVE-2022-1922 CVE-2022-1923 CVE-2022-1924 CVE-2022-1925 CVE-2022-2122 Ubuntu 20.04 LTS It was discovered that Booth incorrectly handled user authentication. An attacker could use this vulnerability to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5556-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: booth - 1.0-174-gce9f821-1ubuntu0.2 booth-pacemaker - 1.0-174-gce9f821-1ubuntu0.2 No subscription required Medium CVE-2022-2553 Ubuntu 20.04 LTS It was discovered that Moment.js incorrectly handled certain input paths. An attacker could possibly use this issue to cause a loss of integrity by changing the correct path to one of their choice. (CVE-2022-24785) It was discovered that Moment.js incorrectly handled certain input. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-31129) Update Instructions: Run `sudo pro fix USN-5559-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-moment - 2.24.0+ds-2ubuntu0.1 libjs-moment - 2.24.0+ds-2ubuntu0.1 No subscription required Medium CVE-2022-24785 CVE-2022-31129 Ubuntu 20.04 LTS It was discovered that GNOME Web incorrectly filtered certain strings. A remote attacker could use this issue to perform cross-site scripting (XSS) attacks. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-45085, CVE-2021-45086, CVE-2021-45087) It was discovered that GNOME Web incorrectly handled certain long page titles. A remote attacker could use this issue to cause GNOME Web to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-29536) Update Instructions: Run `sudo pro fix USN-5561-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: epiphany-browser - 3.36.4-0ubuntu2 epiphany-browser-data - 3.36.4-0ubuntu2 No subscription required Medium CVE-2021-45085 CVE-2021-45086 CVE-2021-45087 CVE-2022-29536 Ubuntu 20.04 LTS Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588) It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586) It was discovered that the block layer subsystem in the Linux kernel did not properly initialize memory in some situations. A privileged local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0494) Hu Jiahui discovered that multiple race conditions existed in the Advanced Linux Sound Architecture (ALSA) framework, leading to use-after-free vulnerabilities. A local attacker could use these to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1048) Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652) It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) It was discovered that the Marvell NFC device driver implementation in the Linux kernel did not properly perform memory cleanup operations in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1734) Duoming Zhou discovered a race condition in the NFC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1974) Duoming Zhou discovered that the NFC subsystem in the Linux kernel did not properly prevent context switches from occurring during certain atomic context operations. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2022-1975) Felix Fu discovered that the Sun RPC implementation in the Linux kernel did not properly handle socket states, leading to a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-28893) Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. (CVE-2022-34918) Update Instructions: Run `sudo pro fix USN-5562-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1031-ibm - 5.4.0-1031.35 linux-ibm-headers-5.4.0-1031 - 5.4.0-1031.35 linux-headers-5.4.0-1031-ibm - 5.4.0-1031.35 linux-modules-extra-5.4.0-1031-ibm - 5.4.0-1031.35 linux-image-5.4.0-1031-ibm - 5.4.0-1031.35 linux-ibm-tools-common - 5.4.0-1031.35 linux-ibm-tools-5.4.0-1031 - 5.4.0-1031.35 linux-image-unsigned-5.4.0-1031-ibm - 5.4.0-1031.35 linux-buildinfo-5.4.0-1031-ibm - 5.4.0-1031.35 linux-ibm-source-5.4.0 - 5.4.0-1031.35 linux-ibm-cloud-tools-common - 5.4.0-1031.35 linux-modules-5.4.0-1031-ibm - 5.4.0-1031.35 No subscription required linux-tools-5.4.0-1044-bluefield - 5.4.0-1044.49 linux-headers-5.4.0-1044-bluefield - 5.4.0-1044.49 linux-bluefield-tools-5.4.0-1044 - 5.4.0-1044.49 linux-bluefield-headers-5.4.0-1044 - 5.4.0-1044.49 linux-modules-5.4.0-1044-bluefield - 5.4.0-1044.49 linux-image-unsigned-5.4.0-1044-bluefield - 5.4.0-1044.49 linux-buildinfo-5.4.0-1044-bluefield - 5.4.0-1044.49 linux-image-5.4.0-1044-bluefield - 5.4.0-1044.49 No subscription required linux-gkeop-cloud-tools-5.4.0-1051 - 5.4.0-1051.54 linux-image-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-gkeop-source-5.4.0 - 5.4.0-1051.54 linux-cloud-tools-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-buildinfo-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-headers-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-modules-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-modules-extra-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-gkeop-tools-5.4.0-1051 - 5.4.0-1051.54 linux-tools-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-image-unsigned-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-gkeop-headers-5.4.0-1051 - 5.4.0-1051.54 No subscription required linux-image-5.4.0-1068-raspi - 5.4.0-1068.78 linux-headers-5.4.0-1068-raspi - 5.4.0-1068.78 linux-tools-5.4.0-1068-raspi - 5.4.0-1068.78 linux-raspi-tools-5.4.0-1068 - 5.4.0-1068.78 linux-buildinfo-5.4.0-1068-raspi - 5.4.0-1068.78 linux-modules-5.4.0-1068-raspi - 5.4.0-1068.78 linux-raspi-headers-5.4.0-1068 - 5.4.0-1068.78 No subscription required linux-kvm-tools-5.4.0-1073 - 5.4.0-1073.78 linux-kvm-headers-5.4.0-1073 - 5.4.0-1073.78 linux-image-unsigned-5.4.0-1073-kvm - 5.4.0-1073.78 linux-headers-5.4.0-1073-kvm - 5.4.0-1073.78 linux-image-5.4.0-1073-kvm - 5.4.0-1073.78 linux-buildinfo-5.4.0-1073-kvm - 5.4.0-1073.78 linux-tools-5.4.0-1073-kvm - 5.4.0-1073.78 linux-modules-5.4.0-1073-kvm - 5.4.0-1073.78 No subscription required linux-tools-5.4.0-1080-gke - 5.4.0-1080.86 linux-headers-5.4.0-1080-gke - 5.4.0-1080.86 linux-gke-tools-5.4.0-1080 - 5.4.0-1080.86 linux-image-5.4.0-1080-gke - 5.4.0-1080.86 linux-gke-headers-5.4.0-1080 - 5.4.0-1080.86 linux-buildinfo-5.4.0-1080-gke - 5.4.0-1080.86 linux-modules-extra-5.4.0-1080-gke - 5.4.0-1080.86 linux-image-unsigned-5.4.0-1080-gke - 5.4.0-1080.86 linux-modules-5.4.0-1080-gke - 5.4.0-1080.86 No subscription required linux-oracle-headers-5.4.0-1081 - 5.4.0-1081.89 linux-buildinfo-5.4.0-1081-oracle - 5.4.0-1081.89 linux-tools-5.4.0-1081-oracle - 5.4.0-1081.89 linux-image-5.4.0-1081-oracle - 5.4.0-1081.89 linux-headers-5.4.0-1081-oracle - 5.4.0-1081.89 linux-image-unsigned-5.4.0-1081-oracle - 5.4.0-1081.89 linux-oracle-tools-5.4.0-1081 - 5.4.0-1081.89 linux-modules-5.4.0-1081-oracle - 5.4.0-1081.89 linux-modules-extra-5.4.0-1081-oracle - 5.4.0-1081.89 No subscription required linux-aws-cloud-tools-5.4.0-1083 - 5.4.0-1083.90 linux-modules-5.4.0-1083-aws - 5.4.0-1083.90 linux-tools-5.4.0-1083-aws - 5.4.0-1083.90 linux-buildinfo-5.4.0-1083-aws - 5.4.0-1083.90 linux-aws-tools-5.4.0-1083 - 5.4.0-1083.90 linux-aws-headers-5.4.0-1083 - 5.4.0-1083.90 linux-cloud-tools-5.4.0-1083-aws - 5.4.0-1083.90 linux-image-5.4.0-1083-aws - 5.4.0-1083.90 linux-headers-5.4.0-1083-aws - 5.4.0-1083.90 linux-image-unsigned-5.4.0-1083-aws - 5.4.0-1083.90 linux-modules-extra-5.4.0-1083-aws - 5.4.0-1083.90 No subscription required linux-headers-5.4.0-1086-gcp - 5.4.0-1086.94 linux-image-5.4.0-1086-gcp - 5.4.0-1086.94 linux-gcp-tools-5.4.0-1086 - 5.4.0-1086.94 linux-modules-extra-5.4.0-1086-gcp - 5.4.0-1086.94 linux-image-unsigned-5.4.0-1086-gcp - 5.4.0-1086.94 linux-tools-5.4.0-1086-gcp - 5.4.0-1086.94 linux-modules-5.4.0-1086-gcp - 5.4.0-1086.94 linux-gcp-headers-5.4.0-1086 - 5.4.0-1086.94 linux-buildinfo-5.4.0-1086-gcp - 5.4.0-1086.94 No subscription required linux-buildinfo-5.4.0-1089-azure - 5.4.0-1089.94 linux-image-unsigned-5.4.0-1089-azure - 5.4.0-1089.94 linux-azure-cloud-tools-5.4.0-1089 - 5.4.0-1089.94 linux-cloud-tools-5.4.0-1089-azure - 5.4.0-1089.94 linux-modules-extra-5.4.0-1089-azure - 5.4.0-1089.94 linux-modules-5.4.0-1089-azure - 5.4.0-1089.94 linux-azure-headers-5.4.0-1089 - 5.4.0-1089.94 linux-headers-5.4.0-1089-azure - 5.4.0-1089.94 linux-azure-tools-5.4.0-1089 - 5.4.0-1089.94 linux-image-5.4.0-1089-azure - 5.4.0-1089.94 linux-tools-5.4.0-1089-azure - 5.4.0-1089.94 No subscription required linux-tools-common - 5.4.0-124.140 linux-headers-5.4.0-124 - 5.4.0-124.140 linux-tools-host - 5.4.0-124.140 linux-image-unsigned-5.4.0-124-generic - 5.4.0-124.140 linux-doc - 5.4.0-124.140 linux-buildinfo-5.4.0-124-generic - 5.4.0-124.140 linux-tools-5.4.0-124-generic-lpae - 5.4.0-124.140 linux-cloud-tools-5.4.0-124 - 5.4.0-124.140 linux-image-5.4.0-124-generic-lpae - 5.4.0-124.140 linux-libc-dev - 5.4.0-124.140 linux-source-5.4.0 - 5.4.0-124.140 linux-tools-5.4.0-124-generic - 5.4.0-124.140 linux-buildinfo-5.4.0-124-lowlatency - 5.4.0-124.140 linux-modules-extra-5.4.0-124-generic - 5.4.0-124.140 linux-tools-5.4.0-124 - 5.4.0-124.140 linux-headers-5.4.0-124-lowlatency - 5.4.0-124.140 linux-cloud-tools-5.4.0-124-lowlatency - 5.4.0-124.140 linux-cloud-tools-5.4.0-124-generic - 5.4.0-124.140 linux-headers-5.4.0-124-generic - 5.4.0-124.140 linux-modules-5.4.0-124-lowlatency - 5.4.0-124.140 linux-headers-5.4.0-124-generic-lpae - 5.4.0-124.140 linux-buildinfo-5.4.0-124-generic-lpae - 5.4.0-124.140 linux-cloud-tools-common - 5.4.0-124.140 linux-image-5.4.0-124-generic - 5.4.0-124.140 linux-image-5.4.0-124-lowlatency - 5.4.0-124.140 linux-tools-5.4.0-124-lowlatency - 5.4.0-124.140 linux-modules-5.4.0-124-generic-lpae - 5.4.0-124.140 linux-modules-5.4.0-124-generic - 5.4.0-124.140 linux-image-unsigned-5.4.0-124-lowlatency - 5.4.0-124.140 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1031.60 linux-modules-extra-ibm - 5.4.0.1031.60 linux-headers-ibm-lts-20.04 - 5.4.0.1031.60 linux-tools-ibm - 5.4.0.1031.60 linux-ibm-lts-20.04 - 5.4.0.1031.60 linux-image-ibm-lts-20.04 - 5.4.0.1031.60 linux-image-ibm - 5.4.0.1031.60 linux-ibm - 5.4.0.1031.60 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1031.60 linux-headers-ibm - 5.4.0.1031.60 No subscription required linux-image-bluefield - 5.4.0.1044.43 linux-headers-bluefield - 5.4.0.1044.43 linux-tools-bluefield - 5.4.0.1044.43 linux-bluefield - 5.4.0.1044.43 No subscription required linux-headers-gkeop - 5.4.0.1051.52 linux-cloud-tools-gkeop-5.4 - 5.4.0.1051.52 linux-image-gkeop - 5.4.0.1051.52 linux-gkeop-5.4 - 5.4.0.1051.52 linux-headers-gkeop-5.4 - 5.4.0.1051.52 linux-image-gkeop-5.4 - 5.4.0.1051.52 linux-gkeop - 5.4.0.1051.52 linux-cloud-tools-gkeop - 5.4.0.1051.52 linux-modules-extra-gkeop-5.4 - 5.4.0.1051.52 linux-modules-extra-gkeop - 5.4.0.1051.52 linux-tools-gkeop - 5.4.0.1051.52 linux-tools-gkeop-5.4 - 5.4.0.1051.52 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1068.101 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1068.101 linux-raspi2 - 5.4.0.1068.101 linux-image-raspi - 5.4.0.1068.101 linux-image-raspi-hwe-18.04 - 5.4.0.1068.101 linux-image-raspi2-hwe-18.04 - 5.4.0.1068.101 linux-tools-raspi - 5.4.0.1068.101 linux-image-raspi-hwe-18.04-edge - 5.4.0.1068.101 linux-headers-raspi2-hwe-18.04 - 5.4.0.1068.101 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1068.101 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1068.101 linux-headers-raspi - 5.4.0.1068.101 linux-raspi-hwe-18.04 - 5.4.0.1068.101 linux-tools-raspi2-hwe-18.04 - 5.4.0.1068.101 linux-raspi2-hwe-18.04 - 5.4.0.1068.101 linux-image-raspi2 - 5.4.0.1068.101 linux-tools-raspi-hwe-18.04 - 5.4.0.1068.101 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1068.101 linux-headers-raspi-hwe-18.04 - 5.4.0.1068.101 linux-raspi-hwe-18.04-edge - 5.4.0.1068.101 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1068.101 linux-tools-raspi2 - 5.4.0.1068.101 linux-raspi - 5.4.0.1068.101 linux-headers-raspi2 - 5.4.0.1068.101 No subscription required linux-kvm - 5.4.0.1073.70 linux-headers-kvm - 5.4.0.1073.70 linux-tools-kvm - 5.4.0.1073.70 linux-image-kvm - 5.4.0.1073.70 No subscription required linux-modules-extra-gke - 5.4.0.1080.88 linux-headers-gke-5.4 - 5.4.0.1080.88 linux-tools-gke-5.4 - 5.4.0.1080.88 linux-modules-extra-gke-5.4 - 5.4.0.1080.88 linux-gke-5.4 - 5.4.0.1080.88 linux-image-gke-5.4 - 5.4.0.1080.88 linux-tools-gke - 5.4.0.1080.88 linux-gke - 5.4.0.1080.88 linux-headers-gke - 5.4.0.1080.88 linux-image-gke - 5.4.0.1080.88 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1081.78 linux-headers-oracle-lts-20.04 - 5.4.0.1081.78 linux-oracle-lts-20.04 - 5.4.0.1081.78 linux-image-oracle-lts-20.04 - 5.4.0.1081.78 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1083.83 linux-image-aws-lts-20.04 - 5.4.0.1083.83 linux-headers-aws-lts-20.04 - 5.4.0.1083.83 linux-tools-aws-lts-20.04 - 5.4.0.1083.83 linux-aws-lts-20.04 - 5.4.0.1083.83 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1086.91 linux-gcp-lts-20.04 - 5.4.0.1086.91 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1086.91 linux-headers-gcp-lts-20.04 - 5.4.0.1086.91 linux-image-gcp-lts-20.04 - 5.4.0.1086.91 No subscription required linux-azure-lts-20.04 - 5.4.0.1089.86 linux-image-azure-lts-20.04 - 5.4.0.1089.86 linux-modules-extra-azure-lts-20.04 - 5.4.0.1089.86 linux-tools-azure-lts-20.04 - 5.4.0.1089.86 linux-headers-azure-lts-20.04 - 5.4.0.1089.86 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1089.86 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.124.125 linux-cloud-tools-virtual - 5.4.0.124.125 linux-image-generic-hwe-18.04 - 5.4.0.124.125 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.124.125 linux-headers-generic-lpae - 5.4.0.124.125 linux-image-virtual - 5.4.0.124.125 linux-image-generic - 5.4.0.124.125 linux-tools-lowlatency - 5.4.0.124.125 linux-image-oem - 5.4.0.124.125 linux-headers-lowlatency-hwe-18.04 - 5.4.0.124.125 linux-lowlatency-hwe-18.04-edge - 5.4.0.124.125 linux-image-extra-virtual-hwe-18.04 - 5.4.0.124.125 linux-image-oem-osp1 - 5.4.0.124.125 linux-image-generic-lpae-hwe-18.04 - 5.4.0.124.125 linux-crashdump - 5.4.0.124.125 linux-tools-lowlatency-hwe-18.04 - 5.4.0.124.125 linux-headers-generic-hwe-18.04 - 5.4.0.124.125 linux-source - 5.4.0.124.125 linux-lowlatency - 5.4.0.124.125 linux-tools-virtual-hwe-18.04-edge - 5.4.0.124.125 linux-tools-generic-lpae - 5.4.0.124.125 linux-cloud-tools-generic - 5.4.0.124.125 linux-virtual - 5.4.0.124.125 linux-headers-virtual-hwe-18.04 - 5.4.0.124.125 linux-headers-virtual-hwe-18.04-edge - 5.4.0.124.125 linux-virtual-hwe-18.04 - 5.4.0.124.125 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.124.125 linux-tools-virtual - 5.4.0.124.125 linux-generic-lpae-hwe-18.04-edge - 5.4.0.124.125 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.124.125 linux-generic-lpae - 5.4.0.124.125 linux-headers-oem - 5.4.0.124.125 linux-tools-oem-osp1 - 5.4.0.124.125 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.124.125 linux-tools-generic-hwe-18.04-edge - 5.4.0.124.125 linux-tools-generic - 5.4.0.124.125 linux-oem - 5.4.0.124.125 linux-image-virtual-hwe-18.04 - 5.4.0.124.125 linux-cloud-tools-lowlatency - 5.4.0.124.125 linux-headers-lowlatency - 5.4.0.124.125 linux-image-generic-hwe-18.04-edge - 5.4.0.124.125 linux-generic-hwe-18.04-edge - 5.4.0.124.125 linux-generic - 5.4.0.124.125 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.124.125 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.124.125 linux-image-extra-virtual - 5.4.0.124.125 linux-oem-tools-host - 5.4.0.124.125 linux-oem-osp1-tools-host - 5.4.0.124.125 linux-tools-oem - 5.4.0.124.125 linux-headers-oem-osp1 - 5.4.0.124.125 linux-generic-lpae-hwe-18.04 - 5.4.0.124.125 linux-headers-generic-hwe-18.04-edge - 5.4.0.124.125 linux-headers-generic - 5.4.0.124.125 linux-oem-osp1 - 5.4.0.124.125 linux-tools-generic-hwe-18.04 - 5.4.0.124.125 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.124.125 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.124.125 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.124.125 linux-image-lowlatency-hwe-18.04 - 5.4.0.124.125 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.124.125 linux-virtual-hwe-18.04-edge - 5.4.0.124.125 linux-headers-virtual - 5.4.0.124.125 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.124.125 linux-tools-virtual-hwe-18.04 - 5.4.0.124.125 linux-lowlatency-hwe-18.04 - 5.4.0.124.125 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.124.125 linux-generic-hwe-18.04 - 5.4.0.124.125 linux-image-generic-lpae - 5.4.0.124.125 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.124.125 linux-image-virtual-hwe-18.04-edge - 5.4.0.124.125 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.124.125 linux-image-lowlatency - 5.4.0.124.125 No subscription required High CVE-2022-0494 CVE-2022-1048 CVE-2022-1652 CVE-2022-1679 CVE-2022-1734 CVE-2022-1974 CVE-2022-1975 CVE-2022-2586 CVE-2022-2588 CVE-2022-28893 CVE-2022-34918 Ubuntu 20.04 LTS Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588) It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586) It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2585) Johannes Wikner and Kaveh Razavi discovered that for some AMD x86-64 processors, the branch predictor could by mis-trained for return instructions in certain circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29900) Johannes Wikner and Kaveh Razavi discovered that for some Intel x86-64 processors, the Linux kernel's protections against speculative branch target injection attacks were insufficient in some circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29901) Update Instructions: Run `sudo pro fix USN-5565-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-hwe-5.15-headers-5.15.0-46 - 5.15.0-46.49~20.04.1 linux-headers-5.15.0-46-lowlatency-64k - 5.15.0-46.49~20.04.1 linux-headers-5.15.0-46-generic-lpae - 5.15.0-46.49~20.04.1 linux-tools-5.15.0-46-lowlatency-64k - 5.15.0-46.49~20.04.1 linux-hwe-5.15-tools-5.15.0-46 - 5.15.0-46.49~20.04.1 linux-headers-5.15.0-46-generic-64k - 5.15.0-46.49~20.04.1 linux-buildinfo-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-headers-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-modules-5.15.0-46-lowlatency-64k - 5.15.0-46.49~20.04.1 linux-modules-5.15.0-46-generic-lpae - 5.15.0-46.49~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-46.49~20.04.1 linux-modules-extra-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-46.49~20.04.1 linux-image-unsigned-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-image-unsigned-5.15.0-46-generic-64k - 5.15.0-46.49~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-46.49~20.04.1 linux-modules-5.15.0-46-generic-64k - 5.15.0-46.49~20.04.1 linux-tools-5.15.0-46-generic-lpae - 5.15.0-46.49~20.04.1 linux-headers-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-buildinfo-5.15.0-46-generic-lpae - 5.15.0-46.49~20.04.1 linux-cloud-tools-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-buildinfo-5.15.0-46-generic-64k - 5.15.0-46.49~20.04.1 linux-cloud-tools-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-image-unsigned-5.15.0-46-lowlatency-64k - 5.15.0-46.49~20.04.1 linux-modules-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-image-5.15.0-46-generic-64k - 5.15.0-46.49~20.04.1 linux-image-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-image-unsigned-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-46.49~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-46 - 5.15.0-46.49~20.04.1 linux-buildinfo-5.15.0-46-lowlatency-64k - 5.15.0-46.49~20.04.1 linux-modules-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-46 - 5.15.0-46.49~20.04.1 linux-image-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-tools-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-tools-5.15.0-46-generic-64k - 5.15.0-46.49~20.04.1 linux-image-5.15.0-46-lowlatency-64k - 5.15.0-46.49~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-46.49~20.04.1 linux-tools-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-modules-iwlwifi-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-image-5.15.0-46-generic-lpae - 5.15.0-46.49~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-46 - 5.15.0-46.49~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-46.49~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-46 - 5.15.0-46.49~20.04.1 linux-modules-iwlwifi-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-46.49~20.04.1 linux-buildinfo-5.15.0-46-generic - 5.15.0-46.49~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-headers-lowlatency-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-image-lowlatency-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-lowlatency-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-lowlatency-64k-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-tools-lowlatency-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-lowlatency-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.15 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-image-virtual-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-headers-virtual-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-headers-generic-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-image-virtual-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-image-extra-virtual-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-virtual-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-headers-generic-64k-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-generic-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-generic-lpae-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-virtual-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-tools-generic-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-generic-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-image-generic-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-generic-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-generic-lpae-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-tools-generic-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-headers-generic-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-image-generic-lpae-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-tools-virtual-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-tools-generic-64k-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-tools-virtual-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-image-generic-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-generic-64k-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-image-generic-64k-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-headers-virtual-hwe-20.04 - 5.15.0.46.49~20.04.16 No subscription required High CVE-2022-2585 CVE-2022-2586 CVE-2022-2588 CVE-2022-29900 CVE-2022-29901 Ubuntu 20.04 LTS Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588) It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586) It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2585) Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652) It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) Felix Fu discovered that the Sun RPC implementation in the Linux kernel did not properly handle socket states, leading to a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-28893) Johannes Wikner and Kaveh Razavi discovered that for some AMD x86-64 processors, the branch predictor could by mis-trained for return instructions in certain circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29900) Johannes Wikner and Kaveh Razavi discovered that for some Intel x86-64 processors, the Linux kernel's protections against speculative branch target injection attacks were insufficient in some circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29901) Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. (CVE-2022-34918) Update Instructions: Run `sudo pro fix USN-5566-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-iwlwifi-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-tools-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-image-unsigned-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-gke-5.15-headers-5.15.0-1014 - 5.15.0-1014.17~20.04.1 linux-headers-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-modules-extra-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-buildinfo-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-modules-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-gke-5.15-tools-5.15.0-1014 - 5.15.0-1014.17~20.04.1 linux-image-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 No subscription required linux-gcp-5.15-headers-5.15.0-1016 - 5.15.0-1016.21~20.04.1 linux-headers-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-buildinfo-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-modules-iwlwifi-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-image-unsigned-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-modules-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-image-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-gcp-5.15-tools-5.15.0-1016 - 5.15.0-1016.21~20.04.1 linux-tools-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-modules-extra-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 No subscription required linux-headers-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-cloud-tools-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-buildinfo-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-tools-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-image-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-image-unsigned-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1017 - 5.15.0-1017.20~20.04.1 linux-azure-5.15-headers-5.15.0-1017 - 5.15.0-1017.20~20.04.1 linux-modules-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-modules-extra-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-azure-5.15-tools-5.15.0-1017 - 5.15.0-1017.20~20.04.1 No subscription required linux-image-unsigned-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-tools-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-headers-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-buildinfo-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-modules-extra-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-aws-5.15-headers-5.15.0-1017 - 5.15.0-1017.21~20.04.1 linux-modules-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-aws-5.15-tools-5.15.0-1017 - 5.15.0-1017.21~20.04.1 linux-cloud-tools-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-image-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1017 - 5.15.0-1017.21~20.04.1 No subscription required linux-tools-gke-edge - 5.15.0.1014.17~20.04.1 linux-gke-edge - 5.15.0.1014.17~20.04.1 linux-headers-gke-5.15 - 5.15.0.1014.17~20.04.1 linux-tools-gke-5.15 - 5.15.0.1014.17~20.04.1 linux-image-gke-edge - 5.15.0.1014.17~20.04.1 linux-headers-gke-edge - 5.15.0.1014.17~20.04.1 linux-gke-5.15 - 5.15.0.1014.17~20.04.1 linux-image-gke-5.15 - 5.15.0.1014.17~20.04.1 No subscription required linux-image-gcp - 5.15.0.1016.21~20.04.1 linux-tools-gcp-edge - 5.15.0.1016.21~20.04.1 linux-tools-gcp - 5.15.0.1016.21~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1016.21~20.04.1 linux-headers-gcp-edge - 5.15.0.1016.21~20.04.1 linux-gcp - 5.15.0.1016.21~20.04.1 linux-headers-gcp - 5.15.0.1016.21~20.04.1 linux-image-gcp-edge - 5.15.0.1016.21~20.04.1 linux-modules-extra-gcp - 5.15.0.1016.21~20.04.1 linux-gcp-edge - 5.15.0.1016.21~20.04.1 No subscription required linux-tools-azure-edge - 5.15.0.1017.20~20.04.10 linux-azure - 5.15.0.1017.20~20.04.10 linux-image-azure - 5.15.0.1017.20~20.04.10 linux-cloud-tools-azure - 5.15.0.1017.20~20.04.10 linux-tools-azure - 5.15.0.1017.20~20.04.10 linux-headers-azure-edge - 5.15.0.1017.20~20.04.10 linux-image-azure-edge - 5.15.0.1017.20~20.04.10 linux-modules-extra-azure - 5.15.0.1017.20~20.04.10 linux-cloud-tools-azure-edge - 5.15.0.1017.20~20.04.10 linux-azure-edge - 5.15.0.1017.20~20.04.10 linux-modules-extra-azure-edge - 5.15.0.1017.20~20.04.10 linux-headers-azure - 5.15.0.1017.20~20.04.10 No subscription required linux-modules-extra-aws - 5.15.0.1017.21~20.04.9 linux-tools-aws - 5.15.0.1017.21~20.04.9 linux-modules-extra-aws-edge - 5.15.0.1017.21~20.04.9 linux-image-aws-edge - 5.15.0.1017.21~20.04.9 linux-headers-aws-edge - 5.15.0.1017.21~20.04.9 linux-tools-aws-edge - 5.15.0.1017.21~20.04.9 linux-aws-edge - 5.15.0.1017.21~20.04.9 linux-aws - 5.15.0.1017.21~20.04.9 linux-image-aws - 5.15.0.1017.21~20.04.9 linux-headers-aws - 5.15.0.1017.21~20.04.9 No subscription required High CVE-2022-1652 CVE-2022-1679 CVE-2022-2585 CVE-2022-2586 CVE-2022-2588 CVE-2022-28893 CVE-2022-29900 CVE-2022-29901 CVE-2022-34918 Ubuntu 20.04 LTS Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588) It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586) It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2585) Update Instructions: Run `sudo pro fix USN-5567-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-tools-5.14.0-1048 - 5.14.0-1048.55 linux-headers-5.14.0-1048-oem - 5.14.0-1048.55 linux-buildinfo-5.14.0-1048-oem - 5.14.0-1048.55 linux-modules-5.14.0-1048-oem - 5.14.0-1048.55 linux-oem-5.14-headers-5.14.0-1048 - 5.14.0-1048.55 linux-image-5.14.0-1048-oem - 5.14.0-1048.55 linux-tools-5.14.0-1048-oem - 5.14.0-1048.55 linux-oem-5.14-tools-host - 5.14.0-1048.55 linux-modules-iwlwifi-5.14.0-1048-oem - 5.14.0-1048.55 linux-image-unsigned-5.14.0-1048-oem - 5.14.0-1048.55 No subscription required linux-image-oem-20.04c - 5.14.0.1048.44 linux-image-oem-20.04b - 5.14.0.1048.44 linux-image-oem-20.04d - 5.14.0.1048.44 linux-headers-oem-20.04 - 5.14.0.1048.44 linux-tools-oem-20.04c - 5.14.0.1048.44 linux-tools-oem-20.04b - 5.14.0.1048.44 linux-oem-20.04 - 5.14.0.1048.44 linux-image-oem-20.04 - 5.14.0.1048.44 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1048.44 linux-oem-20.04d - 5.14.0.1048.44 linux-oem-20.04c - 5.14.0.1048.44 linux-oem-20.04b - 5.14.0.1048.44 linux-tools-oem-20.04d - 5.14.0.1048.44 linux-headers-oem-20.04b - 5.14.0.1048.44 linux-headers-oem-20.04c - 5.14.0.1048.44 linux-headers-oem-20.04d - 5.14.0.1048.44 linux-tools-oem-20.04 - 5.14.0.1048.44 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1048.44 No subscription required High CVE-2022-2585 CVE-2022-2586 CVE-2022-2588 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5568-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.36.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.36.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.36.6-0ubuntu0.20.04.1 webkit2gtk-driver - 2.36.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.36.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.36.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.36.6-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.36.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.36.6-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-2294 CVE-2022-32792 CVE-2022-32816 Ubuntu 20.04 LTS Xiang Li discovered that Unbound incorrectly handled delegation caching. A remote attacker could use this issue to keep rogue domain names resolvable long after they have been revoked. Update Instructions: Run `sudo pro fix USN-5569-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: unbound - 1.9.4-2ubuntu1.3 python3-unbound - 1.9.4-2ubuntu1.3 libunbound8 - 1.9.4-2ubuntu1.3 python-unbound - 1.9.4-2ubuntu1.3 unbound-anchor - 1.9.4-2ubuntu1.3 unbound-host - 1.9.4-2ubuntu1.3 libunbound-dev - 1.9.4-2ubuntu1.3 No subscription required Medium CVE-2022-30698 CVE-2022-30699 Ubuntu 20.04 LTS USN-5570-1 fixed a vulnerability in zlib. This update provides the corresponding update for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5570-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libx32z1-dev - 1:1.2.11.dfsg-2ubuntu1.5 lib64z1 - 1:1.2.11.dfsg-2ubuntu1.5 libx32z1 - 1:1.2.11.dfsg-2ubuntu1.5 lib64z1-dev - 1:1.2.11.dfsg-2ubuntu1.5 lib32z1 - 1:1.2.11.dfsg-2ubuntu1.5 zlib1g - 1:1.2.11.dfsg-2ubuntu1.5 lib32z1-dev - 1:1.2.11.dfsg-2ubuntu1.5 zlib1g-dev - 1:1.2.11.dfsg-2ubuntu1.5 No subscription required Medium CVE-2022-37434 Ubuntu 20.04 LTS Sven Klemm discovered that PostgreSQL incorrectly handled extensions. An attacker could possibly use this issue to execute arbitrary code when extensions are created or updated. Update Instructions: Run `sudo pro fix USN-5571-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.12-0ubuntu0.20.04.1 libecpg-dev - 12.12-0ubuntu0.20.04.1 libecpg6 - 12.12-0ubuntu0.20.04.1 libpq-dev - 12.12-0ubuntu0.20.04.1 libpgtypes3 - 12.12-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.12-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.12-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.12-0ubuntu0.20.04.1 libpq5 - 12.12-0ubuntu0.20.04.1 postgresql-doc-12 - 12.12-0ubuntu0.20.04.1 postgresql-12 - 12.12-0ubuntu0.20.04.1 postgresql-client-12 - 12.12-0ubuntu0.20.04.1 libecpg-compat3 - 12.12-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-2625 Ubuntu 20.04 LTS Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5573-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rsync - 3.1.3-8ubuntu0.4 No subscription required Medium CVE-2022-37434 Ubuntu 20.04 LTS It was discovered that Exim incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5574-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4-dev - 4.93-13ubuntu1.6 eximon4 - 4.93-13ubuntu1.6 exim4 - 4.93-13ubuntu1.6 exim4-daemon-light - 4.93-13ubuntu1.6 exim4-config - 4.93-13ubuntu1.6 exim4-daemon-heavy - 4.93-13ubuntu1.6 exim4-base - 4.93-13ubuntu1.6 No subscription required Medium CVE-2022-37452 Ubuntu 20.04 LTS Nicolas Grégoire discovered that Libxslt incorrectly handled certain XML. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-5815) Alexey Neyman incorrectly handled certain HTML pages. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. (CVE-2021-30560) Update Instructions: Run `sudo pro fix USN-5575-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxslt1-dev - 1.1.34-4ubuntu0.20.04.1 libxslt1.1 - 1.1.34-4ubuntu0.20.04.1 xsltproc - 1.1.34-4ubuntu0.20.04.1 No subscription required Medium CVE-2019-5815 CVE-2021-30560 Ubuntu 20.04 LTS Asaf Modelevsky discovered that the Intel(R) 10GbE PCI Express (ixgbe) Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061) It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Update Instructions: Run `sudo pro fix USN-5577-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-tools-5.14.0-1049 - 5.14.0-1049.56 linux-modules-iwlwifi-5.14.0-1049-oem - 5.14.0-1049.56 linux-image-5.14.0-1049-oem - 5.14.0-1049.56 linux-image-unsigned-5.14.0-1049-oem - 5.14.0-1049.56 linux-headers-5.14.0-1049-oem - 5.14.0-1049.56 linux-oem-5.14-headers-5.14.0-1049 - 5.14.0-1049.56 linux-modules-5.14.0-1049-oem - 5.14.0-1049.56 linux-buildinfo-5.14.0-1049-oem - 5.14.0-1049.56 linux-tools-5.14.0-1049-oem - 5.14.0-1049.56 linux-oem-5.14-tools-host - 5.14.0-1049.56 No subscription required linux-image-oem-20.04c - 5.14.0.1049.45 linux-image-oem-20.04b - 5.14.0.1049.45 linux-image-oem-20.04d - 5.14.0.1049.45 linux-headers-oem-20.04 - 5.14.0.1049.45 linux-tools-oem-20.04c - 5.14.0.1049.45 linux-tools-oem-20.04b - 5.14.0.1049.45 linux-oem-20.04 - 5.14.0.1049.45 linux-image-oem-20.04 - 5.14.0.1049.45 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1049.45 linux-oem-20.04d - 5.14.0.1049.45 linux-oem-20.04c - 5.14.0.1049.45 linux-oem-20.04b - 5.14.0.1049.45 linux-tools-oem-20.04d - 5.14.0.1049.45 linux-headers-oem-20.04b - 5.14.0.1049.45 linux-headers-oem-20.04c - 5.14.0.1049.45 linux-headers-oem-20.04d - 5.14.0.1049.45 linux-tools-oem-20.04 - 5.14.0.1049.45 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1049.45 No subscription required Medium CVE-2021-33061 CVE-2021-33655 Ubuntu 20.04 LTS It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root privileges inside the virtual machine. Update Instructions: Run `sudo pro fix USN-5578-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: open-vm-tools - 2:11.3.0-2ubuntu0~ubuntu20.04.3 open-vm-tools-dev - 2:11.3.0-2ubuntu0~ubuntu20.04.3 open-vm-tools-desktop - 2:11.3.0-2ubuntu0~ubuntu20.04.3 open-vm-tools-sdmp - 2:11.3.0-2ubuntu0~ubuntu20.04.3 No subscription required Medium CVE-2022-31676 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the contents of the addressbar, bypass security restrictions, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5581-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-szl - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 104.0+build3-0ubuntu0.20.04.1 firefox - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 104.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 104.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 104.0+build3-0ubuntu0.20.04.1 firefox-dev - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 104.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-38472 CVE-2022-38473 CVE-2022-38475 CVE-2022-38477 CVE-2022-38478 Ubuntu 20.04 LTS Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. (CVE-2022-34918) Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588) It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586) It was discovered that the block layer subsystem in the Linux kernel did not properly initialize memory in some situations. A privileged local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0494) Hu Jiahui discovered that multiple race conditions existed in the Advanced Linux Sound Architecture (ALSA) framework, leading to use-after-free vulnerabilities. A local attacker could use these to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1048) Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652) It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) It was discovered that the Marvell NFC device driver implementation in the Linux kernel did not properly perform memory cleanup operations in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1734) Duoming Zhou discovered a race condition in the NFC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1974) Duoming Zhou discovered that the NFC subsystem in the Linux kernel did not properly prevent context switches from occurring during certain atomic context operations. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2022-1975) Felix Fu discovered that the Sun RPC implementation in the Linux kernel did not properly handle socket states, leading to a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-28893) Update Instructions: Run `sudo pro fix USN-5582-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1089-azure-fde - 5.4.0-1089.94+cvm1.2 linux-image-5.4.0-1089-azure-fde - 5.4.0-1089.94+cvm1.2 No subscription required linux-azure-fde - 5.4.0.1089.94+cvm1.29 linux-modules-extra-azure-fde - 5.4.0.1089.94+cvm1.29 linux-image-azure-fde - 5.4.0.1089.94+cvm1.29 linux-cloud-tools-azure-fde - 5.4.0.1089.94+cvm1.29 linux-tools-azure-fde - 5.4.0.1089.94+cvm1.29 linux-headers-azure-fde - 5.4.0.1089.94+cvm1.29 No subscription required High CVE-2022-0494 CVE-2022-1048 CVE-2022-1652 CVE-2022-1679 CVE-2022-1734 CVE-2022-1974 CVE-2022-1975 CVE-2022-2586 CVE-2022-2588 CVE-2022-28893 CVE-2022-34918 Ubuntu 20.04 LTS It was discovered that Schroot incorrectly handled certain Schroot names. An attacker could possibly use this issue to break schroot's internal state causing a denial of service. Update Instructions: Run `sudo pro fix USN-5584-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: schroot - 1.6.10-9ubuntu0.1 schroot-common - 1.6.10-9ubuntu0.1 No subscription required Medium CVE-2022-2787 Ubuntu 20.04 LTS It was discovered that Jupyter Notebook incorrectly handled certain notebooks. An attacker could possibly use this issue of lack of Content Security Policy in Nbconvert to perform cross-site scripting (XSS) attacks on the notebook server. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-19351) It was discovered that Jupyter Notebook incorrectly handled certain SVG documents. An attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-21030) It was discovered that Jupyter Notebook incorrectly filtered certain URLs on the login page. An attacker could possibly use this issue to perform open-redirect attack. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-10255) It was discovered that Jupyter Notebook had an incomplete fix for CVE-2019-10255. An attacker could possibly use this issue to perform open-redirect attack using empty netloc. (CVE-2019-10856) It was discovered that Jupyter Notebook incorrectly handled the inclusion of remote pages on Jupyter server. An attacker could possibly use this issue to perform cross-site script inclusion (XSSI) attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-9644) It was discovered that Jupyter Notebook incorrectly filtered certain URLs to a notebook. An attacker could possibly use this issue to perform open-redirect attack. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-26215) It was discovered that Jupyter Notebook server access logs were not protected. An attacker having access to the notebook server could possibly use this issue to get access to steal sensitive information such as auth/cookies. (CVE-2022-24758) It was discovered that Jupyter Notebook incorrectly configured hidden files on the server. An authenticated attacker could possibly use this issue to see unwanted sensitive hidden files from the server which may result in getting full access to the server. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-29238) Update Instructions: Run `sudo pro fix USN-5585-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-notebook - 6.0.3-2ubuntu0.1 python-notebook-doc - 6.0.3-2ubuntu0.1 jupyter-notebook - 6.0.3-2ubuntu0.1 No subscription required Medium CVE-2018-19351 CVE-2018-21030 CVE-2019-10255 CVE-2019-10856 CVE-2019-9644 CVE-2020-26215 CVE-2022-24758 CVE-2022-29238 Ubuntu 20.04 LTS Axel Chong discovered that when curl accepted and sent back cookies containing control bytes that a HTTP(S) server might return a 400 (Bad Request Error) response. A malicious cookie host could possibly use this to cause denial-of-service. Update Instructions: Run `sudo pro fix USN-5587-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.13 libcurl4-openssl-dev - 7.68.0-1ubuntu2.13 libcurl3-gnutls - 7.68.0-1ubuntu2.13 libcurl4-doc - 7.68.0-1ubuntu2.13 libcurl3-nss - 7.68.0-1ubuntu2.13 libcurl4-nss-dev - 7.68.0-1ubuntu2.13 libcurl4 - 7.68.0-1ubuntu2.13 curl - 7.68.0-1ubuntu2.13 No subscription required Low CVE-2022-35252 Ubuntu 20.04 LTS Asaf Modelevsky discovered that the Intel(R) 10GbE PCI Express (ixgbe) Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061) It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33656) Update Instructions: Run `sudo pro fix USN-5589-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-raspi-headers-5.4.0-1069 - 5.4.0-1069.79 linux-modules-5.4.0-1069-raspi - 5.4.0-1069.79 linux-raspi-tools-5.4.0-1069 - 5.4.0-1069.79 linux-buildinfo-5.4.0-1069-raspi - 5.4.0-1069.79 linux-tools-5.4.0-1069-raspi - 5.4.0-1069.79 linux-image-5.4.0-1069-raspi - 5.4.0-1069.79 linux-headers-5.4.0-1069-raspi - 5.4.0-1069.79 No subscription required linux-modules-extra-5.4.0-125-generic - 5.4.0-125.141 linux-modules-5.4.0-125-generic-lpae - 5.4.0-125.141 linux-tools-host - 5.4.0-125.141 linux-tools-common - 5.4.0-125.141 linux-doc - 5.4.0-125.141 linux-buildinfo-5.4.0-125-lowlatency - 5.4.0-125.141 linux-cloud-tools-5.4.0-125 - 5.4.0-125.141 linux-buildinfo-5.4.0-125-generic - 5.4.0-125.141 linux-tools-5.4.0-125 - 5.4.0-125.141 linux-image-unsigned-5.4.0-125-generic - 5.4.0-125.141 linux-libc-dev - 5.4.0-125.141 linux-source-5.4.0 - 5.4.0-125.141 linux-headers-5.4.0-125-lowlatency - 5.4.0-125.141 linux-modules-5.4.0-125-lowlatency - 5.4.0-125.141 linux-image-5.4.0-125-generic-lpae - 5.4.0-125.141 linux-image-5.4.0-125-generic - 5.4.0-125.141 linux-tools-5.4.0-125-generic - 5.4.0-125.141 linux-image-unsigned-5.4.0-125-lowlatency - 5.4.0-125.141 linux-cloud-tools-5.4.0-125-generic - 5.4.0-125.141 linux-cloud-tools-5.4.0-125-lowlatency - 5.4.0-125.141 linux-headers-5.4.0-125-generic-lpae - 5.4.0-125.141 linux-modules-5.4.0-125-generic - 5.4.0-125.141 linux-buildinfo-5.4.0-125-generic-lpae - 5.4.0-125.141 linux-tools-5.4.0-125-generic-lpae - 5.4.0-125.141 linux-cloud-tools-common - 5.4.0-125.141 linux-headers-5.4.0-125 - 5.4.0-125.141 linux-image-5.4.0-125-lowlatency - 5.4.0-125.141 linux-headers-5.4.0-125-generic - 5.4.0-125.141 linux-tools-5.4.0-125-lowlatency - 5.4.0-125.141 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1069.102 linux-raspi2 - 5.4.0.1069.102 linux-headers-raspi2 - 5.4.0.1069.102 linux-image-raspi-hwe-18.04 - 5.4.0.1069.102 linux-image-raspi2-hwe-18.04 - 5.4.0.1069.102 linux-tools-raspi - 5.4.0.1069.102 linux-headers-raspi-hwe-18.04 - 5.4.0.1069.102 linux-headers-raspi2-hwe-18.04 - 5.4.0.1069.102 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1069.102 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1069.102 linux-headers-raspi - 5.4.0.1069.102 linux-raspi2-hwe-18.04-edge - 5.4.0.1069.102 linux-raspi-hwe-18.04 - 5.4.0.1069.102 linux-tools-raspi2-hwe-18.04 - 5.4.0.1069.102 linux-raspi2-hwe-18.04 - 5.4.0.1069.102 linux-image-raspi-hwe-18.04-edge - 5.4.0.1069.102 linux-image-raspi2 - 5.4.0.1069.102 linux-tools-raspi-hwe-18.04 - 5.4.0.1069.102 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1069.102 linux-raspi-hwe-18.04-edge - 5.4.0.1069.102 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1069.102 linux-image-raspi - 5.4.0.1069.102 linux-tools-raspi2 - 5.4.0.1069.102 linux-raspi - 5.4.0.1069.102 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.125.126 linux-cloud-tools-virtual - 5.4.0.125.126 linux-image-generic-hwe-18.04 - 5.4.0.125.126 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.125.126 linux-headers-generic-lpae - 5.4.0.125.126 linux-image-virtual - 5.4.0.125.126 linux-oem-osp1-tools-host - 5.4.0.125.126 linux-image-generic - 5.4.0.125.126 linux-tools-lowlatency - 5.4.0.125.126 linux-image-oem - 5.4.0.125.126 linux-headers-lowlatency-hwe-18.04 - 5.4.0.125.126 linux-lowlatency-hwe-18.04-edge - 5.4.0.125.126 linux-image-extra-virtual-hwe-18.04 - 5.4.0.125.126 linux-image-oem-osp1 - 5.4.0.125.126 linux-image-generic-lpae-hwe-18.04 - 5.4.0.125.126 linux-crashdump - 5.4.0.125.126 linux-tools-lowlatency-hwe-18.04 - 5.4.0.125.126 linux-headers-generic-hwe-18.04 - 5.4.0.125.126 linux-headers-virtual-hwe-18.04-edge - 5.4.0.125.126 linux-source - 5.4.0.125.126 linux-lowlatency - 5.4.0.125.126 linux-tools-virtual-hwe-18.04-edge - 5.4.0.125.126 linux-tools-generic-lpae - 5.4.0.125.126 linux-cloud-tools-generic - 5.4.0.125.126 linux-virtual - 5.4.0.125.126 linux-headers-virtual-hwe-18.04 - 5.4.0.125.126 linux-virtual-hwe-18.04 - 5.4.0.125.126 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.125.126 linux-tools-virtual - 5.4.0.125.126 linux-generic-lpae-hwe-18.04-edge - 5.4.0.125.126 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.125.126 linux-generic-lpae - 5.4.0.125.126 linux-headers-oem - 5.4.0.125.126 linux-generic - 5.4.0.125.126 linux-tools-oem-osp1 - 5.4.0.125.126 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.125.126 linux-tools-generic-hwe-18.04-edge - 5.4.0.125.126 linux-image-virtual-hwe-18.04 - 5.4.0.125.126 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.125.126 linux-cloud-tools-lowlatency - 5.4.0.125.126 linux-headers-lowlatency - 5.4.0.125.126 linux-image-generic-hwe-18.04-edge - 5.4.0.125.126 linux-generic-hwe-18.04-edge - 5.4.0.125.126 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.125.126 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.125.126 linux-oem - 5.4.0.125.126 linux-tools-generic - 5.4.0.125.126 linux-image-extra-virtual - 5.4.0.125.126 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.125.126 linux-oem-tools-host - 5.4.0.125.126 linux-tools-oem - 5.4.0.125.126 linux-headers-oem-osp1 - 5.4.0.125.126 linux-generic-lpae-hwe-18.04 - 5.4.0.125.126 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.125.126 linux-headers-generic-hwe-18.04-edge - 5.4.0.125.126 linux-headers-generic - 5.4.0.125.126 linux-oem-osp1 - 5.4.0.125.126 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.125.126 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.125.126 linux-image-lowlatency-hwe-18.04 - 5.4.0.125.126 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.125.126 linux-virtual-hwe-18.04-edge - 5.4.0.125.126 linux-headers-virtual - 5.4.0.125.126 linux-tools-virtual-hwe-18.04 - 5.4.0.125.126 linux-lowlatency-hwe-18.04 - 5.4.0.125.126 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.125.126 linux-generic-hwe-18.04 - 5.4.0.125.126 linux-image-generic-lpae - 5.4.0.125.126 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.125.126 linux-image-virtual-hwe-18.04-edge - 5.4.0.125.126 linux-tools-generic-hwe-18.04 - 5.4.0.125.126 linux-image-lowlatency - 5.4.0.125.126 No subscription required Medium CVE-2021-33061 CVE-2021-33656 Ubuntu 20.04 LTS Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). Update Instructions: Run `sudo pro fix USN-5590-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-headers-5.14.0-1050 - 5.14.0-1050.57 linux-modules-iwlwifi-5.14.0-1050-oem - 5.14.0-1050.57 linux-modules-5.14.0-1050-oem - 5.14.0-1050.57 linux-headers-5.14.0-1050-oem - 5.14.0-1050.57 linux-image-unsigned-5.14.0-1050-oem - 5.14.0-1050.57 linux-oem-5.14-tools-5.14.0-1050 - 5.14.0-1050.57 linux-tools-5.14.0-1050-oem - 5.14.0-1050.57 linux-oem-5.14-tools-host - 5.14.0-1050.57 linux-image-5.14.0-1050-oem - 5.14.0-1050.57 linux-buildinfo-5.14.0-1050-oem - 5.14.0-1050.57 No subscription required linux-image-oem-20.04c - 5.14.0.1050.46 linux-image-oem-20.04b - 5.14.0.1050.46 linux-image-oem-20.04d - 5.14.0.1050.46 linux-headers-oem-20.04 - 5.14.0.1050.46 linux-tools-oem-20.04c - 5.14.0.1050.46 linux-tools-oem-20.04b - 5.14.0.1050.46 linux-oem-20.04 - 5.14.0.1050.46 linux-image-oem-20.04 - 5.14.0.1050.46 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1050.46 linux-oem-20.04d - 5.14.0.1050.46 linux-oem-20.04c - 5.14.0.1050.46 linux-oem-20.04b - 5.14.0.1050.46 linux-tools-oem-20.04d - 5.14.0.1050.46 linux-headers-oem-20.04b - 5.14.0.1050.46 linux-headers-oem-20.04c - 5.14.0.1050.46 linux-headers-oem-20.04d - 5.14.0.1050.46 linux-tools-oem-20.04 - 5.14.0.1050.46 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1050.46 No subscription required Medium CVE-2022-36946 Ubuntu 20.04 LTS Asaf Modelevsky discovered that the Intel(R) 10GbE PCI Express (ixgbe) Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061) It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33656) Update Instructions: Run `sudo pro fix USN-5592-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1032-ibm - 5.4.0-1032.36 linux-ibm-headers-5.4.0-1032 - 5.4.0-1032.36 linux-tools-5.4.0-1032-ibm - 5.4.0-1032.36 linux-headers-5.4.0-1032-ibm - 5.4.0-1032.36 linux-ibm-tools-common - 5.4.0-1032.36 linux-ibm-cloud-tools-common - 5.4.0-1032.36 linux-modules-5.4.0-1032-ibm - 5.4.0-1032.36 linux-ibm-tools-5.4.0-1032 - 5.4.0-1032.36 linux-buildinfo-5.4.0-1032-ibm - 5.4.0-1032.36 linux-ibm-source-5.4.0 - 5.4.0-1032.36 linux-modules-extra-5.4.0-1032-ibm - 5.4.0-1032.36 linux-image-unsigned-5.4.0-1032-ibm - 5.4.0-1032.36 No subscription required linux-image-unsigned-5.4.0-1045-bluefield - 5.4.0-1045.50 linux-bluefield-tools-5.4.0-1045 - 5.4.0-1045.50 linux-headers-5.4.0-1045-bluefield - 5.4.0-1045.50 linux-bluefield-headers-5.4.0-1045 - 5.4.0-1045.50 linux-modules-5.4.0-1045-bluefield - 5.4.0-1045.50 linux-image-5.4.0-1045-bluefield - 5.4.0-1045.50 linux-tools-5.4.0-1045-bluefield - 5.4.0-1045.50 linux-buildinfo-5.4.0-1045-bluefield - 5.4.0-1045.50 No subscription required linux-headers-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-gkeop-cloud-tools-5.4.0-1052 - 5.4.0-1052.55 linux-gkeop-tools-5.4.0-1052 - 5.4.0-1052.55 linux-modules-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-gkeop-source-5.4.0 - 5.4.0-1052.55 linux-tools-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-buildinfo-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-cloud-tools-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-image-unsigned-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-modules-extra-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-image-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-gkeop-headers-5.4.0-1052 - 5.4.0-1052.55 No subscription required linux-kvm-tools-5.4.0-1074 - 5.4.0-1074.79 linux-kvm-headers-5.4.0-1074 - 5.4.0-1074.79 linux-buildinfo-5.4.0-1074-kvm - 5.4.0-1074.79 linux-tools-5.4.0-1074-kvm - 5.4.0-1074.79 linux-image-unsigned-5.4.0-1074-kvm - 5.4.0-1074.79 linux-headers-5.4.0-1074-kvm - 5.4.0-1074.79 linux-image-5.4.0-1074-kvm - 5.4.0-1074.79 linux-modules-5.4.0-1074-kvm - 5.4.0-1074.79 No subscription required linux-image-5.4.0-1081-gke - 5.4.0-1081.87 linux-headers-5.4.0-1081-gke - 5.4.0-1081.87 linux-buildinfo-5.4.0-1081-gke - 5.4.0-1081.87 linux-image-unsigned-5.4.0-1081-gke - 5.4.0-1081.87 linux-gke-headers-5.4.0-1081 - 5.4.0-1081.87 linux-tools-5.4.0-1081-gke - 5.4.0-1081.87 linux-modules-5.4.0-1081-gke - 5.4.0-1081.87 linux-modules-extra-5.4.0-1081-gke - 5.4.0-1081.87 linux-gke-tools-5.4.0-1081 - 5.4.0-1081.87 No subscription required linux-headers-5.4.0-1082-oracle - 5.4.0-1082.90 linux-tools-5.4.0-1082-oracle - 5.4.0-1082.90 linux-modules-extra-5.4.0-1082-oracle - 5.4.0-1082.90 linux-buildinfo-5.4.0-1082-oracle - 5.4.0-1082.90 linux-image-unsigned-5.4.0-1082-oracle - 5.4.0-1082.90 linux-image-5.4.0-1082-oracle - 5.4.0-1082.90 linux-oracle-headers-5.4.0-1082 - 5.4.0-1082.90 linux-oracle-tools-5.4.0-1082 - 5.4.0-1082.90 linux-modules-5.4.0-1082-oracle - 5.4.0-1082.90 No subscription required linux-aws-cloud-tools-5.4.0-1084 - 5.4.0-1084.91 linux-aws-headers-5.4.0-1084 - 5.4.0-1084.91 linux-buildinfo-5.4.0-1084-aws - 5.4.0-1084.91 linux-tools-5.4.0-1084-aws - 5.4.0-1084.91 linux-cloud-tools-5.4.0-1084-aws - 5.4.0-1084.91 linux-modules-extra-5.4.0-1084-aws - 5.4.0-1084.91 linux-aws-tools-5.4.0-1084 - 5.4.0-1084.91 linux-headers-5.4.0-1084-aws - 5.4.0-1084.91 linux-image-5.4.0-1084-aws - 5.4.0-1084.91 linux-image-unsigned-5.4.0-1084-aws - 5.4.0-1084.91 linux-modules-5.4.0-1084-aws - 5.4.0-1084.91 No subscription required linux-modules-5.4.0-1087-gcp - 5.4.0-1087.95 linux-buildinfo-5.4.0-1087-gcp - 5.4.0-1087.95 linux-tools-5.4.0-1087-gcp - 5.4.0-1087.95 linux-gcp-tools-5.4.0-1087 - 5.4.0-1087.95 linux-gcp-headers-5.4.0-1087 - 5.4.0-1087.95 linux-image-unsigned-5.4.0-1087-gcp - 5.4.0-1087.95 linux-headers-5.4.0-1087-gcp - 5.4.0-1087.95 linux-modules-extra-5.4.0-1087-gcp - 5.4.0-1087.95 linux-image-5.4.0-1087-gcp - 5.4.0-1087.95 No subscription required linux-buildinfo-5.4.0-1090-azure - 5.4.0-1090.95 linux-cloud-tools-5.4.0-1090-azure - 5.4.0-1090.95 linux-image-unsigned-5.4.0-1090-azure - 5.4.0-1090.95 linux-modules-extra-5.4.0-1090-azure - 5.4.0-1090.95 linux-headers-5.4.0-1090-azure - 5.4.0-1090.95 linux-azure-tools-5.4.0-1090 - 5.4.0-1090.95 linux-image-5.4.0-1090-azure - 5.4.0-1090.95 linux-modules-5.4.0-1090-azure - 5.4.0-1090.95 linux-tools-5.4.0-1090-azure - 5.4.0-1090.95 linux-azure-cloud-tools-5.4.0-1090 - 5.4.0-1090.95 linux-azure-headers-5.4.0-1090 - 5.4.0-1090.95 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1032.61 linux-headers-ibm-lts-20.04 - 5.4.0.1032.61 linux-tools-ibm - 5.4.0.1032.61 linux-modules-extra-ibm - 5.4.0.1032.61 linux-image-ibm-lts-20.04 - 5.4.0.1032.61 linux-ibm-lts-20.04 - 5.4.0.1032.61 linux-image-ibm - 5.4.0.1032.61 linux-ibm - 5.4.0.1032.61 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1032.61 linux-headers-ibm - 5.4.0.1032.61 No subscription required linux-image-bluefield - 5.4.0.1045.44 linux-headers-bluefield - 5.4.0.1045.44 linux-tools-bluefield - 5.4.0.1045.44 linux-bluefield - 5.4.0.1045.44 No subscription required linux-headers-gkeop - 5.4.0.1052.53 linux-cloud-tools-gkeop-5.4 - 5.4.0.1052.53 linux-image-gkeop - 5.4.0.1052.53 linux-modules-extra-gkeop-5.4 - 5.4.0.1052.53 linux-image-gkeop-5.4 - 5.4.0.1052.53 linux-gkeop - 5.4.0.1052.53 linux-cloud-tools-gkeop - 5.4.0.1052.53 linux-tools-gkeop-5.4 - 5.4.0.1052.53 linux-headers-gkeop-5.4 - 5.4.0.1052.53 linux-modules-extra-gkeop - 5.4.0.1052.53 linux-tools-gkeop - 5.4.0.1052.53 linux-gkeop-5.4 - 5.4.0.1052.53 No subscription required linux-kvm - 5.4.0.1074.71 linux-headers-kvm - 5.4.0.1074.71 linux-image-kvm - 5.4.0.1074.71 linux-tools-kvm - 5.4.0.1074.71 No subscription required linux-modules-extra-gke - 5.4.0.1081.89 linux-headers-gke-5.4 - 5.4.0.1081.89 linux-tools-gke-5.4 - 5.4.0.1081.89 linux-modules-extra-gke-5.4 - 5.4.0.1081.89 linux-gke-5.4 - 5.4.0.1081.89 linux-tools-gke - 5.4.0.1081.89 linux-gke - 5.4.0.1081.89 linux-image-gke - 5.4.0.1081.89 linux-headers-gke - 5.4.0.1081.89 linux-image-gke-5.4 - 5.4.0.1081.89 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1082.79 linux-headers-oracle-lts-20.04 - 5.4.0.1082.79 linux-oracle-lts-20.04 - 5.4.0.1082.79 linux-image-oracle-lts-20.04 - 5.4.0.1082.79 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1084.84 linux-headers-aws-lts-20.04 - 5.4.0.1084.84 linux-tools-aws-lts-20.04 - 5.4.0.1084.84 linux-modules-extra-aws-lts-20.04 - 5.4.0.1084.84 linux-aws-lts-20.04 - 5.4.0.1084.84 No subscription required linux-gcp-lts-20.04 - 5.4.0.1087.92 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1087.92 linux-headers-gcp-lts-20.04 - 5.4.0.1087.92 linux-image-gcp-lts-20.04 - 5.4.0.1087.92 linux-tools-gcp-lts-20.04 - 5.4.0.1087.92 No subscription required linux-azure-lts-20.04 - 5.4.0.1090.87 linux-image-azure-lts-20.04 - 5.4.0.1090.87 linux-modules-extra-azure-lts-20.04 - 5.4.0.1090.87 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1090.87 linux-tools-azure-lts-20.04 - 5.4.0.1090.87 linux-headers-azure-lts-20.04 - 5.4.0.1090.87 No subscription required Medium CVE-2021-33061 CVE-2021-33656 Ubuntu 20.04 LTS Asaf Modelevsky discovered that the Intel(R) 10GbE PCI Express (ixgbe) Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061) Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information. (CVE-2022-1012) Norbert Slusarek discovered that a race condition existed in the perf subsystem in the Linux kernel, resulting in a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1729) Qiuhao Li, Gaoning Pan, and Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle an illegal instruction in a guest, resulting in a null pointer dereference. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2022-1852) It was discovered that the UDF file system implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1943) Gerald Lee discovered that the NTFS file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2022-1973) It was discovered that the device-mapper verity (dm-verity) driver in the Linux kernel did not properly verify targets being loaded into the device- mapper table. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2503) Zheyu Ma discovered that the Intel iSMT SMBus host controller driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2873) Selim Enes Karaduman discovered that a race condition existed in the pipe buffers implementation of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly escalate privileges. (CVE-2022-2959) Update Instructions: Run `sudo pro fix USN-5594-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-tools-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-modules-extra-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-image-unsigned-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-gke-5.15-headers-5.15.0-1015 - 5.15.0-1015.18~20.04.1 linux-buildinfo-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-headers-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-modules-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-modules-iwlwifi-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-gke-5.15-tools-5.15.0-1015 - 5.15.0-1015.18~20.04.1 No subscription required linux-gcp-5.15-headers-5.15.0-1017 - 5.15.0-1017.23~20.04.2 linux-tools-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-modules-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-headers-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-image-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-gcp-5.15-tools-5.15.0-1017 - 5.15.0-1017.23~20.04.2 linux-modules-extra-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-buildinfo-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-image-unsigned-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-modules-iwlwifi-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 No subscription required linux-image-unsigned-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-aws-5.15-headers-5.15.0-1019 - 5.15.0-1019.23~20.04.1 linux-modules-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-image-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-headers-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-tools-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-modules-extra-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-aws-5.15-tools-5.15.0-1019 - 5.15.0-1019.23~20.04.1 linux-cloud-tools-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1019 - 5.15.0-1019.23~20.04.1 linux-buildinfo-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1019 - 5.15.0-1019.24~20.04.1 linux-modules-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-headers-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-image-unsigned-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-azure-5.15-headers-5.15.0-1019 - 5.15.0-1019.24~20.04.1 linux-azure-5.15-tools-5.15.0-1019 - 5.15.0-1019.24~20.04.1 linux-cloud-tools-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-image-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-buildinfo-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-tools-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-modules-extra-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 No subscription required linux-gke-edge - 5.15.0.1015.18~20.04.1 linux-headers-gke-5.15 - 5.15.0.1015.18~20.04.1 linux-tools-gke-5.15 - 5.15.0.1015.18~20.04.1 linux-image-gke-edge - 5.15.0.1015.18~20.04.1 linux-tools-gke-edge - 5.15.0.1015.18~20.04.1 linux-gke-5.15 - 5.15.0.1015.18~20.04.1 linux-headers-gke-edge - 5.15.0.1015.18~20.04.1 linux-image-gke-5.15 - 5.15.0.1015.18~20.04.1 No subscription required linux-tools-gcp-edge - 5.15.0.1017.23~20.04.1 linux-modules-extra-gcp - 5.15.0.1017.23~20.04.1 linux-tools-gcp - 5.15.0.1017.23~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1017.23~20.04.1 linux-headers-gcp-edge - 5.15.0.1017.23~20.04.1 linux-headers-gcp - 5.15.0.1017.23~20.04.1 linux-gcp - 5.15.0.1017.23~20.04.1 linux-image-gcp - 5.15.0.1017.23~20.04.1 linux-gcp-edge - 5.15.0.1017.23~20.04.1 linux-image-gcp-edge - 5.15.0.1017.23~20.04.1 No subscription required linux-tools-azure-edge - 5.15.0.1019.22~20.04.12 linux-azure - 5.15.0.1019.22~20.04.12 linux-image-azure - 5.15.0.1019.22~20.04.12 linux-cloud-tools-azure - 5.15.0.1019.22~20.04.12 linux-cloud-tools-azure-edge - 5.15.0.1019.22~20.04.12 linux-tools-azure - 5.15.0.1019.22~20.04.12 linux-headers-azure-edge - 5.15.0.1019.22~20.04.12 linux-image-azure-edge - 5.15.0.1019.22~20.04.12 linux-modules-extra-azure - 5.15.0.1019.22~20.04.12 linux-modules-extra-azure-edge - 5.15.0.1019.22~20.04.12 linux-azure-edge - 5.15.0.1019.22~20.04.12 linux-headers-azure - 5.15.0.1019.22~20.04.12 No subscription required linux-modules-extra-aws - 5.15.0.1019.23~20.04.11 linux-tools-aws - 5.15.0.1019.23~20.04.11 linux-modules-extra-aws-edge - 5.15.0.1019.23~20.04.11 linux-tools-aws-edge - 5.15.0.1019.23~20.04.11 linux-image-aws-edge - 5.15.0.1019.23~20.04.11 linux-headers-aws-edge - 5.15.0.1019.23~20.04.11 linux-aws-edge - 5.15.0.1019.23~20.04.11 linux-aws - 5.15.0.1019.23~20.04.11 linux-headers-aws - 5.15.0.1019.23~20.04.11 linux-image-aws - 5.15.0.1019.23~20.04.11 No subscription required Medium CVE-2021-33061 CVE-2022-1012 CVE-2022-1729 CVE-2022-1852 CVE-2022-1943 CVE-2022-1973 CVE-2022-2503 CVE-2022-2873 CVE-2022-2959 Ubuntu 20.04 LTS Asaf Modelevsky discovered that the Intel(R) 10GbE PCI Express (ixgbe) Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061) It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33656) Update Instructions: Run `sudo pro fix USN-5605-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1090-azure-fde - 5.4.0-1090.95+cvm1.1 linux-image-unsigned-5.4.0-1090-azure-fde - 5.4.0-1090.95+cvm1.1 No subscription required linux-azure-fde - 5.4.0.1090.95+cvm1.30 linux-modules-extra-azure-fde - 5.4.0.1090.95+cvm1.30 linux-image-azure-fde - 5.4.0.1090.95+cvm1.30 linux-headers-azure-fde - 5.4.0.1090.95+cvm1.30 linux-cloud-tools-azure-fde - 5.4.0.1090.95+cvm1.30 linux-tools-azure-fde - 5.4.0.1090.95+cvm1.30 No subscription required Medium CVE-2021-33061 CVE-2021-33656 Ubuntu 20.04 LTS It was discovered that poppler incorrectly handled certain PDF. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5606-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpoppler97 - 0.86.1-0ubuntu1.1 poppler-utils - 0.86.1-0ubuntu1.1 libpoppler-cpp-dev - 0.86.1-0ubuntu1.1 libpoppler-glib-doc - 0.86.1-0ubuntu1.1 gir1.2-poppler-0.18 - 0.86.1-0ubuntu1.1 libpoppler-cpp0v5 - 0.86.1-0ubuntu1.1 libpoppler-glib8 - 0.86.1-0ubuntu1.1 libpoppler-private-dev - 0.86.1-0ubuntu1.1 libpoppler-glib-dev - 0.86.1-0ubuntu1.1 libpoppler-dev - 0.86.1-0ubuntu1.1 libpoppler-qt5-dev - 0.86.1-0ubuntu1.1 libpoppler-qt5-1 - 0.86.1-0ubuntu1.1 No subscription required Medium CVE-2022-38784 Ubuntu 20.04 LTS It was discovered that GDK-PixBuf incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. Update Instructions: Run `sudo pro fix USN-5607-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgdk-pixbuf2.0-0 - 2.40.0+dfsg-3ubuntu0.4 libgdk-pixbuf2.0-common - 2.40.0+dfsg-3ubuntu0.4 libgdk-pixbuf2.0-bin - 2.40.0+dfsg-3ubuntu0.4 libgdk-pixbuf2.0-dev - 2.40.0+dfsg-3ubuntu0.4 libgdk-pixbuf2.0-doc - 2.40.0+dfsg-3ubuntu0.4 gir1.2-gdkpixbuf-2.0 - 2.40.0+dfsg-3ubuntu0.4 No subscription required Medium CVE-2021-44648 Ubuntu 20.04 LTS It was discovered that DPDK incorrectly handled certain Vhost headers. A remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5608-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librte-pmd-octeontx-crypto20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-memif20.0 - 19.11.13-0ubuntu0.20.04.1 dpdk-igb-uio-dkms - 19.11.13-0ubuntu0.20.04.1 librte-pmd-iavf20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-enic20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-af-packet20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-netvsc20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-octeontx2-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bus-ifpga20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-dpaa2-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-stack0.200 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-e1000-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dpaa2-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-bbdev-null20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pipeline20.0 - 19.11.13-0ubuntu0.20.04.1 librte-sched20.0 - 19.11.13-0ubuntu0.20.04.1 librte-distributor20.0 - 19.11.13-0ubuntu0.20.04.1 librte-efd20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ark20.0 - 19.11.13-0ubuntu0.20.04.1 librte-gro20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dpaa20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-sfc20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-failsafe20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-pcap20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev20.0 - 19.11.13-0ubuntu0.20.04.1 librte-meter20.0 - 19.11.13-0ubuntu0.20.04.1 librte-hash20.0 - 19.11.13-0ubuntu0.20.04.1 librte-ring20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-octeontx20.0 - 19.11.13-0ubuntu0.20.04.1 librte-telemetry0.200 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev-skeleton20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-bond20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev-ioat20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-skeleton-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-mlx5-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-octeontx20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev-dpaa2-cmdif20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-fm10k20.0 - 19.11.13-0ubuntu0.20.04.1 librte-cryptodev20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-i40e20.0 - 19.11.13-0ubuntu0.20.04.1 librte-cmdline20.0 - 19.11.13-0ubuntu0.20.04.1 librte-jobstats20.0 - 19.11.13-0ubuntu0.20.04.1 dpdk-dev - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ccp20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-atlantic20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-sw-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-ip-frag20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-isal20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dsw-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-nitrox20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-kni20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-bucket20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dpaa2-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-gso20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-vdev-netvsc20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-openssl20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-bnx2x20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-octeontx-compress20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-hinic20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-dpaa20.0 - 19.11.13-0ubuntu0.20.04.1 librte-latencystats20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-octeontx2-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-kvargs20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bus-fslmc20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-avp20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pdump20.0 - 19.11.13-0ubuntu0.20.04.1 librte-metrics20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bbdev0.200 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dpaa-sec20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bus-vmbus20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-bnxt20.0 - 19.11.13-0ubuntu0.20.04.1 librte-timer20.0 - 19.11.13-0ubuntu0.20.04.1 librte-cfgfile20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rcu0.200 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-qat20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool20.0 - 19.11.13-0ubuntu0.20.04.1 libdpdk-dev - 19.11.13-0ubuntu0.20.04.1 librte-pmd-null20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-virtio20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-axgbe20.0 - 19.11.13-0ubuntu0.20.04.1 librte-port20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-aesni-mb20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev-ntb20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-softnic20.0 - 19.11.13-0ubuntu0.20.04.1 dpdk-doc - 19.11.13-0ubuntu0.20.04.1 librte-pmd-mlx4-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-net20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-bbdev-fpga-lte-fec20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-null-crypto20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ena20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ice20.0 - 19.11.13-0ubuntu0.20.04.1 librte-common-dpaax20.0 - 19.11.13-0ubuntu0.20.04.1 librte-member20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bus-pci20.0 - 19.11.13-0ubuntu0.20.04.1 librte-kni20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-thunderx20.0 - 19.11.13-0ubuntu0.20.04.1 librte-common-octeontx20.0 - 19.11.13-0ubuntu0.20.04.1 dpdk - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ifc20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-opdl-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pci20.0 - 19.11.13-0ubuntu0.20.04.1 librte-eal20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-bbdev-turbo-sw20.0 - 19.11.13-0ubuntu0.20.04.1 librte-ethdev20.0 - 19.11.13-0ubuntu0.20.04.1 librte-table20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-hns3-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-ipsec0.200 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-zlib20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bitratestats20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dpaa2-sec20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-caam-jr20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev-octeontx2-dma20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mbuf20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-octeontx-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-stack20.0 - 19.11.13-0ubuntu0.20.04.1 librte-power20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-liquidio20.0 - 19.11.13-0ubuntu0.20.04.1 librte-vhost20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-vhost20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-virtio-crypto20.0 - 19.11.13-0ubuntu0.20.04.1 librte-reorder20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-qede20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-pfe20.0 - 19.11.13-0ubuntu0.20.04.1 librte-flow-classify0.200 - 19.11.13-0ubuntu0.20.04.1 librte-rib0.200 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-octeontx2-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-cxgbe20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-ring20.0 - 19.11.13-0ubuntu0.20.04.1 librte-acl20.0 - 19.11.13-0ubuntu0.20.04.1 librte-common-cpt20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-aesni-gcm20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev-dpaa2-qdma20.0 - 19.11.13-0ubuntu0.20.04.1 librte-lpm20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-tap20.0 - 19.11.13-0ubuntu0.20.04.1 librte-eventdev20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-nfp20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bus-dpaa20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ring20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bus-vdev20.0 - 19.11.13-0ubuntu0.20.04.1 librte-common-octeontx2-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ixgbe20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-vmxnet3-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-crypto-scheduler20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-enetc20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dpaa-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-octeontx2-crypto20.0 - 19.11.13-0ubuntu0.20.04.1 librte-security20.0 - 19.11.13-0ubuntu0.20.04.1 librte-compressdev0.200 - 19.11.13-0ubuntu0.20.04.1 librte-fib0.200 - 19.11.13-0ubuntu0.20.04.1 librte-bpf0.200 - 19.11.13-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-2132 Ubuntu 20.04 LTS Addison Crump discovered that rust-regex did not properly limit the complexity of the regular expressions (regex) it parses. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5610-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librust-regex-dev - 1.2.1-3ubuntu0.1 No subscription required Medium CVE-2022-24713 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5611-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.7-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.36.7-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.36.7-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.36.7-0ubuntu0.20.04.1 webkit2gtk-driver - 2.36.7-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.36.7-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.36.7-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.36.7-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.36.7-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.36.7-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-32893 Ubuntu 20.04 LTS Pietro Borrello, Andreas Kogler, Martin Schwarzl, Daniel Gruss, Michael Schwarz and Moritz Lipp discovered that some Intel processors did not properly clear data between subsequent xAPIC MMIO reads. This could allow a local attacker to compromise SGX enclaves. Update Instructions: Run `sudo pro fix USN-5612-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20220809.0ubuntu0.20.04.1 No subscription required Medium CVE-2022-21233 Ubuntu 20.04 LTS It was discovered that Vim was not properly performing bounds checks when executing spell suggestion commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0943) It was discovered that Vim was using freed memory when dealing with regular expressions through its old regular expression engine. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution. (CVE-2022-1154) It was discovered that Vim was not properly performing checks on name of lambda functions. An attacker could possibly use this issue to cause a denial of service. This issue affected only Ubuntu 22.04 LTS. (CVE-2022-1420) It was discovered that Vim was incorrectly performing bounds checks when processing invalid commands with composing characters in Ex mode. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1616) It was discovered that Vim was not properly processing latin1 data when issuing Ex commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1619) It was discovered that Vim was not properly performing memory management when dealing with invalid regular expression patterns in buffers. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-1620) It was discovered that Vim was not properly processing invalid bytes when performing spell check operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1621) Update Instructions: Run `sudo pro fix USN-5613-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.8 vim-athena - 2:8.1.2269-1ubuntu5.8 vim-tiny - 2:8.1.2269-1ubuntu5.8 vim-gtk - 2:8.1.2269-1ubuntu5.8 vim-gui-common - 2:8.1.2269-1ubuntu5.8 vim - 2:8.1.2269-1ubuntu5.8 vim-doc - 2:8.1.2269-1ubuntu5.8 xxd - 2:8.1.2269-1ubuntu5.8 vim-runtime - 2:8.1.2269-1ubuntu5.8 vim-gtk3 - 2:8.1.2269-1ubuntu5.8 vim-nox - 2:8.1.2269-1ubuntu5.8 No subscription required Medium CVE-2022-0943 CVE-2022-1154 CVE-2022-1420 CVE-2022-1616 CVE-2022-1619 CVE-2022-1620 CVE-2022-1621 Ubuntu 20.04 LTS USN-5613-1 fixed vulnerabilities in Vim. Unfortunately that update failed to include binary packages for some architectures. This update fixes that regression. We apologize for the inconvenience. Original advisory details: It was discovered that Vim was not properly performing bounds checks when executing spell suggestion commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0943) It was discovered that Vim was using freed memory when dealing with regular expressions through its old regular expression engine. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution. (CVE-2022-1154) It was discovered that Vim was not properly performing checks on name of lambda functions. An attacker could possibly use this issue to cause a denial of service. This issue affected only Ubuntu 22.04 LTS. (CVE-2022-1420) It was discovered that Vim was incorrectly performing bounds checks when processing invalid commands with composing characters in Ex mode. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1616) It was discovered that Vim was not properly processing latin1 data when issuing Ex commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1619) It was discovered that Vim was not properly performing memory management when dealing with invalid regular expression patterns in buffers. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-1620) It was discovered that Vim was not properly processing invalid bytes when performing spell check operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1621) Update Instructions: Run `sudo pro fix USN-5613-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.9 vim-athena - 2:8.1.2269-1ubuntu5.9 vim-tiny - 2:8.1.2269-1ubuntu5.9 vim-gtk - 2:8.1.2269-1ubuntu5.9 vim-gui-common - 2:8.1.2269-1ubuntu5.9 vim - 2:8.1.2269-1ubuntu5.9 vim-doc - 2:8.1.2269-1ubuntu5.9 xxd - 2:8.1.2269-1ubuntu5.9 vim-runtime - 2:8.1.2269-1ubuntu5.9 vim-gtk3 - 2:8.1.2269-1ubuntu5.9 vim-nox - 2:8.1.2269-1ubuntu5.9 No subscription required Medium CVE-2022-0943 CVE-2022-1154 CVE-2022-1420 CVE-2022-1616 CVE-2022-1619 CVE-2022-1620 CVE-2022-1621 https://launchpad.net/bugs/1989973 Ubuntu 20.04 LTS It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5614-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwayland-egl1 - 1.18.0-1ubuntu0.1 libwayland-bin - 1.18.0-1ubuntu0.1 libwayland-dev - 1.18.0-1ubuntu0.1 libwayland-cursor0 - 1.18.0-1ubuntu0.1 libwayland-egl-backend-dev - 1.18.0-1ubuntu0.1 libwayland-server0 - 1.18.0-1ubuntu0.1 libwayland-doc - 1.18.0-1ubuntu0.1 libwayland-client0 - 1.18.0-1ubuntu0.1 No subscription required Medium CVE-2021-3782 Ubuntu 20.04 LTS It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-35525) It was discovered that SQLite incorrectly handled ALTER TABLE for views that have a nested FROM clause. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only addressed in Ubuntu 20.04 LTS. (CVE-2020-35527) It was discovered that SQLite incorrectly handled embedded null characters when tokenizing certain unicode strings. This issue could result in incorrect results. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20223) Update Instructions: Run `sudo pro fix USN-5615-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.31.1-4ubuntu0.4 sqlite3-doc - 3.31.1-4ubuntu0.4 libsqlite3-0 - 3.31.1-4ubuntu0.4 libsqlite3-tcl - 3.31.1-4ubuntu0.4 sqlite3 - 3.31.1-4ubuntu0.4 libsqlite3-dev - 3.31.1-4ubuntu0.4 No subscription required Medium CVE-2020-35525 CVE-2020-35527 Ubuntu 20.04 LTS It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. (CVE-2020-0543) Julien Grall discovered that Xen incorrectly handled memory barriers on ARM-based systems. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information or escalate privileges. (CVE-2020-11739) Ilja Van Sprundel discovered that Xen incorrectly handled profiling of guests. An unprivileged attacker could use this issue to obtain sensitive information from other guests, cause a denial of service or possibly gain privileges. (CVE-2020-11740, CVE-2020-11741) It was discovered that Xen incorrectly handled grant tables. A malicious guest could possibly use this issue to cause a denial of service. (CVE-2020-11742, CVE-2020-11743) Jan Beulich discovered that Xen incorrectly handled certain code paths. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-15563) Julien Grall discovered that Xen incorrectly verified memory addresses provided by the guest on ARM-based systems. A malicious guest administrator could possibly use this issue to cause a denial of service. (CVE-2020-15564) Roger Pau Monné discovered that Xen incorrectly handled caching on x86 Intel systems. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-15565) It was discovered that Xen incorrectly handled error in event-channel port allocation. A malicious guest could possibly use this issue to cause a denial of service. (CVE-2020-15566) Jan Beulich discovered that Xen incorrectly handled certain EPT (Extended Page Tables). An attacker could possibly use this issue to cause a denial of service, data corruption or privilege escalation. (CVE-2020-15567) Andrew Cooper discovered that Xen incorrectly handled PCI passthrough. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25595) Andrew Cooper discovered that Xen incorrectly sanitized path injections. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25596) Jan Beulich discovered that Xen incorrectly handled validation of event channels. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25597) Julien Grall and Jan Beulich discovered that Xen incorrectly handled resetting event channels. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. (CVE-2020-25599) Julien Grall discovered that Xen incorrectly handled event channels memory allocation on 32-bits domains. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25600) Jan Beulich discovered that Xen incorrectly handled resetting or cleaning up event channels. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25601) Andrew Cooper discovered that Xen incorrectly handled certain Intel specific MSR (Model Specific Registers). An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25602) Julien Grall discovered that Xen incorrectly handled accessing/allocating event channels. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information of privilege escalation. (CVE-2020-25603) Igor Druzhinin discovered that Xen incorrectly handled locks. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25604) Update Instructions: Run `sudo pro fix USN-5617-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxencall1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxengnttab1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxentoollog1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-common - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-system-arm64 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-4.11-armhf - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxenstore3.0 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-4.9-armhf - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-system-amd64 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxenmisc4.11 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxendevicemodel1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xenstore-utils - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxentoolcore1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-utils-4.11 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxenforeignmemory1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-doc - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-4.9-amd64 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-4.11-arm64 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-4.9-arm64 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-utils-common - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxen-dev - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-4.11-amd64 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxenevtchn1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-system-armhf - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 No subscription required Medium CVE-2020-0543 CVE-2020-11739 CVE-2020-11740 CVE-2020-11741 CVE-2020-11742 CVE-2020-11743 CVE-2020-15563 CVE-2020-15564 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 CVE-2020-25595 CVE-2020-25596 CVE-2020-25597 CVE-2020-25599 CVE-2020-25600 CVE-2020-25601 CVE-2020-25602 CVE-2020-25603 CVE-2020-25604 Ubuntu 20.04 LTS It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-19131) It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-19144) It was discovered that LibTIFF did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted TIFF file using tiffinfo tool, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-1354) It was discovered that LibTIFF did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted TIFF file using tiffcp tool, an attacker could possibly use this issue to cause a denial of service. (CVE-2022-1355) It was discovered that LibTIFF was not properly performing checks to avoid division calculations where the denominator value was zero, which could lead to an undefined behaviour situation via a specially crafted file. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058) Update Instructions: Run `sudo pro fix USN-5619-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.5 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.5 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.5 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.5 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.5 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.5 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.5 No subscription required Medium CVE-2020-19131 CVE-2020-19144 CVE-2022-1354 CVE-2022-1355 CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 Ubuntu 20.04 LTS It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. These issues only affected Ubuntu 20.04 ESM. (CVE-2021-3598, CVE-2021-3605, CVE-2021-20296, CVE-2021-23215, CVE-2021-26260) It was discovered that OpenEXR incorrectly handled certain EXR image files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2021-3933) It was discovered that OpenEXR incorrectly handled certain EXR image files. An attacker could possibly use this issue to cause a crash. (CVE-2021-3941) Update Instructions: Run `sudo pro fix USN-5620-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenexr-dev - 2.3.0-6ubuntu0.5+esm1 openexr - 2.3.0-6ubuntu0.5+esm1 libopenexr24 - 2.3.0-6ubuntu0.5+esm1 openexr-doc - 2.3.0-6ubuntu0.5+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-20296 CVE-2021-23215 CVE-2021-26260 CVE-2021-3598 CVE-2021-3605 CVE-2021-3933 CVE-2021-3941 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information. (CVE-2022-1012, CVE-2022-32296) Norbert Slusarek discovered that a race condition existed in the perf subsystem in the Linux kernel, resulting in a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1729) It was discovered that the device-mapper verity (dm-verity) driver in the Linux kernel did not properly verify targets being loaded into the device- mapper table. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2503) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5622-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1033-ibm - 5.4.0-1033.37 linux-tools-5.4.0-1033-ibm - 5.4.0-1033.37 linux-ibm-headers-5.4.0-1033 - 5.4.0-1033.37 linux-buildinfo-5.4.0-1033-ibm - 5.4.0-1033.37 linux-ibm-source-5.4.0 - 5.4.0-1033.37 linux-ibm-cloud-tools-common - 5.4.0-1033.37 linux-headers-5.4.0-1033-ibm - 5.4.0-1033.37 linux-image-unsigned-5.4.0-1033-ibm - 5.4.0-1033.37 linux-modules-5.4.0-1033-ibm - 5.4.0-1033.37 linux-image-5.4.0-1033-ibm - 5.4.0-1033.37 linux-ibm-tools-common - 5.4.0-1033.37 linux-ibm-tools-5.4.0-1033 - 5.4.0-1033.37 No subscription required linux-image-unsigned-5.4.0-1046-bluefield - 5.4.0-1046.51 linux-bluefield-tools-5.4.0-1046 - 5.4.0-1046.51 linux-bluefield-headers-5.4.0-1046 - 5.4.0-1046.51 linux-headers-5.4.0-1046-bluefield - 5.4.0-1046.51 linux-modules-5.4.0-1046-bluefield - 5.4.0-1046.51 linux-tools-5.4.0-1046-bluefield - 5.4.0-1046.51 linux-image-5.4.0-1046-bluefield - 5.4.0-1046.51 linux-buildinfo-5.4.0-1046-bluefield - 5.4.0-1046.51 No subscription required linux-gkeop-cloud-tools-5.4.0-1053 - 5.4.0-1053.56 linux-gkeop-tools-5.4.0-1053 - 5.4.0-1053.56 linux-gkeop-source-5.4.0 - 5.4.0-1053.56 linux-image-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-cloud-tools-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-headers-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-modules-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-buildinfo-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-modules-extra-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-tools-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-image-unsigned-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-gkeop-headers-5.4.0-1053 - 5.4.0-1053.56 No subscription required linux-raspi-headers-5.4.0-1070 - 5.4.0-1070.80 linux-headers-5.4.0-1070-raspi - 5.4.0-1070.80 linux-buildinfo-5.4.0-1070-raspi - 5.4.0-1070.80 linux-tools-5.4.0-1070-raspi - 5.4.0-1070.80 linux-modules-5.4.0-1070-raspi - 5.4.0-1070.80 linux-raspi-tools-5.4.0-1070 - 5.4.0-1070.80 linux-image-5.4.0-1070-raspi - 5.4.0-1070.80 No subscription required linux-image-5.4.0-1075-kvm - 5.4.0-1075.80 linux-kvm-tools-5.4.0-1075 - 5.4.0-1075.80 linux-headers-5.4.0-1075-kvm - 5.4.0-1075.80 linux-kvm-headers-5.4.0-1075 - 5.4.0-1075.80 linux-tools-5.4.0-1075-kvm - 5.4.0-1075.80 linux-image-unsigned-5.4.0-1075-kvm - 5.4.0-1075.80 linux-buildinfo-5.4.0-1075-kvm - 5.4.0-1075.80 linux-modules-5.4.0-1075-kvm - 5.4.0-1075.80 No subscription required linux-buildinfo-5.4.0-1083-oracle - 5.4.0-1083.91 linux-image-unsigned-5.4.0-1083-oracle - 5.4.0-1083.91 linux-modules-extra-5.4.0-1083-oracle - 5.4.0-1083.91 linux-tools-5.4.0-1083-oracle - 5.4.0-1083.91 linux-headers-5.4.0-1083-oracle - 5.4.0-1083.91 linux-oracle-headers-5.4.0-1083 - 5.4.0-1083.91 linux-modules-5.4.0-1083-oracle - 5.4.0-1083.91 linux-image-5.4.0-1083-oracle - 5.4.0-1083.91 linux-oracle-tools-5.4.0-1083 - 5.4.0-1083.91 No subscription required linux-aws-cloud-tools-5.4.0-1085 - 5.4.0-1085.92 linux-cloud-tools-5.4.0-1085-aws - 5.4.0-1085.92 linux-buildinfo-5.4.0-1085-aws - 5.4.0-1085.92 linux-aws-headers-5.4.0-1085 - 5.4.0-1085.92 linux-image-5.4.0-1085-aws - 5.4.0-1085.92 linux-aws-tools-5.4.0-1085 - 5.4.0-1085.92 linux-tools-5.4.0-1085-aws - 5.4.0-1085.92 linux-modules-5.4.0-1085-aws - 5.4.0-1085.92 linux-headers-5.4.0-1085-aws - 5.4.0-1085.92 linux-image-unsigned-5.4.0-1085-aws - 5.4.0-1085.92 linux-modules-extra-5.4.0-1085-aws - 5.4.0-1085.92 No subscription required linux-buildinfo-5.4.0-1091-azure - 5.4.0-1091.96 linux-tools-5.4.0-1091-azure - 5.4.0-1091.96 linux-image-unsigned-5.4.0-1091-azure - 5.4.0-1091.96 linux-azure-headers-5.4.0-1091 - 5.4.0-1091.96 linux-cloud-tools-5.4.0-1091-azure - 5.4.0-1091.96 linux-modules-5.4.0-1091-azure - 5.4.0-1091.96 linux-azure-cloud-tools-5.4.0-1091 - 5.4.0-1091.96 linux-azure-tools-5.4.0-1091 - 5.4.0-1091.96 linux-modules-extra-5.4.0-1091-azure - 5.4.0-1091.96 linux-image-5.4.0-1091-azure - 5.4.0-1091.96 linux-headers-5.4.0-1091-azure - 5.4.0-1091.96 No subscription required linux-modules-extra-5.4.0-126-generic - 5.4.0-126.142 linux-tools-common - 5.4.0-126.142 linux-buildinfo-5.4.0-126-generic-lpae - 5.4.0-126.142 linux-headers-5.4.0-126 - 5.4.0-126.142 linux-tools-host - 5.4.0-126.142 linux-cloud-tools-5.4.0-126 - 5.4.0-126.142 linux-tools-5.4.0-126 - 5.4.0-126.142 linux-libc-dev - 5.4.0-126.142 linux-source-5.4.0 - 5.4.0-126.142 linux-modules-5.4.0-126-generic-lpae - 5.4.0-126.142 linux-headers-5.4.0-126-lowlatency - 5.4.0-126.142 linux-modules-5.4.0-126-lowlatency - 5.4.0-126.142 linux-headers-5.4.0-126-generic-lpae - 5.4.0-126.142 linux-tools-5.4.0-126-lowlatency - 5.4.0-126.142 linux-modules-5.4.0-126-generic - 5.4.0-126.142 linux-tools-5.4.0-126-generic-lpae - 5.4.0-126.142 linux-buildinfo-5.4.0-126-generic - 5.4.0-126.142 linux-doc - 5.4.0-126.142 linux-image-unsigned-5.4.0-126-generic - 5.4.0-126.142 linux-image-5.4.0-126-lowlatency - 5.4.0-126.142 linux-image-5.4.0-126-generic - 5.4.0-126.142 linux-buildinfo-5.4.0-126-lowlatency - 5.4.0-126.142 linux-headers-5.4.0-126-generic - 5.4.0-126.142 linux-image-5.4.0-126-generic-lpae - 5.4.0-126.142 linux-cloud-tools-common - 5.4.0-126.142 linux-cloud-tools-5.4.0-126-generic - 5.4.0-126.142 linux-image-unsigned-5.4.0-126-lowlatency - 5.4.0-126.142 linux-tools-5.4.0-126-generic - 5.4.0-126.142 linux-cloud-tools-5.4.0-126-lowlatency - 5.4.0-126.142 No subscription required linux-image-ibm-lts-20.04 - 5.4.0.1033.62 linux-headers-ibm-lts-20.04 - 5.4.0.1033.62 linux-tools-ibm - 5.4.0.1033.62 linux-image-ibm - 5.4.0.1033.62 linux-ibm-lts-20.04 - 5.4.0.1033.62 linux-modules-extra-ibm - 5.4.0.1033.62 linux-ibm - 5.4.0.1033.62 linux-headers-ibm - 5.4.0.1033.62 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1033.62 linux-tools-ibm-lts-20.04 - 5.4.0.1033.62 No subscription required linux-bluefield - 5.4.0.1046.45 linux-image-bluefield - 5.4.0.1046.45 linux-headers-bluefield - 5.4.0.1046.45 linux-tools-bluefield - 5.4.0.1046.45 No subscription required linux-headers-gkeop - 5.4.0.1053.54 linux-cloud-tools-gkeop-5.4 - 5.4.0.1053.54 linux-modules-extra-gkeop-5.4 - 5.4.0.1053.54 linux-gkeop-5.4 - 5.4.0.1053.54 linux-headers-gkeop-5.4 - 5.4.0.1053.54 linux-image-gkeop-5.4 - 5.4.0.1053.54 linux-image-gkeop - 5.4.0.1053.54 linux-gkeop - 5.4.0.1053.54 linux-cloud-tools-gkeop - 5.4.0.1053.54 linux-modules-extra-gkeop - 5.4.0.1053.54 linux-tools-gkeop - 5.4.0.1053.54 linux-tools-gkeop-5.4 - 5.4.0.1053.54 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1070.103 linux-raspi2 - 5.4.0.1070.103 linux-headers-raspi2 - 5.4.0.1070.103 linux-image-raspi-hwe-18.04 - 5.4.0.1070.103 linux-image-raspi2-hwe-18.04 - 5.4.0.1070.103 linux-tools-raspi - 5.4.0.1070.103 linux-headers-raspi2-hwe-18.04 - 5.4.0.1070.103 linux-headers-raspi-hwe-18.04 - 5.4.0.1070.103 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1070.103 linux-headers-raspi - 5.4.0.1070.103 linux-raspi2-hwe-18.04-edge - 5.4.0.1070.103 linux-raspi - 5.4.0.1070.103 linux-raspi-hwe-18.04 - 5.4.0.1070.103 linux-tools-raspi2-hwe-18.04 - 5.4.0.1070.103 linux-raspi2-hwe-18.04 - 5.4.0.1070.103 linux-image-raspi-hwe-18.04-edge - 5.4.0.1070.103 linux-image-raspi2 - 5.4.0.1070.103 linux-tools-raspi-hwe-18.04 - 5.4.0.1070.103 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1070.103 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1070.103 linux-raspi-hwe-18.04-edge - 5.4.0.1070.103 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1070.103 linux-image-raspi - 5.4.0.1070.103 linux-tools-raspi2 - 5.4.0.1070.103 No subscription required linux-kvm - 5.4.0.1075.72 linux-headers-kvm - 5.4.0.1075.72 linux-image-kvm - 5.4.0.1075.72 linux-tools-kvm - 5.4.0.1075.72 No subscription required linux-oracle-lts-20.04 - 5.4.0.1083.80 linux-headers-oracle-lts-20.04 - 5.4.0.1083.80 linux-image-oracle-lts-20.04 - 5.4.0.1083.80 linux-tools-oracle-lts-20.04 - 5.4.0.1083.80 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1085.85 linux-image-aws-lts-20.04 - 5.4.0.1085.85 linux-headers-aws-lts-20.04 - 5.4.0.1085.85 linux-tools-aws-lts-20.04 - 5.4.0.1085.85 linux-aws-lts-20.04 - 5.4.0.1085.85 No subscription required linux-azure-lts-20.04 - 5.4.0.1091.88 linux-image-azure-lts-20.04 - 5.4.0.1091.88 linux-modules-extra-azure-lts-20.04 - 5.4.0.1091.88 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1091.88 linux-tools-azure-lts-20.04 - 5.4.0.1091.88 linux-headers-azure-lts-20.04 - 5.4.0.1091.88 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.126.127 linux-cloud-tools-virtual - 5.4.0.126.127 linux-image-generic-hwe-18.04 - 5.4.0.126.127 linux-headers-generic-lpae - 5.4.0.126.127 linux-crashdump - 5.4.0.126.127 linux-generic-hwe-18.04-edge - 5.4.0.126.127 linux-oem-osp1-tools-host - 5.4.0.126.127 linux-image-generic - 5.4.0.126.127 linux-tools-lowlatency - 5.4.0.126.127 linux-image-oem - 5.4.0.126.127 linux-headers-generic-hwe-18.04 - 5.4.0.126.127 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.126.127 linux-headers-lowlatency-hwe-18.04 - 5.4.0.126.127 linux-lowlatency-hwe-18.04-edge - 5.4.0.126.127 linux-image-extra-virtual-hwe-18.04 - 5.4.0.126.127 linux-oem - 5.4.0.126.127 linux-image-generic-lpae-hwe-18.04 - 5.4.0.126.127 linux-image-oem-osp1 - 5.4.0.126.127 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.126.127 linux-tools-lowlatency-hwe-18.04 - 5.4.0.126.127 linux-headers-virtual-hwe-18.04-edge - 5.4.0.126.127 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.126.127 linux-source - 5.4.0.126.127 linux-lowlatency - 5.4.0.126.127 linux-tools-virtual-hwe-18.04-edge - 5.4.0.126.127 linux-tools-generic-lpae - 5.4.0.126.127 linux-cloud-tools-generic - 5.4.0.126.127 linux-headers-virtual-hwe-18.04 - 5.4.0.126.127 linux-virtual-hwe-18.04 - 5.4.0.126.127 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.126.127 linux-tools-virtual - 5.4.0.126.127 linux-generic-lpae-hwe-18.04-edge - 5.4.0.126.127 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.126.127 linux-generic-lpae - 5.4.0.126.127 linux-headers-oem - 5.4.0.126.127 linux-generic - 5.4.0.126.127 linux-tools-oem-osp1 - 5.4.0.126.127 linux-virtual - 5.4.0.126.127 linux-image-virtual - 5.4.0.126.127 linux-tools-generic-hwe-18.04-edge - 5.4.0.126.127 linux-image-virtual-hwe-18.04 - 5.4.0.126.127 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.126.127 linux-lowlatency-hwe-18.04 - 5.4.0.126.127 linux-cloud-tools-lowlatency - 5.4.0.126.127 linux-headers-lowlatency - 5.4.0.126.127 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.126.127 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.126.127 linux-tools-generic - 5.4.0.126.127 linux-image-extra-virtual - 5.4.0.126.127 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.126.127 linux-oem-tools-host - 5.4.0.126.127 linux-tools-oem - 5.4.0.126.127 linux-headers-oem-osp1 - 5.4.0.126.127 linux-generic-lpae-hwe-18.04 - 5.4.0.126.127 linux-headers-generic-hwe-18.04-edge - 5.4.0.126.127 linux-headers-generic - 5.4.0.126.127 linux-oem-osp1 - 5.4.0.126.127 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.126.127 linux-image-lowlatency-hwe-18.04 - 5.4.0.126.127 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.126.127 linux-virtual-hwe-18.04-edge - 5.4.0.126.127 linux-headers-virtual - 5.4.0.126.127 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.126.127 linux-tools-virtual-hwe-18.04 - 5.4.0.126.127 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.126.127 linux-generic-hwe-18.04 - 5.4.0.126.127 linux-image-generic-lpae - 5.4.0.126.127 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.126.127 linux-image-lowlatency - 5.4.0.126.127 linux-tools-generic-hwe-18.04 - 5.4.0.126.127 linux-image-generic-hwe-18.04-edge - 5.4.0.126.127 linux-image-virtual-hwe-18.04-edge - 5.4.0.126.127 No subscription required Medium CVE-2021-33655 CVE-2022-1012 CVE-2022-1729 CVE-2022-2503 CVE-2022-32296 CVE-2022-36946 Ubuntu 20.04 LTS Asaf Modelevsky discovered that the Intel(R) 10GbE PCI Express (ixgbe) Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061) It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information. (CVE-2022-1012, CVE-2022-32296) Norbert Slusarek discovered that a race condition existed in the perf subsystem in the Linux kernel, resulting in a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1729) Qiuhao Li, Gaoning Pan, and Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle an illegal instruction in a guest, resulting in a null pointer dereference. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2022-1852) It was discovered that the UDF file system implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1943) Gerald Lee discovered that the NTFS file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2022-1973) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) It was discovered that the device-mapper verity (dm-verity) driver in the Linux kernel did not properly verify targets being loaded into the device- mapper table. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2503) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Zheyu Ma discovered that the Intel iSMT SMBus host controller driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2873) Selim Enes Karaduman discovered that a race condition existed in the pipe buffers implementation of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly escalate privileges. (CVE-2022-2959) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Jan Beulich discovered that the Xen network device frontend driver in the Linux kernel incorrectly handled socket buffers (skb) references when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash). (CVE-2022-33743) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494, CVE-2022-34495) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5623-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-48-lowlatency-64k - 5.15.0-48.54~20.04.1 linux-cloud-tools-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-headers-5.15.0-48-generic-lpae - 5.15.0-48.54~20.04.1 linux-tools-5.15.0-48-lowlatency-64k - 5.15.0-48.54~20.04.1 linux-image-unsigned-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-image-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-hwe-5.15-headers-5.15.0-48 - 5.15.0-48.54~20.04.1 linux-hwe-5.15-tools-5.15.0-48 - 5.15.0-48.54~20.04.1 linux-image-5.15.0-48-generic-64k - 5.15.0-48.54~20.04.1 linux-modules-5.15.0-48-generic-lpae - 5.15.0-48.54~20.04.1 linux-image-unsigned-5.15.0-48-lowlatency-64k - 5.15.0-48.54~20.04.1 linux-image-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-tools-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-buildinfo-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-48.54~20.04.1 linux-modules-5.15.0-48-generic-64k - 5.15.0-48.54~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-48.54~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-48.54~20.04.1 linux-cloud-tools-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-image-unsigned-5.15.0-48-generic-64k - 5.15.0-48.54~20.04.1 linux-tools-5.15.0-48-generic-64k - 5.15.0-48.54~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-48 - 5.15.0-48.54~20.04.1 linux-tools-5.15.0-48-generic-lpae - 5.15.0-48.54~20.04.1 linux-headers-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-48.54~20.04.1 linux-modules-extra-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-48 - 5.15.0-48.54~20.04.1 linux-image-5.15.0-48-generic-lpae - 5.15.0-48.54~20.04.1 linux-buildinfo-5.15.0-48-lowlatency-64k - 5.15.0-48.54~20.04.1 linux-modules-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-image-5.15.0-48-lowlatency-64k - 5.15.0-48.54~20.04.1 linux-headers-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-modules-5.15.0-48-lowlatency-64k - 5.15.0-48.54~20.04.1 linux-image-unsigned-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-48.54~20.04.1 linux-modules-iwlwifi-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-buildinfo-5.15.0-48-generic-lpae - 5.15.0-48.54~20.04.1 linux-modules-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-buildinfo-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-48.54~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-48 - 5.15.0-48.54~20.04.1 linux-modules-iwlwifi-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-buildinfo-5.15.0-48-generic-64k - 5.15.0-48.54~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-48 - 5.15.0-48.54~20.04.1 linux-headers-5.15.0-48-generic-64k - 5.15.0-48.54~20.04.1 linux-tools-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-48.54~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-lowlatency-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-headers-lowlatency-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-image-lowlatency-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-lowlatency-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-lowlatency-64k-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-tools-lowlatency-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.16 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-image-virtual-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-headers-virtual-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-headers-generic-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-image-virtual-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-extra-virtual-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-virtual-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-headers-generic-64k-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-generic-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-generic-lpae-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-generic-64k-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-virtual-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-tools-generic-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-generic-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-generic-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-generic-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-generic-lpae-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-tools-generic-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-headers-generic-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-generic-lpae-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-tools-virtual-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-tools-generic-64k-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-tools-virtual-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-generic-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-generic-64k-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-headers-virtual-hwe-20.04 - 5.15.0.48.54~20.04.18 No subscription required Medium CVE-2021-33061 CVE-2021-33655 CVE-2022-1012 CVE-2022-1729 CVE-2022-1852 CVE-2022-1943 CVE-2022-1973 CVE-2022-2318 CVE-2022-2503 CVE-2022-26365 CVE-2022-2873 CVE-2022-2959 CVE-2022-32296 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33743 CVE-2022-33744 CVE-2022-34494 CVE-2022-34495 CVE-2022-36946 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Jan Beulich discovered that the Xen network device frontend driver in the Linux kernel incorrectly handled socket buffers (skb) references when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash). (CVE-2022-33743) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494, CVE-2022-34495) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5624-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-buildinfo-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-tools-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-image-unsigned-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-modules-extra-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-cloud-tools-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1020 - 5.15.0-1020.24~20.04.1 linux-image-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-aws-5.15-tools-5.15.0-1020 - 5.15.0-1020.24~20.04.1 linux-headers-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-aws-5.15-headers-5.15.0-1020 - 5.15.0-1020.24~20.04.1 No subscription required linux-headers-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-modules-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-azure-5.15-headers-5.15.0-1020 - 5.15.0-1020.25~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1020 - 5.15.0-1020.25~20.04.1 linux-buildinfo-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-azure-5.15-tools-5.15.0-1020 - 5.15.0-1020.25~20.04.1 linux-modules-extra-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-image-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-cloud-tools-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-image-unsigned-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-tools-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1020.24~20.04.12 linux-modules-extra-aws-edge - 5.15.0.1020.24~20.04.12 linux-tools-aws - 5.15.0.1020.24~20.04.12 linux-image-aws-edge - 5.15.0.1020.24~20.04.12 linux-headers-aws-edge - 5.15.0.1020.24~20.04.12 linux-aws-edge - 5.15.0.1020.24~20.04.12 linux-tools-aws-edge - 5.15.0.1020.24~20.04.12 linux-aws - 5.15.0.1020.24~20.04.12 linux-headers-aws - 5.15.0.1020.24~20.04.12 linux-image-aws - 5.15.0.1020.24~20.04.12 No subscription required linux-azure - 5.15.0.1020.25~20.04.13 linux-tools-azure-edge - 5.15.0.1020.25~20.04.13 linux-image-azure - 5.15.0.1020.25~20.04.13 linux-cloud-tools-azure - 5.15.0.1020.25~20.04.13 linux-cloud-tools-azure-edge - 5.15.0.1020.25~20.04.13 linux-tools-azure - 5.15.0.1020.25~20.04.13 linux-headers-azure-edge - 5.15.0.1020.25~20.04.13 linux-image-azure-edge - 5.15.0.1020.25~20.04.13 linux-modules-extra-azure - 5.15.0.1020.25~20.04.13 linux-azure-edge - 5.15.0.1020.25~20.04.13 linux-modules-extra-azure-edge - 5.15.0.1020.25~20.04.13 linux-headers-azure - 5.15.0.1020.25~20.04.13 No subscription required Medium CVE-2021-33655 CVE-2022-2318 CVE-2022-26365 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33743 CVE-2022-33744 CVE-2022-34494 CVE-2022-34495 CVE-2022-36946 Ubuntu 20.04 LTS It was discovered that Mako incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5625-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-mako - 1.1.0+ds1-1ubuntu2.1 python-mako-doc - 1.1.0+ds1-1ubuntu2.1 python3-mako - 1.1.0+ds1-1ubuntu2.1 No subscription required Medium CVE-2022-40023 Ubuntu 20.04 LTS Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service. (CVE-2022-2795) It was discovered that Bind incorrectly handled statistics requests. A remote attacker could possibly use this issue to obtain sensitive memory contents, or cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2881) It was discovered that Bind incorrectly handled memory when processing certain Diffie-Hellman key exchanges. A remote attacker could use this issue to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2906) Maksym Odinintsev discovered that Bind incorrectly handled answers from cache when configured with a zero stale-answer-timeout. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-3080) It was discovered that Bind incorrectly handled memory when processing ECDSA DNSSEC verification. A remote attacker could use this issue to consume resources, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-38177) It was discovered that Bind incorrectly handled memory when processing EDDSA DNSSEC verification. A remote attacker could use this issue to consume resources, leading to a denial of service. (CVE-2022-38178) Update Instructions: Run `sudo pro fix USN-5626-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.11 bind9-libs - 1:9.16.1-0ubuntu2.11 bind9utils - 1:9.16.1-0ubuntu2.11 bind9-doc - 1:9.16.1-0ubuntu2.11 bind9-utils - 1:9.16.1-0ubuntu2.11 bind9 - 1:9.16.1-0ubuntu2.11 bind9-dnsutils - 1:9.16.1-0ubuntu2.11 bind9-host - 1:9.16.1-0ubuntu2.11 No subscription required Medium CVE-2022-2795 CVE-2022-2881 CVE-2022-2906 CVE-2022-3080 CVE-2022-38177 CVE-2022-38178 Ubuntu 20.04 LTS It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5627-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpcre2-16-0 - 10.34-7ubuntu0.1 libpcre2-32-0 - 10.34-7ubuntu0.1 libpcre2-posix2 - 10.34-7ubuntu0.1 pcre2-utils - 10.34-7ubuntu0.1 libpcre2-dev - 10.34-7ubuntu0.1 libpcre2-8-0 - 10.34-7ubuntu0.1 No subscription required Low CVE-2022-1586 CVE-2022-1587 Ubuntu 20.04 LTS It was discovered that etcd incorrectly handled certain specially crafted WAL files. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-15106, CVE-2020-15112) It was discovered that etcd incorrectly handled directory permissions when trying to create a directory that exists already. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-15113) It was discovered that etcd incorrectly handled endpoint setup. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-15114) Update Instructions: Run `sudo pro fix USN-5628-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: etcd-server - 3.2.26+dfsg-6ubuntu0.1 golang-etcd-server-dev - 3.2.26+dfsg-6ubuntu0.1 etcd-client - 3.2.26+dfsg-6ubuntu0.1 etcd - 3.2.26+dfsg-6ubuntu0.1 No subscription required Medium CVE-2020-15106 CVE-2020-15112 CVE-2020-15113 CVE-2020-15114 Ubuntu 20.04 LTS It was discovered that libjpeg-turbo incorrectly handled certain EOF characters. An attacker could possibly use this issue to cause libjpeg-turbo to consume resource, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-11813) It was discovered that libjpeg-turbo incorrectly handled certain malformed jpeg files. An attacker could possibly use this issue to cause libjpeg-turbo to crash, resulting in a denial of service. (CVE-2020-17541, CVE-2020-35538) It was discovered that libjpeg-turbo incorrectly handled certain malformed PPM files. An attacker could use this issue to cause libjpeg-turbo to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-46822) Update Instructions: Run `sudo pro fix USN-5631-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libturbojpeg0-dev - 2.0.3-0ubuntu1.20.04.3 libjpeg-turbo8-dev - 2.0.3-0ubuntu1.20.04.3 libjpeg-turbo-progs - 2.0.3-0ubuntu1.20.04.3 libturbojpeg - 2.0.3-0ubuntu1.20.04.3 libjpeg-turbo8 - 2.0.3-0ubuntu1.20.04.3 libjpeg-turbo-test - 2.0.3-0ubuntu1.20.04.3 No subscription required Medium CVE-2018-11813 CVE-2020-17541 CVE-2020-35538 CVE-2021-46822 Ubuntu 20.04 LTS It was discovered that SoS incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5636-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sosreport - 4.3-1ubuntu0.20.04.2 No subscription required Medium CVE-2022-2806 Ubuntu 20.04 LTS USN-5638-1 fixed a vulnerability in Expat. This update provides the corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that Expat incorrectly handled memory in out-of-memory situations. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-43680) Original advisory details: Rhodri James discovered that Expat incorrectly handled memory when processing certain malformed XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5638-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: expat - 2.2.9-1ubuntu0.5 libexpat1-dev - 2.2.9-1ubuntu0.5 libexpat1 - 2.2.9-1ubuntu0.5 No subscription required Medium CVE-2022-40674 CVE-2022-43680 Ubuntu 20.04 LTS USN-5638-1 fixed a vulnerability in Expat. This update provides the corresponding updates for Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-43680) This update also fixes a minor regression introduced in Ubuntu 18.04 LTS. We apologize for the inconvenience. Original advisory details: Rhodri James discovered that Expat incorrectly handled memory when processing certain malformed XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5638-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: expat - 2.2.9-1ubuntu0.6 libexpat1-dev - 2.2.9-1ubuntu0.6 libexpat1 - 2.2.9-1ubuntu0.6 No subscription required Medium CVE-2022-43680 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information. (CVE-2022-1012, CVE-2022-32296) Norbert Slusarek discovered that a race condition existed in the perf subsystem in the Linux kernel, resulting in a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1729) It was discovered that the device-mapper verity (dm-verity) driver in the Linux kernel did not properly verify targets being loaded into the device- mapper table. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2503) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5639-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1091-azure-fde - 5.4.0-1091.96+cvm1.1 linux-image-5.4.0-1091-azure-fde - 5.4.0-1091.96+cvm1.1 No subscription required linux-azure-fde - 5.4.0.1091.96+cvm1.31 linux-modules-extra-azure-fde - 5.4.0.1091.96+cvm1.31 linux-image-azure-fde - 5.4.0.1091.96+cvm1.31 linux-cloud-tools-azure-fde - 5.4.0.1091.96+cvm1.31 linux-tools-azure-fde - 5.4.0.1091.96+cvm1.31 linux-headers-azure-fde - 5.4.0.1091.96+cvm1.31 No subscription required Medium CVE-2021-33655 CVE-2022-1012 CVE-2022-1729 CVE-2022-2503 CVE-2022-32296 CVE-2022-36946 Ubuntu 20.04 LTS Mikhail Evdokimov discovered that Squid incorrectly handled cache manager ACLs. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-41317) It was discovered that Squid incorrectly handled SSPI and SMB authentication. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2022-41318) Update Instructions: Run `sudo pro fix USN-5641-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.7 squidclient - 4.10-1ubuntu1.7 squid - 4.10-1ubuntu1.7 squid-cgi - 4.10-1ubuntu1.7 squid-purge - 4.10-1ubuntu1.7 No subscription required Medium CVE-2022-41317 CVE-2022-41318 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5642-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.8-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.36.8-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.36.8-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.36.8-0ubuntu0.20.04.1 webkit2gtk-driver - 2.36.8-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.36.8-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.36.8-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.36.8-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.36.8-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.36.8-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-32886 Ubuntu 20.04 LTS It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-27792) It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2085) Update Instructions: Run `sudo pro fix USN-5643-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.6 ghostscript-x - 9.50~dfsg-5ubuntu4.6 libgs-dev - 9.50~dfsg-5ubuntu4.6 ghostscript-doc - 9.50~dfsg-5ubuntu4.6 libgs9 - 9.50~dfsg-5ubuntu4.6 libgs9-common - 9.50~dfsg-5ubuntu4.6 No subscription required Medium CVE-2020-27792 CVE-2022-2085 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Jan Beulich discovered that the Xen network device frontend driver in the Linux kernel incorrectly handled socket buffers (skb) references when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash). (CVE-2022-33743) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494, CVE-2022-34495) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5644-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-iwlwifi-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-gcp-5.15-tools-5.15.0-1018 - 5.15.0-1018.24~20.04.1 linux-image-unsigned-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-buildinfo-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-modules-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-gcp-5.15-headers-5.15.0-1018 - 5.15.0-1018.24~20.04.1 linux-headers-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-modules-extra-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-image-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-tools-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 No subscription required linux-headers-gcp-edge - 5.15.0.1018.24~20.04.1 linux-tools-gcp - 5.15.0.1018.24~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1018.24~20.04.1 linux-image-gcp-edge - 5.15.0.1018.24~20.04.1 linux-gcp-edge - 5.15.0.1018.24~20.04.1 linux-image-gcp - 5.15.0.1018.24~20.04.1 linux-tools-gcp-edge - 5.15.0.1018.24~20.04.1 linux-modules-extra-gcp - 5.15.0.1018.24~20.04.1 linux-gcp - 5.15.0.1018.24~20.04.1 linux-headers-gcp - 5.15.0.1018.24~20.04.1 No subscription required Medium CVE-2021-33655 CVE-2022-2318 CVE-2022-26365 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33743 CVE-2022-33744 CVE-2022-34494 CVE-2022-34495 CVE-2022-36946 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information. (CVE-2022-1012, CVE-2022-32296) Norbert Slusarek discovered that a race condition existed in the perf subsystem in the Linux kernel, resulting in a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1729) It was discovered that the device-mapper verity (dm-verity) driver in the Linux kernel did not properly verify targets being loaded into the device- mapper table. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2503) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5647-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1089-gcp - 5.4.0-1089.97 linux-image-5.4.0-1089-gcp - 5.4.0-1089.97 linux-headers-5.4.0-1089-gcp - 5.4.0-1089.97 linux-image-unsigned-5.4.0-1089-gcp - 5.4.0-1089.97 linux-modules-extra-5.4.0-1089-gcp - 5.4.0-1089.97 linux-gcp-headers-5.4.0-1089 - 5.4.0-1089.97 linux-buildinfo-5.4.0-1089-gcp - 5.4.0-1089.97 linux-gcp-tools-5.4.0-1089 - 5.4.0-1089.97 linux-modules-5.4.0-1089-gcp - 5.4.0-1089.97 No subscription required linux-image-gcp-lts-20.04 - 5.4.0.1089.94 linux-tools-gcp-lts-20.04 - 5.4.0.1089.94 linux-headers-gcp-lts-20.04 - 5.4.0.1089.94 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1089.94 linux-gcp-lts-20.04 - 5.4.0.1089.94 No subscription required Medium CVE-2021-33655 CVE-2022-1012 CVE-2022-1729 CVE-2022-2503 CVE-2022-32296 CVE-2022-36946 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Jan Beulich discovered that the Xen network device frontend driver in the Linux kernel incorrectly handled socket buffers (skb) references when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash). (CVE-2022-33743) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494, CVE-2022-34495) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5648-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gke-5.15-headers-5.15.0-1016 - 5.15.0-1016.19~20.04.1 linux-modules-iwlwifi-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-image-unsigned-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-gke-5.15-tools-5.15.0-1016 - 5.15.0-1016.19~20.04.1 linux-modules-extra-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-modules-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-buildinfo-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-tools-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-headers-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-image-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 No subscription required linux-image-gke-edge - 5.15.0.1016.19~20.04.1 linux-gke-edge - 5.15.0.1016.19~20.04.1 linux-headers-gke-5.15 - 5.15.0.1016.19~20.04.1 linux-tools-gke-edge - 5.15.0.1016.19~20.04.1 linux-image-gke-5.15 - 5.15.0.1016.19~20.04.1 linux-tools-gke-5.15 - 5.15.0.1016.19~20.04.1 linux-headers-gke-edge - 5.15.0.1016.19~20.04.1 linux-gke-5.15 - 5.15.0.1016.19~20.04.1 No subscription required Medium CVE-2021-33655 CVE-2022-2318 CVE-2022-26365 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33743 CVE-2022-33744 CVE-2022-34494 CVE-2022-34495 CVE-2022-36946 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass Content Security Policy (CSP) or other security restrictions, conduct session fixation attacks, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5649-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 105.0+build2-0ubuntu0.20.04.1 firefox - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 105.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 105.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 105.0+build2-0ubuntu0.20.04.1 firefox-dev - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 105.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-3266 CVE-2022-40959 CVE-2022-40960 CVE-2022-40958 CVE-2022-40956 CVE-2022-40957 CVE-2022-40962 Ubuntu 20.04 LTS Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points (CDP) in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack. Update Instructions: Run `sudo pro fix USN-5651-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: strongswan-nm - 5.8.2-1ubuntu3.5 strongswan-scepclient - 5.8.2-1ubuntu3.5 libcharon-extra-plugins - 5.8.2-1ubuntu3.5 libcharon-standard-plugins - 5.8.2-1ubuntu3.5 libstrongswan-extra-plugins - 5.8.2-1ubuntu3.5 strongswan-tnc-pdp - 5.8.2-1ubuntu3.5 strongswan-charon - 5.8.2-1ubuntu3.5 libstrongswan - 5.8.2-1ubuntu3.5 libstrongswan-standard-plugins - 5.8.2-1ubuntu3.5 libcharon-extauth-plugins - 5.8.2-1ubuntu3.5 charon-systemd - 5.8.2-1ubuntu3.5 strongswan - 5.8.2-1ubuntu3.5 strongswan-tnc-server - 5.8.2-1ubuntu3.5 strongswan-tnc-client - 5.8.2-1ubuntu3.5 strongswan-tnc-base - 5.8.2-1ubuntu3.5 charon-cmd - 5.8.2-1ubuntu3.5 strongswan-libcharon - 5.8.2-1ubuntu3.5 strongswan-pki - 5.8.2-1ubuntu3.5 strongswan-tnc-ifmap - 5.8.2-1ubuntu3.5 strongswan-starter - 5.8.2-1ubuntu3.5 strongswan-swanctl - 5.8.2-1ubuntu3.5 No subscription required Medium CVE-2022-40617 Ubuntu 20.04 LTS Benjamin Balder Bach discovered that Django incorrectly handled certain internationalized URLs. A remote attacker could possibly use this issue to cause Django to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5653-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.14 python-django-doc - 2:2.2.12-1ubuntu0.14 No subscription required Medium CVE-2022-41323 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information. (CVE-2022-1012, CVE-2022-32296) Norbert Slusarek discovered that a race condition existed in the perf subsystem in the Linux kernel, resulting in a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1729) It was discovered that the device-mapper verity (dm-verity) driver in the Linux kernel did not properly verify targets being loaded into the device- mapper table. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2503) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5654-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gke-headers-5.4.0-1083 - 5.4.0-1083.89 linux-modules-extra-5.4.0-1083-gke - 5.4.0-1083.89 linux-modules-5.4.0-1083-gke - 5.4.0-1083.89 linux-gke-tools-5.4.0-1083 - 5.4.0-1083.89 linux-headers-5.4.0-1083-gke - 5.4.0-1083.89 linux-image-5.4.0-1083-gke - 5.4.0-1083.89 linux-buildinfo-5.4.0-1083-gke - 5.4.0-1083.89 linux-image-unsigned-5.4.0-1083-gke - 5.4.0-1083.89 linux-tools-5.4.0-1083-gke - 5.4.0-1083.89 No subscription required linux-modules-extra-gke - 5.4.0.1083.91 linux-image-gke - 5.4.0.1083.91 linux-gke-5.4 - 5.4.0.1083.91 linux-image-gke-5.4 - 5.4.0.1083.91 linux-tools-gke-5.4 - 5.4.0.1083.91 linux-modules-extra-gke-5.4 - 5.4.0.1083.91 linux-gke - 5.4.0.1083.91 linux-headers-gke-5.4 - 5.4.0.1083.91 linux-tools-gke - 5.4.0.1083.91 linux-headers-gke - 5.4.0.1083.91 No subscription required Medium CVE-2021-33655 CVE-2022-1012 CVE-2022-1729 CVE-2022-2503 CVE-2022-32296 CVE-2022-36946 Ubuntu 20.04 LTS It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to crash, resulting in a denial of service. (CVE-2022-2928) It was discovered that DHCP incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause DHCP clients and servers to consume resources, leading to a denial of service. (CVE-2022-2929) Update Instructions: Run `sudo pro fix USN-5658-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: isc-dhcp-dev - 4.4.1-2.1ubuntu5.20.04.4 isc-dhcp-client-ddns - 4.4.1-2.1ubuntu5.20.04.4 isc-dhcp-relay - 4.4.1-2.1ubuntu5.20.04.4 isc-dhcp-client - 4.4.1-2.1ubuntu5.20.04.4 isc-dhcp-common - 4.4.1-2.1ubuntu5.20.04.4 isc-dhcp-server - 4.4.1-2.1ubuntu5.20.04.4 isc-dhcp-server-ldap - 4.4.1-2.1ubuntu5.20.04.4 No subscription required Medium CVE-2022-2928 CVE-2022-2929 Ubuntu 20.04 LTS Stephane Chauveau discovered that kitty incorrectly handled image filenames with special characters in error messages. A remote attacker could possibly use this to execute arbitrary commands. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-35605) Carter Sande discovered that kitty incorrectly handled escape sequences in desktop notifications. A remote attacker could possibly use this to execute arbitrary commands. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-41322) Update Instructions: Run `sudo pro fix USN-5659-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: kitty-terminfo - 0.15.0-1ubuntu0.2 kitty - 0.15.0-1ubuntu0.2 kitty-doc - 0.15.0-1ubuntu0.2 No subscription required Medium CVE-2020-35605 CVE-2022-41322 Ubuntu 20.04 LTS It was discovered that LibreOffice incorrectly validated macro signatures. If a user were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary macros. (CVE-2022-26305) It was discovered that Libreoffice incorrectly handled encrypting the master key provided by the user for storing passwords for web connections. A local attacker could possibly use this issue to obtain access to passwords stored in the user's configuration data. (CVE-2022-26306, CVE-2022-26307) Update Instructions: Run `sudo pro fix USN-5661-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.5 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.5 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.5 python3-uno - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.5 libreoffice - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.5 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.5 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.5 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.5 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.5 libridl-java - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.5 python3-access2base - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.5 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.5 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.5 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.5 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.5 libunoil-java - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.5 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.5 libjurt-java - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.5 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.5 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.5 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.5 ure - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.5 libjuh-java - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.5 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.5 No subscription required Medium CVE-2022-26305 CVE-2022-26306 CVE-2022-26307 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, obtain sensitive information, spoof the contents of the addressbar, bypass security restrictions, or execute arbitrary code. (CVE-2022-2505, CVE-2022-36318, CVE-2022-36319, CVE-2022-38472, CVE-2022-38473, CVE-2022-38476 CVE-2022-38477, CVE-2022-38478) Multiple security issues were discovered in Thunderbird. An attacker could potentially exploit these in order to determine when a user opens a specially crafted message. (CVE-2022-3032, CVE-2022-3034) It was discovered that Thunderbird did not correctly handle HTML messages that contain a meta tag in some circumstances. If a user were tricked into replying to a specially crafted message, an attacker could potentially exploit this to obtain sensitive information. (CVE-2022-3033) A security issue was discovered with the Matrix SDK in Thunderbird. An attacker sharing a room with a user could potentially exploit this to cause a denial of service. (CVE-2022-36059) Update Instructions: Run `sudo pro fix USN-5663-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.2.2+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.2.2+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.2.2+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.2.2+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-2505 CVE-2022-3032 CVE-2022-3033 CVE-2022-3034 CVE-2022-36059 CVE-2022-36318 CVE-2022-36319 CVE-2022-38472 CVE-2022-38473 CVE-2022-38476 CVE-2022-38477 CVE-2022-38478 Ubuntu 20.04 LTS Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1882) Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation (eIBRS) did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information. (CVE-2022-26373) Eric Biggers discovered that a use-after-free vulnerability existed in the io_uring subsystem in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3176) It was discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36879) Jann Horn discovered that the KVM subsystem in the Linux kernel did not properly handle TLB flush operations in some situations. A local attacker in a guest VM could use this to cause a denial of service (guest crash) or possibly execute arbitrary code in the guest kernel. (CVE-2022-39189) Update Instructions: Run `sudo pro fix USN-5667-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-headers-5.15.0-1021 - 5.15.0-1021.25~20.04.1 linux-image-unsigned-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-buildinfo-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-tools-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-modules-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1021 - 5.15.0-1021.25~20.04.1 linux-modules-extra-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-image-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-aws-5.15-tools-5.15.0-1021 - 5.15.0-1021.25~20.04.1 linux-cloud-tools-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-headers-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 No subscription required linux-tools-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-buildinfo-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-image-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-modules-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-headers-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-azure-5.15-headers-5.15.0-1021 - 5.15.0-1021.26~20.04.1 linux-modules-extra-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-cloud-tools-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1021 - 5.15.0-1021.26~20.04.1 linux-image-unsigned-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-azure-5.15-tools-5.15.0-1021 - 5.15.0-1021.26~20.04.1 No subscription required linux-headers-5.15.0-50-generic-64k - 5.15.0-50.56~20.04.1 linux-image-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-tools-5.15.0-50-generic-64k - 5.15.0-50.56~20.04.1 linux-tools-5.15.0-50-generic-lpae - 5.15.0-50.56~20.04.1 linux-tools-5.15.0-50-lowlatency-64k - 5.15.0-50.56~20.04.1 linux-buildinfo-5.15.0-50-lowlatency-64k - 5.15.0-50.56~20.04.1 linux-hwe-5.15-tools-5.15.0-50 - 5.15.0-50.56~20.04.1 linux-image-unsigned-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-50.56~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-50.56~20.04.1 linux-modules-5.15.0-50-lowlatency-64k - 5.15.0-50.56~20.04.1 linux-modules-5.15.0-50-generic-lpae - 5.15.0-50.56~20.04.1 linux-image-5.15.0-50-lowlatency-64k - 5.15.0-50.56~20.04.1 linux-modules-iwlwifi-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-50.56~20.04.1 linux-buildinfo-5.15.0-50-generic-64k - 5.15.0-50.56~20.04.1 linux-image-5.15.0-50-generic-lpae - 5.15.0-50.56~20.04.1 linux-modules-iwlwifi-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-cloud-tools-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-headers-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-image-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-modules-extra-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-modules-5.15.0-50-generic-64k - 5.15.0-50.56~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-50.56~20.04.1 linux-buildinfo-5.15.0-50-generic-lpae - 5.15.0-50.56~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-50 - 5.15.0-50.56~20.04.1 linux-headers-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-image-unsigned-5.15.0-50-lowlatency-64k - 5.15.0-50.56~20.04.1 linux-tools-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-headers-5.15.0-50-generic-lpae - 5.15.0-50.56~20.04.1 linux-tools-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-buildinfo-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-50 - 5.15.0-50.56~20.04.1 linux-image-5.15.0-50-generic-64k - 5.15.0-50.56~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-50 - 5.15.0-50.56~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-50.56~20.04.1 linux-modules-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-50 - 5.15.0-50.56~20.04.1 linux-image-unsigned-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-50.56~20.04.1 linux-cloud-tools-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-image-unsigned-5.15.0-50-generic-64k - 5.15.0-50.56~20.04.1 linux-headers-5.15.0-50-lowlatency-64k - 5.15.0-50.56~20.04.1 linux-hwe-5.15-headers-5.15.0-50 - 5.15.0-50.56~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-50.56~20.04.1 linux-buildinfo-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-modules-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 No subscription required linux-headers-aws - 5.15.0.1021.25~20.04.13 linux-image-aws - 5.15.0.1021.25~20.04.13 linux-modules-extra-aws-edge - 5.15.0.1021.25~20.04.13 linux-image-aws-edge - 5.15.0.1021.25~20.04.13 linux-aws-edge - 5.15.0.1021.25~20.04.13 linux-aws - 5.15.0.1021.25~20.04.13 linux-headers-aws-edge - 5.15.0.1021.25~20.04.13 linux-modules-extra-aws - 5.15.0.1021.25~20.04.13 linux-tools-aws - 5.15.0.1021.25~20.04.13 linux-tools-aws-edge - 5.15.0.1021.25~20.04.13 No subscription required linux-tools-azure-edge - 5.15.0.1021.26~20.04.14 linux-cloud-tools-azure - 5.15.0.1021.26~20.04.14 linux-tools-azure - 5.15.0.1021.26~20.04.14 linux-image-azure-edge - 5.15.0.1021.26~20.04.14 linux-cloud-tools-azure-edge - 5.15.0.1021.26~20.04.14 linux-modules-extra-azure - 5.15.0.1021.26~20.04.14 linux-azure - 5.15.0.1021.26~20.04.14 linux-image-azure - 5.15.0.1021.26~20.04.14 linux-headers-azure-edge - 5.15.0.1021.26~20.04.14 linux-azure-edge - 5.15.0.1021.26~20.04.14 linux-modules-extra-azure-edge - 5.15.0.1021.26~20.04.14 linux-headers-azure - 5.15.0.1021.26~20.04.14 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-headers-lowlatency-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-image-lowlatency-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-lowlatency-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-lowlatency-64k-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-tools-lowlatency-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-lowlatency-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.17 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-image-virtual-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-headers-virtual-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-headers-generic-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-image-virtual-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-image-extra-virtual-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-virtual-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-headers-generic-64k-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-generic-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-generic-lpae-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-virtual-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-tools-generic-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-generic-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-headers-generic-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-generic-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-generic-lpae-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-tools-generic-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-image-generic-lpae-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-tools-virtual-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-image-generic-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-tools-generic-64k-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-tools-virtual-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-image-generic-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-generic-64k-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-image-generic-64k-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-headers-virtual-hwe-20.04 - 5.15.0.50.56~20.04.19 No subscription required High CVE-2022-1882 CVE-2022-26373 CVE-2022-3176 CVE-2022-36879 CVE-2022-39189 Ubuntu 20.04 LTS It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4159) It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 (V4L2) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20369) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation (eIBRS) did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information. (CVE-2022-26373) Eric Biggers discovered that a use-after-free vulnerability existed in the io_uring subsystem in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3176) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36879) Update Instructions: Run `sudo pro fix USN-5668-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1034 - 5.4.0-1034.38 linux-modules-extra-5.4.0-1034-ibm - 5.4.0-1034.38 linux-headers-5.4.0-1034-ibm - 5.4.0-1034.38 linux-modules-5.4.0-1034-ibm - 5.4.0-1034.38 linux-tools-5.4.0-1034-ibm - 5.4.0-1034.38 linux-ibm-tools-5.4.0-1034 - 5.4.0-1034.38 linux-image-5.4.0-1034-ibm - 5.4.0-1034.38 linux-ibm-source-5.4.0 - 5.4.0-1034.38 linux-ibm-cloud-tools-common - 5.4.0-1034.38 linux-ibm-tools-common - 5.4.0-1034.38 linux-buildinfo-5.4.0-1034-ibm - 5.4.0-1034.38 linux-image-unsigned-5.4.0-1034-ibm - 5.4.0-1034.38 No subscription required linux-bluefield-tools-5.4.0-1047 - 5.4.0-1047.52 linux-image-5.4.0-1047-bluefield - 5.4.0-1047.52 linux-image-unsigned-5.4.0-1047-bluefield - 5.4.0-1047.52 linux-bluefield-headers-5.4.0-1047 - 5.4.0-1047.52 linux-headers-5.4.0-1047-bluefield - 5.4.0-1047.52 linux-modules-5.4.0-1047-bluefield - 5.4.0-1047.52 linux-tools-5.4.0-1047-bluefield - 5.4.0-1047.52 linux-buildinfo-5.4.0-1047-bluefield - 5.4.0-1047.52 No subscription required linux-image-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-buildinfo-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-gkeop-tools-5.4.0-1054 - 5.4.0-1054.57 linux-tools-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-gkeop-source-5.4.0 - 5.4.0-1054.57 linux-modules-extra-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-cloud-tools-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-image-unsigned-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-gkeop-cloud-tools-5.4.0-1054 - 5.4.0-1054.57 linux-modules-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-headers-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-gkeop-headers-5.4.0-1054 - 5.4.0-1054.57 No subscription required linux-headers-5.4.0-1076-kvm - 5.4.0-1076.81 linux-buildinfo-5.4.0-1076-kvm - 5.4.0-1076.81 linux-kvm-headers-5.4.0-1076 - 5.4.0-1076.81 linux-kvm-tools-5.4.0-1076 - 5.4.0-1076.81 linux-tools-5.4.0-1076-kvm - 5.4.0-1076.81 linux-image-unsigned-5.4.0-1076-kvm - 5.4.0-1076.81 linux-image-5.4.0-1076-kvm - 5.4.0-1076.81 linux-modules-5.4.0-1076-kvm - 5.4.0-1076.81 No subscription required linux-image-unsigned-5.4.0-1084-gke - 5.4.0-1084.90 linux-modules-5.4.0-1084-gke - 5.4.0-1084.90 linux-headers-5.4.0-1084-gke - 5.4.0-1084.90 linux-modules-extra-5.4.0-1084-gke - 5.4.0-1084.90 linux-image-5.4.0-1084-gke - 5.4.0-1084.90 linux-buildinfo-5.4.0-1084-gke - 5.4.0-1084.90 linux-gke-headers-5.4.0-1084 - 5.4.0-1084.90 linux-tools-5.4.0-1084-gke - 5.4.0-1084.90 linux-gke-tools-5.4.0-1084 - 5.4.0-1084.90 No subscription required linux-modules-5.4.0-1084-oracle - 5.4.0-1084.92 linux-headers-5.4.0-1084-oracle - 5.4.0-1084.92 linux-modules-extra-5.4.0-1084-oracle - 5.4.0-1084.92 linux-image-5.4.0-1084-oracle - 5.4.0-1084.92 linux-buildinfo-5.4.0-1084-oracle - 5.4.0-1084.92 linux-oracle-tools-5.4.0-1084 - 5.4.0-1084.92 linux-oracle-headers-5.4.0-1084 - 5.4.0-1084.92 linux-tools-5.4.0-1084-oracle - 5.4.0-1084.92 linux-image-unsigned-5.4.0-1084-oracle - 5.4.0-1084.92 No subscription required linux-aws-cloud-tools-5.4.0-1086 - 5.4.0-1086.93 linux-image-unsigned-5.4.0-1086-aws - 5.4.0-1086.93 linux-modules-5.4.0-1086-aws - 5.4.0-1086.93 linux-tools-5.4.0-1086-aws - 5.4.0-1086.93 linux-aws-headers-5.4.0-1086 - 5.4.0-1086.93 linux-cloud-tools-5.4.0-1086-aws - 5.4.0-1086.93 linux-image-5.4.0-1086-aws - 5.4.0-1086.93 linux-headers-5.4.0-1086-aws - 5.4.0-1086.93 linux-aws-tools-5.4.0-1086 - 5.4.0-1086.93 linux-buildinfo-5.4.0-1086-aws - 5.4.0-1086.93 linux-modules-extra-5.4.0-1086-aws - 5.4.0-1086.93 No subscription required linux-tools-common - 5.4.0-128.144 linux-headers-5.4.0-128-generic - 5.4.0-128.144 linux-headers-5.4.0-128 - 5.4.0-128.144 linux-image-5.4.0-128-generic-lpae - 5.4.0-128.144 linux-tools-host - 5.4.0-128.144 linux-image-5.4.0-128-generic - 5.4.0-128.144 linux-doc - 5.4.0-128.144 linux-image-5.4.0-128-lowlatency - 5.4.0-128.144 linux-buildinfo-5.4.0-128-lowlatency - 5.4.0-128.144 linux-cloud-tools-5.4.0-128 - 5.4.0-128.144 linux-tools-5.4.0-128 - 5.4.0-128.144 linux-buildinfo-5.4.0-128-generic - 5.4.0-128.144 linux-libc-dev - 5.4.0-128.144 linux-source-5.4.0 - 5.4.0-128.144 linux-headers-5.4.0-128-lowlatency - 5.4.0-128.144 linux-image-unsigned-5.4.0-128-generic - 5.4.0-128.144 linux-headers-5.4.0-128-generic-lpae - 5.4.0-128.144 linux-modules-5.4.0-128-generic-lpae - 5.4.0-128.144 linux-buildinfo-5.4.0-128-generic-lpae - 5.4.0-128.144 linux-image-unsigned-5.4.0-128-lowlatency - 5.4.0-128.144 linux-modules-5.4.0-128-lowlatency - 5.4.0-128.144 linux-cloud-tools-5.4.0-128-generic - 5.4.0-128.144 linux-cloud-tools-common - 5.4.0-128.144 linux-tools-5.4.0-128-generic - 5.4.0-128.144 linux-cloud-tools-5.4.0-128-lowlatency - 5.4.0-128.144 linux-tools-5.4.0-128-lowlatency - 5.4.0-128.144 linux-tools-5.4.0-128-generic-lpae - 5.4.0-128.144 linux-modules-5.4.0-128-generic - 5.4.0-128.144 linux-modules-extra-5.4.0-128-generic - 5.4.0-128.144 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1034.63 linux-image-ibm - 5.4.0.1034.63 linux-headers-ibm-lts-20.04 - 5.4.0.1034.63 linux-tools-ibm - 5.4.0.1034.63 linux-ibm-lts-20.04 - 5.4.0.1034.63 linux-image-ibm-lts-20.04 - 5.4.0.1034.63 linux-modules-extra-ibm - 5.4.0.1034.63 linux-ibm - 5.4.0.1034.63 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1034.63 linux-headers-ibm - 5.4.0.1034.63 No subscription required linux-headers-bluefield - 5.4.0.1047.46 linux-image-bluefield - 5.4.0.1047.46 linux-tools-bluefield - 5.4.0.1047.46 linux-bluefield - 5.4.0.1047.46 No subscription required linux-headers-gkeop - 5.4.0.1054.55 linux-cloud-tools-gkeop-5.4 - 5.4.0.1054.55 linux-image-gkeop - 5.4.0.1054.55 linux-modules-extra-gkeop-5.4 - 5.4.0.1054.55 linux-gkeop-5.4 - 5.4.0.1054.55 linux-image-gkeop-5.4 - 5.4.0.1054.55 linux-headers-gkeop-5.4 - 5.4.0.1054.55 linux-gkeop - 5.4.0.1054.55 linux-cloud-tools-gkeop - 5.4.0.1054.55 linux-modules-extra-gkeop - 5.4.0.1054.55 linux-tools-gkeop - 5.4.0.1054.55 linux-tools-gkeop-5.4 - 5.4.0.1054.55 No subscription required linux-kvm - 5.4.0.1076.73 linux-headers-kvm - 5.4.0.1076.73 linux-image-kvm - 5.4.0.1076.73 linux-tools-kvm - 5.4.0.1076.73 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1084.81 linux-headers-oracle-lts-20.04 - 5.4.0.1084.81 linux-oracle-lts-20.04 - 5.4.0.1084.81 linux-image-oracle-lts-20.04 - 5.4.0.1084.81 No subscription required linux-modules-extra-gke - 5.4.0.1084.92 linux-headers-gke-5.4 - 5.4.0.1084.92 linux-tools-gke-5.4 - 5.4.0.1084.92 linux-modules-extra-gke-5.4 - 5.4.0.1084.92 linux-gke-5.4 - 5.4.0.1084.92 linux-tools-gke - 5.4.0.1084.92 linux-gke - 5.4.0.1084.92 linux-image-gke - 5.4.0.1084.92 linux-headers-gke - 5.4.0.1084.92 linux-image-gke-5.4 - 5.4.0.1084.92 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1086.86 linux-headers-aws-lts-20.04 - 5.4.0.1086.86 linux-tools-aws-lts-20.04 - 5.4.0.1086.86 linux-modules-extra-aws-lts-20.04 - 5.4.0.1086.86 linux-aws-lts-20.04 - 5.4.0.1086.86 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.128.129 linux-cloud-tools-virtual - 5.4.0.128.129 linux-image-generic-hwe-18.04 - 5.4.0.128.129 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.128.129 linux-headers-generic-lpae - 5.4.0.128.129 linux-oem-osp1-tools-host - 5.4.0.128.129 linux-image-generic - 5.4.0.128.129 linux-tools-lowlatency - 5.4.0.128.129 linux-virtual-hwe-18.04-edge - 5.4.0.128.129 linux-image-oem - 5.4.0.128.129 linux-tools-virtual-hwe-18.04 - 5.4.0.128.129 linux-oem-osp1 - 5.4.0.128.129 linux-headers-lowlatency-hwe-18.04 - 5.4.0.128.129 linux-lowlatency-hwe-18.04-edge - 5.4.0.128.129 linux-oem - 5.4.0.128.129 linux-image-oem-osp1 - 5.4.0.128.129 linux-image-generic-lpae-hwe-18.04 - 5.4.0.128.129 linux-crashdump - 5.4.0.128.129 linux-tools-lowlatency-hwe-18.04 - 5.4.0.128.129 linux-headers-generic-hwe-18.04 - 5.4.0.128.129 linux-headers-virtual-hwe-18.04-edge - 5.4.0.128.129 linux-source - 5.4.0.128.129 linux-lowlatency - 5.4.0.128.129 linux-tools-virtual-hwe-18.04-edge - 5.4.0.128.129 linux-cloud-tools-generic - 5.4.0.128.129 linux-virtual - 5.4.0.128.129 linux-headers-virtual-hwe-18.04 - 5.4.0.128.129 linux-tools-generic-lpae - 5.4.0.128.129 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.128.129 linux-tools-virtual - 5.4.0.128.129 linux-generic-lpae-hwe-18.04-edge - 5.4.0.128.129 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.128.129 linux-generic-lpae - 5.4.0.128.129 linux-headers-oem - 5.4.0.128.129 linux-image-extra-virtual-hwe-18.04 - 5.4.0.128.129 linux-generic - 5.4.0.128.129 linux-tools-oem-osp1 - 5.4.0.128.129 linux-image-virtual - 5.4.0.128.129 linux-tools-generic-hwe-18.04-edge - 5.4.0.128.129 linux-tools-generic - 5.4.0.128.129 linux-image-virtual-hwe-18.04 - 5.4.0.128.129 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.128.129 linux-oem-tools-host - 5.4.0.128.129 linux-headers-lowlatency - 5.4.0.128.129 linux-image-generic-hwe-18.04-edge - 5.4.0.128.129 linux-generic-hwe-18.04-edge - 5.4.0.128.129 linux-tools-generic-hwe-18.04 - 5.4.0.128.129 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.128.129 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.128.129 linux-image-extra-virtual - 5.4.0.128.129 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.128.129 linux-headers-oem-osp1 - 5.4.0.128.129 linux-cloud-tools-lowlatency - 5.4.0.128.129 linux-tools-oem - 5.4.0.128.129 linux-virtual-hwe-18.04 - 5.4.0.128.129 linux-generic-lpae-hwe-18.04 - 5.4.0.128.129 linux-headers-generic-hwe-18.04-edge - 5.4.0.128.129 linux-headers-generic - 5.4.0.128.129 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.128.129 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.128.129 linux-image-lowlatency-hwe-18.04 - 5.4.0.128.129 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.128.129 linux-headers-virtual - 5.4.0.128.129 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.128.129 linux-lowlatency-hwe-18.04 - 5.4.0.128.129 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.128.129 linux-generic-hwe-18.04 - 5.4.0.128.129 linux-image-generic-lpae - 5.4.0.128.129 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.128.129 linux-image-virtual-hwe-18.04-edge - 5.4.0.128.129 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.128.129 linux-image-lowlatency - 5.4.0.128.129 No subscription required Medium CVE-2021-4159 CVE-2022-20369 CVE-2022-2318 CVE-2022-26365 CVE-2022-26373 CVE-2022-3176 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33744 CVE-2022-36879 Ubuntu 20.04 LTS It was discovered that GMP did not properly manage memory on 32-bit platforms when processing a specially crafted input. An attacker could possibly use this issue to cause applications using GMP to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5672-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgmp10-doc - 2:6.2.0+dfsg-4ubuntu0.1 libgmpxx4ldbl - 2:6.2.0+dfsg-4ubuntu0.1 libgmp3-dev - 2:6.2.0+dfsg-4ubuntu0.1 libgmp10 - 2:6.2.0+dfsg-4ubuntu0.1 libgmp-dev - 2:6.2.0+dfsg-4ubuntu0.1 No subscription required Low CVE-2021-43618 Ubuntu 20.04 LTS It was discovered that unzip did not properly handle unicode strings under certain circumstances. If a user were tricked into opening a specially crafted zip file, an attacker could possibly use this issue to cause unzip to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-4217) It was discovered that unzip did not properly perform bounds checking while converting wide strings to local strings. If a user were tricked into opening a specially crafted zip file, an attacker could possibly use this issue to cause unzip to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-0529, CVE-2022-0530) Update Instructions: Run `sudo pro fix USN-5673-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: unzip - 6.0-25ubuntu1.1 No subscription required Medium CVE-2021-4217 CVE-2022-0529 CVE-2022-0530 https://launchpad.net/bugs/1957077 Ubuntu 20.04 LTS Isaac Boukris and Andrew Bartlett discovered that Heimdal's KDC was not properly performing checksum algorithm verifications in the S4U2Self extension module. An attacker could possibly use this issue to perform a machine-in-the-middle attack and request S4U2Self tickets for any user known by the application. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2018-16860) It was discovered that Heimdal was not properly handling the verification of key exchanges when an anonymous PKINIT was being used. An attacker could possibly use this issue to perform a machine-in-the-middle attack and expose sensitive information. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2019-12098) Joseph Sutton discovered that Heimdal was not properly handling memory management operations when dealing with TGS-REQ tickets that were missing information. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-3671) Michał Kępień discovered that Heimdal was not properly handling logical conditions that related to memory management operations. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-3116) Update Instructions: Run `sudo pro fix USN-5675-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhcrypto4-heimdal - 7.7.0+dfsg-1ubuntu1.1 libwind0-heimdal - 7.7.0+dfsg-1ubuntu1.1 libroken18-heimdal - 7.7.0+dfsg-1ubuntu1.1 libgssapi3-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-kcm - 7.7.0+dfsg-1ubuntu1.1 libhdb9-heimdal - 7.7.0+dfsg-1ubuntu1.1 libasn1-8-heimdal - 7.7.0+dfsg-1ubuntu1.1 libsl0-heimdal - 7.7.0+dfsg-1ubuntu1.1 libkadm5clnt7-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-kdc - 7.7.0+dfsg-1ubuntu1.1 libkdc2-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-servers - 7.7.0+dfsg-1ubuntu1.1 libheimntlm0-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-docs - 7.7.0+dfsg-1ubuntu1.1 libheimbase1-heimdal - 7.7.0+dfsg-1ubuntu1.1 libkrb5-26-heimdal - 7.7.0+dfsg-1ubuntu1.1 libotp0-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-dev - 7.7.0+dfsg-1ubuntu1.1 libkafs0-heimdal - 7.7.0+dfsg-1ubuntu1.1 libhx509-5-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-multidev - 7.7.0+dfsg-1ubuntu1.1 libkadm5srv8-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-clients - 7.7.0+dfsg-1ubuntu1.1 No subscription required Medium CVE-2018-16860 CVE-2019-12098 CVE-2021-3671 CVE-2022-3116 Ubuntu 20.04 LTS It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4159) It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 (V4L2) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20369) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation (eIBRS) did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information. (CVE-2022-26373) Eric Biggers discovered that a use-after-free vulnerability existed in the io_uring subsystem in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3176) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36879) Update Instructions: Run `sudo pro fix USN-5677-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1071-raspi - 5.4.0-1071.81 linux-image-5.4.0-1071-raspi - 5.4.0-1071.81 linux-modules-5.4.0-1071-raspi - 5.4.0-1071.81 linux-raspi-tools-5.4.0-1071 - 5.4.0-1071.81 linux-raspi-headers-5.4.0-1071 - 5.4.0-1071.81 linux-buildinfo-5.4.0-1071-raspi - 5.4.0-1071.81 linux-tools-5.4.0-1071-raspi - 5.4.0-1071.81 No subscription required linux-modules-extra-5.4.0-1090-gcp - 5.4.0-1090.98 linux-image-unsigned-5.4.0-1090-gcp - 5.4.0-1090.98 linux-tools-5.4.0-1090-gcp - 5.4.0-1090.98 linux-buildinfo-5.4.0-1090-gcp - 5.4.0-1090.98 linux-headers-5.4.0-1090-gcp - 5.4.0-1090.98 linux-image-5.4.0-1090-gcp - 5.4.0-1090.98 linux-modules-5.4.0-1090-gcp - 5.4.0-1090.98 linux-gcp-headers-5.4.0-1090 - 5.4.0-1090.98 linux-gcp-tools-5.4.0-1090 - 5.4.0-1090.98 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1071.104 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1071.104 linux-raspi-hwe-18.04-edge - 5.4.0.1071.104 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1071.104 linux-raspi-hwe-18.04 - 5.4.0.1071.104 linux-tools-raspi - 5.4.0.1071.104 linux-image-raspi - 5.4.0.1071.104 linux-tools-raspi2-hwe-18.04 - 5.4.0.1071.104 linux-raspi2-hwe-18.04 - 5.4.0.1071.104 linux-image-raspi-hwe-18.04-edge - 5.4.0.1071.104 linux-raspi2 - 5.4.0.1071.104 linux-headers-raspi2 - 5.4.0.1071.104 linux-tools-raspi2 - 5.4.0.1071.104 linux-headers-raspi2-hwe-18.04 - 5.4.0.1071.104 linux-image-raspi2 - 5.4.0.1071.104 linux-tools-raspi-hwe-18.04 - 5.4.0.1071.104 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1071.104 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1071.104 linux-image-raspi-hwe-18.04 - 5.4.0.1071.104 linux-raspi - 5.4.0.1071.104 linux-headers-raspi - 5.4.0.1071.104 linux-headers-raspi-hwe-18.04 - 5.4.0.1071.104 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1071.104 linux-image-raspi2-hwe-18.04 - 5.4.0.1071.104 No subscription required linux-headers-gcp-lts-20.04 - 5.4.0.1090.95 linux-image-gcp-lts-20.04 - 5.4.0.1090.95 linux-tools-gcp-lts-20.04 - 5.4.0.1090.95 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1090.95 linux-gcp-lts-20.04 - 5.4.0.1090.95 No subscription required Medium CVE-2021-4159 CVE-2022-20369 CVE-2022-2318 CVE-2022-26365 CVE-2022-26373 CVE-2022-3176 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33744 CVE-2022-36879 Ubuntu 20.04 LTS It was discovered that gThumb did not properly managed memory when processing certain image files. If a user were tricked into opening a specially crafted JPEG file, an attacker could possibly use this issue to cause gThumb to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-20326) It was discovered that gThumb did not properly handled certain malformed image files. If a user were tricked into opening a specially crafted JPEG file, an attacker could possibly use this issue to cause gThumb to crash, resulting in a denial of service. (CVE-2020-36427) Update Instructions: Run `sudo pro fix USN-5680-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gthumb-dev - 3:3.8.0-2.1ubuntu0.1 gthumb-data - 3:3.8.0-2.1ubuntu0.1 gthumb - 3:3.8.0-2.1ubuntu0.1 No subscription required Medium CVE-2019-20326 CVE-2020-36427 Ubuntu 20.04 LTS Cory Snider discovered that Git incorrectly handled certain symbolic links. An attacker could possibly use this issue to cause an unexpected behaviour. (CVE-2022-39253) Kevin Backhouse discovered that Git incorrectly handled certain command strings. An attacker could possibly use this issue to arbitrary code execution. (CVE-2022-39260) Update Instructions: Run `sudo pro fix USN-5686-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.6 gitweb - 1:2.25.1-1ubuntu3.6 git-gui - 1:2.25.1-1ubuntu3.6 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.6 git-el - 1:2.25.1-1ubuntu3.6 gitk - 1:2.25.1-1ubuntu3.6 git-all - 1:2.25.1-1ubuntu3.6 git-mediawiki - 1:2.25.1-1ubuntu3.6 git-daemon-run - 1:2.25.1-1ubuntu3.6 git-man - 1:2.25.1-1ubuntu3.6 git-doc - 1:2.25.1-1ubuntu3.6 git-svn - 1:2.25.1-1ubuntu3.6 git-cvs - 1:2.25.1-1ubuntu3.6 git-email - 1:2.25.1-1ubuntu3.6 No subscription required Medium CVE-2022-39253 CVE-2022-39260 Ubuntu 20.04 LTS It was discovered that an integer overflow could be triggered in Libksba when decoding certain data. An attacker could use this issue to cause a denial of service (application crash) or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5688-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libksba-mingw-w64-dev - 1.3.5-2ubuntu0.20.04.1 libksba8 - 1.3.5-2ubuntu0.20.04.1 libksba-dev - 1.3.5-2ubuntu0.20.04.1 No subscription required High CVE-2022-3515 Ubuntu 20.04 LTS It was discovered that Perl incorrectly handled certain signature verification. An remote attacker could possibly use this issue to bypass signature verification. Update Instructions: Run `sudo pro fix USN-5689-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: perl-modules-5.30 - 5.30.0-9ubuntu0.3 libperl-dev - 5.30.0-9ubuntu0.3 perl-doc - 5.30.0-9ubuntu0.3 perl - 5.30.0-9ubuntu0.3 perl-base - 5.30.0-9ubuntu0.3 libperl5.30 - 5.30.0-9ubuntu0.3 perl-debug - 5.30.0-9ubuntu0.3 No subscription required Medium CVE-2020-16156 Ubuntu 20.04 LTS David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2602) Sönke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41674) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42720) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly handle BSSID/SSID lists in some situations. A physically proximate attacker could use this to cause a denial of service (infinite loop). (CVE-2022-42721) Update Instructions: Run `sudo pro fix USN-5691-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1036-ibm - 5.4.0-1036.41 linux-modules-5.4.0-1036-ibm - 5.4.0-1036.41 linux-ibm-headers-5.4.0-1036 - 5.4.0-1036.41 linux-buildinfo-5.4.0-1036-ibm - 5.4.0-1036.41 linux-image-5.4.0-1036-ibm - 5.4.0-1036.41 linux-ibm-tools-common - 5.4.0-1036.41 linux-ibm-tools-5.4.0-1036 - 5.4.0-1036.41 linux-tools-5.4.0-1036-ibm - 5.4.0-1036.41 linux-modules-extra-5.4.0-1036-ibm - 5.4.0-1036.41 linux-ibm-source-5.4.0 - 5.4.0-1036.41 linux-ibm-cloud-tools-common - 5.4.0-1036.41 linux-headers-5.4.0-1036-ibm - 5.4.0-1036.41 No subscription required linux-headers-5.4.0-1049-bluefield - 5.4.0-1049.55 linux-buildinfo-5.4.0-1049-bluefield - 5.4.0-1049.55 linux-modules-5.4.0-1049-bluefield - 5.4.0-1049.55 linux-bluefield-tools-5.4.0-1049 - 5.4.0-1049.55 linux-tools-5.4.0-1049-bluefield - 5.4.0-1049.55 linux-bluefield-headers-5.4.0-1049 - 5.4.0-1049.55 linux-image-unsigned-5.4.0-1049-bluefield - 5.4.0-1049.55 linux-image-5.4.0-1049-bluefield - 5.4.0-1049.55 No subscription required linux-gkeop-cloud-tools-5.4.0-1056 - 5.4.0-1056.60 linux-gkeop-tools-5.4.0-1056 - 5.4.0-1056.60 linux-image-unsigned-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-headers-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-buildinfo-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-image-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-tools-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-modules-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-cloud-tools-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-modules-extra-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-gkeop-headers-5.4.0-1056 - 5.4.0-1056.60 linux-gkeop-source-5.4.0 - 5.4.0-1056.60 No subscription required linux-raspi-tools-5.4.0-1073 - 5.4.0-1073.84 linux-raspi-headers-5.4.0-1073 - 5.4.0-1073.84 linux-buildinfo-5.4.0-1073-raspi - 5.4.0-1073.84 linux-headers-5.4.0-1073-raspi - 5.4.0-1073.84 linux-image-5.4.0-1073-raspi - 5.4.0-1073.84 linux-modules-5.4.0-1073-raspi - 5.4.0-1073.84 linux-tools-5.4.0-1073-raspi - 5.4.0-1073.84 No subscription required linux-kvm-tools-5.4.0-1078 - 5.4.0-1078.84 linux-image-5.4.0-1078-kvm - 5.4.0-1078.84 linux-kvm-headers-5.4.0-1078 - 5.4.0-1078.84 linux-image-unsigned-5.4.0-1078-kvm - 5.4.0-1078.84 linux-headers-5.4.0-1078-kvm - 5.4.0-1078.84 linux-buildinfo-5.4.0-1078-kvm - 5.4.0-1078.84 linux-modules-5.4.0-1078-kvm - 5.4.0-1078.84 linux-tools-5.4.0-1078-kvm - 5.4.0-1078.84 No subscription required linux-image-5.4.0-1086-gke - 5.4.0-1086.93 linux-modules-extra-5.4.0-1086-gke - 5.4.0-1086.93 linux-tools-5.4.0-1086-gke - 5.4.0-1086.93 linux-gke-headers-5.4.0-1086 - 5.4.0-1086.93 linux-buildinfo-5.4.0-1086-gke - 5.4.0-1086.93 linux-headers-5.4.0-1086-gke - 5.4.0-1086.93 linux-gke-tools-5.4.0-1086 - 5.4.0-1086.93 linux-modules-5.4.0-1086-gke - 5.4.0-1086.93 linux-image-unsigned-5.4.0-1086-gke - 5.4.0-1086.93 No subscription required linux-image-5.4.0-1086-oracle - 5.4.0-1086.95 linux-tools-5.4.0-1086-oracle - 5.4.0-1086.95 linux-headers-5.4.0-1086-oracle - 5.4.0-1086.95 linux-image-unsigned-5.4.0-1086-oracle - 5.4.0-1086.95 linux-modules-5.4.0-1086-oracle - 5.4.0-1086.95 linux-oracle-headers-5.4.0-1086 - 5.4.0-1086.95 linux-buildinfo-5.4.0-1086-oracle - 5.4.0-1086.95 linux-oracle-tools-5.4.0-1086 - 5.4.0-1086.95 linux-modules-extra-5.4.0-1086-oracle - 5.4.0-1086.95 No subscription required linux-aws-cloud-tools-5.4.0-1088 - 5.4.0-1088.96 linux-aws-headers-5.4.0-1088 - 5.4.0-1088.96 linux-image-5.4.0-1088-aws - 5.4.0-1088.96 linux-headers-5.4.0-1088-aws - 5.4.0-1088.96 linux-modules-extra-5.4.0-1088-aws - 5.4.0-1088.96 linux-aws-tools-5.4.0-1088 - 5.4.0-1088.96 linux-image-unsigned-5.4.0-1088-aws - 5.4.0-1088.96 linux-tools-5.4.0-1088-aws - 5.4.0-1088.96 linux-modules-5.4.0-1088-aws - 5.4.0-1088.96 linux-buildinfo-5.4.0-1088-aws - 5.4.0-1088.96 linux-cloud-tools-5.4.0-1088-aws - 5.4.0-1088.96 No subscription required linux-gcp-headers-5.4.0-1092 - 5.4.0-1092.101 linux-modules-5.4.0-1092-gcp - 5.4.0-1092.101 linux-gcp-tools-5.4.0-1092 - 5.4.0-1092.101 linux-image-unsigned-5.4.0-1092-gcp - 5.4.0-1092.101 linux-image-5.4.0-1092-gcp - 5.4.0-1092.101 linux-buildinfo-5.4.0-1092-gcp - 5.4.0-1092.101 linux-modules-extra-5.4.0-1092-gcp - 5.4.0-1092.101 linux-headers-5.4.0-1092-gcp - 5.4.0-1092.101 linux-tools-5.4.0-1092-gcp - 5.4.0-1092.101 No subscription required linux-modules-5.4.0-1094-azure - 5.4.0-1094.100 linux-image-5.4.0-1094-azure - 5.4.0-1094.100 linux-tools-5.4.0-1094-azure - 5.4.0-1094.100 linux-modules-extra-5.4.0-1094-azure - 5.4.0-1094.100 linux-azure-cloud-tools-5.4.0-1094 - 5.4.0-1094.100 linux-azure-headers-5.4.0-1094 - 5.4.0-1094.100 linux-headers-5.4.0-1094-azure - 5.4.0-1094.100 linux-cloud-tools-5.4.0-1094-azure - 5.4.0-1094.100 linux-buildinfo-5.4.0-1094-azure - 5.4.0-1094.100 linux-azure-tools-5.4.0-1094 - 5.4.0-1094.100 linux-image-unsigned-5.4.0-1094-azure - 5.4.0-1094.100 No subscription required linux-tools-common - 5.4.0-131.147 linux-tools-host - 5.4.0-131.147 linux-image-5.4.0-131-lowlatency - 5.4.0-131.147 linux-modules-5.4.0-131-lowlatency - 5.4.0-131.147 linux-headers-5.4.0-131-lowlatency - 5.4.0-131.147 linux-tools-5.4.0-131-lowlatency - 5.4.0-131.147 linux-headers-5.4.0-131-generic-lpae - 5.4.0-131.147 linux-tools-5.4.0-131-generic - 5.4.0-131.147 linux-modules-5.4.0-131-generic-lpae - 5.4.0-131.147 linux-libc-dev - 5.4.0-131.147 linux-image-unsigned-5.4.0-131-generic - 5.4.0-131.147 linux-modules-extra-5.4.0-131-generic - 5.4.0-131.147 linux-buildinfo-5.4.0-131-generic-lpae - 5.4.0-131.147 linux-tools-5.4.0-131 - 5.4.0-131.147 linux-headers-5.4.0-131-generic - 5.4.0-131.147 linux-buildinfo-5.4.0-131-lowlatency - 5.4.0-131.147 linux-doc - 5.4.0-131.147 linux-image-5.4.0-131-generic-lpae - 5.4.0-131.147 linux-tools-5.4.0-131-generic-lpae - 5.4.0-131.147 linux-modules-5.4.0-131-generic - 5.4.0-131.147 linux-cloud-tools-5.4.0-131-lowlatency - 5.4.0-131.147 linux-image-5.4.0-131-generic - 5.4.0-131.147 linux-cloud-tools-common - 5.4.0-131.147 linux-buildinfo-5.4.0-131-generic - 5.4.0-131.147 linux-image-unsigned-5.4.0-131-lowlatency - 5.4.0-131.147 linux-source-5.4.0 - 5.4.0-131.147 linux-headers-5.4.0-131 - 5.4.0-131.147 linux-cloud-tools-5.4.0-131 - 5.4.0-131.147 linux-cloud-tools-5.4.0-131-generic - 5.4.0-131.147 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1036.64 linux-headers-ibm-lts-20.04 - 5.4.0.1036.64 linux-ibm - 5.4.0.1036.64 linux-ibm-lts-20.04 - 5.4.0.1036.64 linux-image-ibm-lts-20.04 - 5.4.0.1036.64 linux-image-ibm - 5.4.0.1036.64 linux-modules-extra-ibm - 5.4.0.1036.64 linux-headers-ibm - 5.4.0.1036.64 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1036.64 linux-tools-ibm - 5.4.0.1036.64 No subscription required linux-image-bluefield - 5.4.0.1049.47 linux-tools-bluefield - 5.4.0.1049.47 linux-bluefield - 5.4.0.1049.47 linux-headers-bluefield - 5.4.0.1049.47 No subscription required linux-headers-gkeop - 5.4.0.1056.56 linux-cloud-tools-gkeop-5.4 - 5.4.0.1056.56 linux-image-gkeop - 5.4.0.1056.56 linux-gkeop-5.4 - 5.4.0.1056.56 linux-headers-gkeop-5.4 - 5.4.0.1056.56 linux-image-gkeop-5.4 - 5.4.0.1056.56 linux-tools-gkeop - 5.4.0.1056.56 linux-gkeop - 5.4.0.1056.56 linux-cloud-tools-gkeop - 5.4.0.1056.56 linux-modules-extra-gkeop-5.4 - 5.4.0.1056.56 linux-modules-extra-gkeop - 5.4.0.1056.56 linux-tools-gkeop-5.4 - 5.4.0.1056.56 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1073.105 linux-image-raspi-hwe-18.04 - 5.4.0.1073.105 linux-image-raspi2-hwe-18.04 - 5.4.0.1073.105 linux-tools-raspi - 5.4.0.1073.105 linux-image-raspi - 5.4.0.1073.105 linux-headers-raspi-hwe-18.04 - 5.4.0.1073.105 linux-headers-raspi2-hwe-18.04 - 5.4.0.1073.105 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1073.105 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1073.105 linux-headers-raspi - 5.4.0.1073.105 linux-raspi2-hwe-18.04-edge - 5.4.0.1073.105 linux-image-raspi-hwe-18.04-edge - 5.4.0.1073.105 linux-raspi-hwe-18.04 - 5.4.0.1073.105 linux-tools-raspi2-hwe-18.04 - 5.4.0.1073.105 linux-raspi2-hwe-18.04 - 5.4.0.1073.105 linux-image-raspi2 - 5.4.0.1073.105 linux-tools-raspi-hwe-18.04 - 5.4.0.1073.105 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1073.105 linux-raspi-hwe-18.04-edge - 5.4.0.1073.105 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1073.105 linux-raspi2 - 5.4.0.1073.105 linux-tools-raspi2 - 5.4.0.1073.105 linux-raspi - 5.4.0.1073.105 linux-headers-raspi2 - 5.4.0.1073.105 No subscription required linux-kvm - 5.4.0.1078.74 linux-headers-kvm - 5.4.0.1078.74 linux-tools-kvm - 5.4.0.1078.74 linux-image-kvm - 5.4.0.1078.74 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1086.82 linux-headers-oracle-lts-20.04 - 5.4.0.1086.82 linux-oracle-lts-20.04 - 5.4.0.1086.82 linux-image-oracle-lts-20.04 - 5.4.0.1086.82 No subscription required linux-modules-extra-gke - 5.4.0.1086.93 linux-headers-gke-5.4 - 5.4.0.1086.93 linux-tools-gke-5.4 - 5.4.0.1086.93 linux-modules-extra-gke-5.4 - 5.4.0.1086.93 linux-gke-5.4 - 5.4.0.1086.93 linux-tools-gke - 5.4.0.1086.93 linux-gke - 5.4.0.1086.93 linux-headers-gke - 5.4.0.1086.93 linux-image-gke-5.4 - 5.4.0.1086.93 linux-image-gke - 5.4.0.1086.93 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1088.87 linux-tools-aws-lts-20.04 - 5.4.0.1088.87 linux-image-aws-lts-20.04 - 5.4.0.1088.87 linux-headers-aws-lts-20.04 - 5.4.0.1088.87 linux-aws-lts-20.04 - 5.4.0.1088.87 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1092.96 linux-gcp-lts-20.04 - 5.4.0.1092.96 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1092.96 linux-headers-gcp-lts-20.04 - 5.4.0.1092.96 linux-image-gcp-lts-20.04 - 5.4.0.1092.96 No subscription required linux-azure-lts-20.04 - 5.4.0.1094.90 linux-image-azure-lts-20.04 - 5.4.0.1094.90 linux-modules-extra-azure-lts-20.04 - 5.4.0.1094.90 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1094.90 linux-tools-azure-lts-20.04 - 5.4.0.1094.90 linux-headers-azure-lts-20.04 - 5.4.0.1094.90 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.131.131 linux-cloud-tools-virtual - 5.4.0.131.131 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.131.131 linux-headers-generic-lpae - 5.4.0.131.131 linux-headers-generic - 5.4.0.131.131 linux-oem-osp1-tools-host - 5.4.0.131.131 linux-tools-lowlatency - 5.4.0.131.131 linux-image-oem - 5.4.0.131.131 linux-tools-virtual-hwe-18.04 - 5.4.0.131.131 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.131.131 linux-image-lowlatency-hwe-18.04 - 5.4.0.131.131 linux-headers-lowlatency-hwe-18.04 - 5.4.0.131.131 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.131.131 linux-lowlatency-hwe-18.04-edge - 5.4.0.131.131 linux-image-extra-virtual-hwe-18.04 - 5.4.0.131.131 linux-oem - 5.4.0.131.131 linux-image-oem-osp1 - 5.4.0.131.131 linux-image-generic-hwe-18.04 - 5.4.0.131.131 linux-image-generic-lpae-hwe-18.04 - 5.4.0.131.131 linux-crashdump - 5.4.0.131.131 linux-generic-lpae-hwe-18.04-edge - 5.4.0.131.131 linux-tools-lowlatency-hwe-18.04 - 5.4.0.131.131 linux-headers-generic-hwe-18.04 - 5.4.0.131.131 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.131.131 linux-source - 5.4.0.131.131 linux-lowlatency - 5.4.0.131.131 linux-tools-virtual-hwe-18.04-edge - 5.4.0.131.131 linux-tools-generic-lpae - 5.4.0.131.131 linux-cloud-tools-generic - 5.4.0.131.131 linux-virtual - 5.4.0.131.131 linux-headers-virtual-hwe-18.04 - 5.4.0.131.131 linux-headers-virtual-hwe-18.04-edge - 5.4.0.131.131 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.131.131 linux-tools-virtual - 5.4.0.131.131 linux-tools-oem - 5.4.0.131.131 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.131.131 linux-generic-lpae - 5.4.0.131.131 linux-headers-oem - 5.4.0.131.131 linux-generic - 5.4.0.131.131 linux-tools-oem-osp1 - 5.4.0.131.131 linux-image-virtual - 5.4.0.131.131 linux-image-virtual-hwe-18.04 - 5.4.0.131.131 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.131.131 linux-oem-tools-host - 5.4.0.131.131 linux-headers-lowlatency - 5.4.0.131.131 linux-image-generic-hwe-18.04-edge - 5.4.0.131.131 linux-generic-hwe-18.04-edge - 5.4.0.131.131 linux-tools-generic-hwe-18.04-edge - 5.4.0.131.131 linux-image-extra-virtual - 5.4.0.131.131 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.131.131 linux-cloud-tools-lowlatency - 5.4.0.131.131 linux-headers-oem-osp1 - 5.4.0.131.131 linux-generic-lpae-hwe-18.04 - 5.4.0.131.131 linux-tools-generic - 5.4.0.131.131 linux-tools-generic-hwe-18.04 - 5.4.0.131.131 linux-headers-generic-hwe-18.04-edge - 5.4.0.131.131 linux-image-generic - 5.4.0.131.131 linux-oem-osp1 - 5.4.0.131.131 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.131.131 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.131.131 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.131.131 linux-virtual-hwe-18.04-edge - 5.4.0.131.131 linux-headers-virtual - 5.4.0.131.131 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.131.131 linux-virtual-hwe-18.04 - 5.4.0.131.131 linux-lowlatency-hwe-18.04 - 5.4.0.131.131 linux-generic-hwe-18.04 - 5.4.0.131.131 linux-image-generic-lpae - 5.4.0.131.131 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.131.131 linux-image-virtual-hwe-18.04-edge - 5.4.0.131.131 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.131.131 linux-image-lowlatency - 5.4.0.131.131 No subscription required High CVE-2022-2602 CVE-2022-41674 CVE-2022-42720 CVE-2022-42721 Ubuntu 20.04 LTS David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2602) Sönke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41674) Sönke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42719) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42720) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly handle BSSID/SSID lists in some situations. A physically proximate attacker could use this to cause a denial of service (infinite loop). (CVE-2022-42721) Sönke Huster discovered that the WiFi driver stack in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-42722) Update Instructions: Run `sudo pro fix USN-5692-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.14.0-1054-oem - 5.14.0-1054.61 linux-buildinfo-5.14.0-1054-oem - 5.14.0-1054.61 linux-headers-5.14.0-1054-oem - 5.14.0-1054.61 linux-modules-iwlwifi-5.14.0-1054-oem - 5.14.0-1054.61 linux-oem-5.14-tools-host - 5.14.0-1054.61 linux-image-5.14.0-1054-oem - 5.14.0-1054.61 linux-oem-5.14-headers-5.14.0-1054 - 5.14.0-1054.61 linux-modules-5.14.0-1054-oem - 5.14.0-1054.61 linux-tools-5.14.0-1054-oem - 5.14.0-1054.61 linux-oem-5.14-tools-5.14.0-1054 - 5.14.0-1054.61 No subscription required linux-headers-oem-20.04 - 5.14.0.1054.52 linux-image-oem-20.04b - 5.14.0.1054.52 linux-image-oem-20.04d - 5.14.0.1054.52 linux-tools-oem-20.04c - 5.14.0.1054.52 linux-tools-oem-20.04b - 5.14.0.1054.52 linux-tools-oem-20.04d - 5.14.0.1054.52 linux-image-oem-20.04c - 5.14.0.1054.52 linux-oem-20.04 - 5.14.0.1054.52 linux-image-oem-20.04 - 5.14.0.1054.52 linux-oem-20.04d - 5.14.0.1054.52 linux-oem-20.04c - 5.14.0.1054.52 linux-oem-20.04b - 5.14.0.1054.52 linux-tools-oem-20.04 - 5.14.0.1054.52 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1054.52 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1054.52 linux-headers-oem-20.04b - 5.14.0.1054.52 linux-headers-oem-20.04c - 5.14.0.1054.52 linux-headers-oem-20.04d - 5.14.0.1054.52 No subscription required linux-modules-extra-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-gke-5.15-headers-5.15.0-1019 - 5.15.0-1019.23~20.04.1 linux-gke-5.15-tools-5.15.0-1019 - 5.15.0-1019.23~20.04.1 linux-image-unsigned-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-buildinfo-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-tools-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-image-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-headers-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-modules-iwlwifi-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-modules-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 No subscription required linux-headers-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-modules-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-modules-extra-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-gcp-5.15-headers-5.15.0-1021 - 5.15.0-1021.28~20.04.1 linux-buildinfo-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-image-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-tools-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-gcp-5.15-tools-5.15.0-1021 - 5.15.0-1021.28~20.04.1 linux-modules-iwlwifi-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-image-unsigned-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 No subscription required linux-aws-5.15-headers-5.15.0-1022 - 5.15.0-1022.26~20.04.1 linux-modules-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-buildinfo-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1022 - 5.15.0-1022.26~20.04.1 linux-headers-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-tools-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-image-unsigned-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-cloud-tools-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-aws-5.15-tools-5.15.0-1022 - 5.15.0-1022.26~20.04.1 linux-image-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-modules-extra-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 No subscription required linux-cloud-tools-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-image-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-buildinfo-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-azure-5.15-headers-5.15.0-1022 - 5.15.0-1022.27~20.04.1 linux-modules-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-modules-extra-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-image-unsigned-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1022 - 5.15.0-1022.27~20.04.1 linux-headers-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-azure-5.15-tools-5.15.0-1022 - 5.15.0-1022.27~20.04.1 linux-tools-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 No subscription required linux-headers-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-image-5.15.0-52-generic-64k - 5.15.0-52.58~20.04.1 linux-image-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-modules-extra-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-cloud-tools-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-tools-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-tools-5.15.0-52-generic-64k - 5.15.0-52.58~20.04.1 linux-buildinfo-5.15.0-52-lowlatency-64k - 5.15.0-52.58~20.04.1 linux-headers-5.15.0-52-generic-64k - 5.15.0-52.58~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-52.58~20.04.1 linux-modules-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-hwe-5.15-tools-5.15.0-52 - 5.15.0-52.58~20.04.1 linux-modules-iwlwifi-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-modules-5.15.0-52-generic-lpae - 5.15.0-52.58~20.04.1 linux-buildinfo-5.15.0-52-generic-64k - 5.15.0-52.58~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-52.58~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-52.58~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-52.58~20.04.1 linux-image-unsigned-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-image-5.15.0-52-lowlatency-64k - 5.15.0-52.58~20.04.1 linux-buildinfo-5.15.0-52-generic-lpae - 5.15.0-52.58~20.04.1 linux-headers-5.15.0-52-lowlatency-64k - 5.15.0-52.58~20.04.1 linux-image-unsigned-5.15.0-52-generic-64k - 5.15.0-52.58~20.04.1 linux-headers-5.15.0-52-generic-lpae - 5.15.0-52.58~20.04.1 linux-modules-5.15.0-52-lowlatency-64k - 5.15.0-52.58~20.04.1 linux-buildinfo-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-52 - 5.15.0-52.58~20.04.1 linux-tools-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-modules-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-tools-5.15.0-52-lowlatency-64k - 5.15.0-52.58~20.04.1 linux-buildinfo-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-52 - 5.15.0-52.58~20.04.1 linux-modules-5.15.0-52-generic-64k - 5.15.0-52.58~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-52.58~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-52 - 5.15.0-52.58~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-52 - 5.15.0-52.58~20.04.1 linux-headers-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-image-5.15.0-52-generic-lpae - 5.15.0-52.58~20.04.1 linux-image-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-tools-5.15.0-52-generic-lpae - 5.15.0-52.58~20.04.1 linux-image-unsigned-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-image-unsigned-5.15.0-52-lowlatency-64k - 5.15.0-52.58~20.04.1 linux-modules-iwlwifi-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-52.58~20.04.1 linux-cloud-tools-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-hwe-5.15-headers-5.15.0-52 - 5.15.0-52.58~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-52.58~20.04.1 No subscription required linux-gke-5.15 - 5.15.0.1019.23~20.04.1 linux-tools-gke-5.15 - 5.15.0.1019.23~20.04.1 linux-headers-gke-edge - 5.15.0.1019.23~20.04.1 linux-image-gke-5.15 - 5.15.0.1019.23~20.04.1 linux-tools-gke-edge - 5.15.0.1019.23~20.04.1 linux-image-gke-edge - 5.15.0.1019.23~20.04.1 linux-gke-edge - 5.15.0.1019.23~20.04.1 linux-headers-gke-5.15 - 5.15.0.1019.23~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1021.28~20.04.1 linux-headers-gcp-edge - 5.15.0.1021.28~20.04.1 linux-tools-gcp - 5.15.0.1021.28~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1021.28~20.04.1 linux-gcp - 5.15.0.1021.28~20.04.1 linux-tools-gcp-edge - 5.15.0.1021.28~20.04.1 linux-headers-gcp - 5.15.0.1021.28~20.04.1 linux-image-gcp - 5.15.0.1021.28~20.04.1 linux-modules-extra-gcp - 5.15.0.1021.28~20.04.1 linux-gcp-edge - 5.15.0.1021.28~20.04.1 No subscription required linux-headers-aws - 5.15.0.1022.26~20.04.14 linux-image-aws - 5.15.0.1022.26~20.04.14 linux-modules-extra-aws-edge - 5.15.0.1022.26~20.04.14 linux-aws-edge - 5.15.0.1022.26~20.04.14 linux-aws - 5.15.0.1022.26~20.04.14 linux-headers-aws-edge - 5.15.0.1022.26~20.04.14 linux-modules-extra-aws - 5.15.0.1022.26~20.04.14 linux-tools-aws - 5.15.0.1022.26~20.04.14 linux-tools-aws-edge - 5.15.0.1022.26~20.04.14 linux-image-aws-edge - 5.15.0.1022.26~20.04.14 No subscription required linux-tools-azure-edge - 5.15.0.1022.27~20.04.15 linux-cloud-tools-azure - 5.15.0.1022.27~20.04.15 linux-tools-azure - 5.15.0.1022.27~20.04.15 linux-image-azure-edge - 5.15.0.1022.27~20.04.15 linux-cloud-tools-azure-edge - 5.15.0.1022.27~20.04.15 linux-modules-extra-azure - 5.15.0.1022.27~20.04.15 linux-image-azure - 5.15.0.1022.27~20.04.15 linux-headers-azure-edge - 5.15.0.1022.27~20.04.15 linux-azure-edge - 5.15.0.1022.27~20.04.15 linux-modules-extra-azure-edge - 5.15.0.1022.27~20.04.15 linux-azure - 5.15.0.1022.27~20.04.15 linux-headers-azure - 5.15.0.1022.27~20.04.15 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-headers-lowlatency-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-image-lowlatency-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-lowlatency-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-lowlatency-64k-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-tools-lowlatency-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-lowlatency-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.18 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-image-virtual-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-headers-virtual-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-headers-generic-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-image-virtual-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-tools-generic-64k-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-image-extra-virtual-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-virtual-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-headers-generic-64k-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-generic-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-generic-lpae-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-virtual-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-generic-lpae-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-tools-generic-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-generic-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-headers-generic-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-image-generic-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-tools-generic-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-image-generic-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-image-generic-lpae-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-tools-virtual-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-generic-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-tools-virtual-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-generic-64k-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-image-generic-64k-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-headers-virtual-hwe-20.04 - 5.15.0.52.58~20.04.20 No subscription required High CVE-2022-2602 CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 Ubuntu 20.04 LTS It was discovered that LibreOffice incorrectly handled links using the Office URI Schemes. If a user were tricked into opening a specially crafted document, a remote attacker could use this issue to execute arbitrary scripts. (CVE-2022-3140) Thomas Florian discovered that LibreOffice incorrectly handled crashes when an encrypted document is open. If the document is recovered upon restarting LibreOffice, subsequent saves of the document were unencrypted. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-12801) Jens Müller discovered that LibreOffice incorrectly handled certain documents containing forms. If a user were tricked into opening a specially crafted document, a remote attacker could overwrite arbitrary files when the form was submitted. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-12803) It was discovered that LibreOffice incorrectly validated macro signatures. If a user were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary macros. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-26305) It was discovered that Libreoffice incorrectly handled encrypting the master key provided by the user for storing passwords for web connections. A local attacker could possibly use this issue to obtain access to passwords stored in the user’s configuration data. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-26306, CVE-2022-26307) Update Instructions: Run `sudo pro fix USN-5694-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.6 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.6 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.6 libreoffice - 1:6.4.7-0ubuntu0.20.04.6 libjuh-java - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.6 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.6 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.6 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.6 libridl-java - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.6 python3-access2base - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.6 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.6 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.6 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.6 libunoil-java - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.6 python3-uno - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.6 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.6 libjurt-java - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.6 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.6 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.6 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.6 ure - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.6 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.6 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.6 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.6 No subscription required Medium CVE-2020-12801 CVE-2020-12803 CVE-2022-26305 CVE-2022-26306 CVE-2022-26307 CVE-2022-3140 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.31 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.40. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-40.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-31.html https://www.oracle.com/security-alerts/cpuoct2022.html Update Instructions: Run `sudo pro fix USN-5696-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.31-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.31-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.31-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.31-0ubuntu0.20.04.1 mysql-router - 8.0.31-0ubuntu0.20.04.1 mysql-server - 8.0.31-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.31-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.31-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.31-0ubuntu0.20.04.1 mysql-testsuite - 8.0.31-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.31-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.31-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-21589 CVE-2022-21592 CVE-2022-21594 CVE-2022-21599 CVE-2022-21604 CVE-2022-21608 CVE-2022-21611 CVE-2022-21617 CVE-2022-21625 CVE-2022-21632 CVE-2022-21633 CVE-2022-21637 CVE-2022-21640 CVE-2022-39400 CVE-2022-39408 CVE-2022-39410 Ubuntu 20.04 LTS Douglas Mendizabal discovered that Barbican incorrectly handled certain query strings. A remote attacker could possibly use this issue to bypass the access policy. Update Instructions: Run `sudo pro fix USN-5697-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: barbican-keystone-listener - 1:10.1.0-0ubuntu2.2 barbican-api - 1:10.1.0-0ubuntu2.2 barbican-worker - 1:10.1.0-0ubuntu2.2 barbican-common - 1:10.1.0-0ubuntu2.2 python3-barbican - 1:10.1.0-0ubuntu2.2 barbican-doc - 1:10.1.0-0ubuntu2.2 No subscription required Medium CVE-2022-3100 Ubuntu 20.04 LTS Robby Simpson discovered that curl incorrectly handled certain POST operations after PUT operations. This issue could cause applications using curl to send the wrong data, perform incorrect memory operations, or crash. (CVE-2022-32221) Hiroki Kurosawa discovered that curl incorrectly handled parsing .netrc files. If an attacker were able to provide a specially crafted .netrc file, this issue could cause curl to crash, resulting in a denial of service. This issue only affected Ubuntu 22.10. (CVE-2022-35260) It was discovered that curl incorrectly handled certain HTTP proxy return codes. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-42915) Hiroki Kurosawa discovered that curl incorrectly handled HSTS support when certain hostnames included IDN characters. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-42916) Update Instructions: Run `sudo pro fix USN-5702-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.14 libcurl4-openssl-dev - 7.68.0-1ubuntu2.14 libcurl3-gnutls - 7.68.0-1ubuntu2.14 libcurl4-doc - 7.68.0-1ubuntu2.14 libcurl3-nss - 7.68.0-1ubuntu2.14 libcurl4-nss-dev - 7.68.0-1ubuntu2.14 libcurl4 - 7.68.0-1ubuntu2.14 curl - 7.68.0-1ubuntu2.14 No subscription required Medium CVE-2022-32221 CVE-2022-35260 CVE-2022-42915 CVE-2022-42916 Ubuntu 20.04 LTS It was discovered that DBus incorrectly handled messages with invalid type signatures. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. (CVE-2022-42010) It was discovered that DBus was incorrectly validating the length of arrays of fixed-length items. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. (CVE-2022-42011) It was discovered that DBus incorrectly handled the body DBus message with attached file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. (CVE-2022-42012) Update Instructions: Run `sudo pro fix USN-5704-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dbus-1-doc - 1.12.16-2ubuntu2.3 dbus - 1.12.16-2ubuntu2.3 libdbus-1-dev - 1.12.16-2ubuntu2.3 dbus-user-session - 1.12.16-2ubuntu2.3 dbus-x11 - 1.12.16-2ubuntu2.3 dbus-tests - 1.12.16-2ubuntu2.3 libdbus-1-3 - 1.12.16-2ubuntu2.3 No subscription required Medium CVE-2022-42010 CVE-2022-42011 CVE-2022-42012 Ubuntu 20.04 LTS It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4159) It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 (V4L2) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20369) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation (eIBRS) did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information. (CVE-2022-26373) Eric Biggers discovered that a use-after-free vulnerability existed in the io_uring subsystem in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3176) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36879) Update Instructions: Run `sudo pro fix USN-5706-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1092-azure-fde - 5.4.0-1092.97+cvm1.1 linux-image-5.4.0-1092-azure-fde - 5.4.0-1092.97+cvm1.1 No subscription required linux-azure-fde - 5.4.0.1092.97+cvm1.32 linux-image-azure-fde - 5.4.0.1092.97+cvm1.32 linux-cloud-tools-azure-fde - 5.4.0.1092.97+cvm1.32 linux-modules-extra-azure-fde - 5.4.0.1092.97+cvm1.32 linux-tools-azure-fde - 5.4.0.1092.97+cvm1.32 linux-headers-azure-fde - 5.4.0.1092.97+cvm1.32 No subscription required Medium CVE-2021-4159 CVE-2022-20369 CVE-2022-2318 CVE-2022-26365 CVE-2022-26373 CVE-2022-3176 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33744 CVE-2022-36879 Ubuntu 20.04 LTS Sönke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41674) Sönke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42719) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42720) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly handle BSSID/SSID lists in some situations. A physically proximate attacker could use this to cause a denial of service (infinite loop). (CVE-2022-42721) Sönke Huster discovered that the WiFi driver stack in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A physically proximate attacker could use this to cause a denial of service (system crash). This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.10. (CVE-2022-42722) Update Instructions: Run `sudo pro fix USN-5708-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: backport-iwlwifi-dkms - 8324-0ubuntu3~20.04.5 No subscription required Medium CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 https://launchpad.net/bugs/1994525 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42930, CVE-2022-42932) It was discovered that Firefox saved usernames to a plaintext file. A local user could potentially exploit this to obtain sensitive information. (CVE-2022-42931) Update Instructions: Run `sudo pro fix USN-5709-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 106.0.2+build1-0ubuntu0.20.04.1 firefox - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 106.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 106.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 106.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 106.0.2+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-42927 CVE-2022-42928 CVE-2022-42929 CVE-2022-42930 CVE-2022-42931 CVE-2022-42932 Ubuntu 20.04 LTS USN-5709-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42930, CVE-2022-42932) It was discovered that Firefox saved usernames to a plaintext file. A local user could potentially exploit this to obtain sensitive information. (CVE-2022-42931) Update Instructions: Run `sudo pro fix USN-5709-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-nn - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ne - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-nb - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-fa - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-fi - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-fr - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-fy - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-or - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-kab - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-oc - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-cs - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ga - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-gd - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-gn - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-gl - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-gu - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-pa - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-pl - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-cy - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-pt - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-szl - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-hi - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ms - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-he - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-hy - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-hr - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-hu - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-as - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ar - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ia - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-az - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-id - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-mai - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-af - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-is - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-vi - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-an - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-bs - 106.0.5+build1-0ubuntu0.20.04.1 firefox - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ro - 106.0.5+build1-0ubuntu0.20.04.1 firefox-geckodriver - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ja - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ru - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-br - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-bn - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-be - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-bg - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-sl - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-sk - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-si - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-sw - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-sv - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-sr - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-sq - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ko - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-kn - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-km - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-kk - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ka - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-xh - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ca - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ku - 106.0.5+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-lv - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-lt - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-th - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 106.0.5+build1-0ubuntu0.20.04.1 firefox-dev - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-te - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-cak - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ta - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-lg - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-csb - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-tr - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-nso - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-de - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-da - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-uk - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-mr - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-my - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-uz - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ml - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-mn - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-mk - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ur - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-eu - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-et - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-es - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-it - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-el - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-eo - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-en - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-zu - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ast - 106.0.5+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1996178 Ubuntu 20.04 LTS Yuchen Zeng and Eduardo Vela discovered that NTFS-3G incorrectly validated certain NTFS metadata. A local attacker could possibly use this issue to gain privileges. Update Instructions: Run `sudo pro fix USN-5711-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ntfs-3g - 1:2017.3.23AR.3-3ubuntu1.3 libntfs-3g883 - 1:2017.3.23AR.3-3ubuntu1.3 ntfs-3g-dev - 1:2017.3.23AR.3-3ubuntu1.3 No subscription required Medium CVE-2022-40284 Ubuntu 20.04 LTS It was discovered that LibTIFF incorrectly handled certain memory operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. This issue only affected Ubuntu 22.10. (CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2953) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to allow for information disclosure or to cause the application to crash. This issue only affected to Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-2867, CVE-2022-2868, CVE-2022-2869) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffsplit. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to allow for information disclosure or to cause the application to crash. This issue only affected to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-34526) Chintan Shah discovered that LibTIFF incorrectly handled memory in certain conditions when using tiffcrop. An attacker could trick a user into processing a specially crafted image file and potentially use this issue to allow for information disclosure or to cause the application to crash. This issue only affected to Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3570) It was discovered that LibTIFF incorrectly handled memory in certain conditions when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff file and potentially use this issue to cause a denial of service. This issue only affected to Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3598) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to allow for information disclosure or to cause the application to crash. (CVE-2022-3599) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to allow for information disclosure or to cause the application to crash. This issue only affected to Ubuntu 22.10. (CVE-2022-3597, CVE-2022-3626, CVE-2022-3627) Update Instructions: Run `sudo pro fix USN-5714-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.6 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.6 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.6 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.6 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.6 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.6 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.6 No subscription required Medium CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 CVE-2022-2867 CVE-2022-2868 CVE-2022-2869 CVE-2022-2953 CVE-2022-34526 CVE-2022-3570 CVE-2022-3597 CVE-2022-3598 CVE-2022-3599 CVE-2022-3626 CVE-2022-3627 Ubuntu 20.04 LTS It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5715-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libraw-doc - 0.19.5-1ubuntu1.1 libraw-bin - 0.19.5-1ubuntu1.1 libraw19 - 0.19.5-1ubuntu1.1 libraw-dev - 0.19.5-1ubuntu1.1 No subscription required Medium CVE-2020-15503 CVE-2020-35530 CVE-2020-35531 CVE-2020-35532 CVE-2020-35533 Ubuntu 20.04 LTS It was discovered that SQLite incorrectly handled certain long string arguments. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5716-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.31.1-4ubuntu0.5 sqlite3-doc - 3.31.1-4ubuntu0.5 libsqlite3-0 - 3.31.1-4ubuntu0.5 libsqlite3-tcl - 3.31.1-4ubuntu0.5 sqlite3 - 3.31.1-4ubuntu0.5 libsqlite3-dev - 3.31.1-4ubuntu0.5 No subscription required Medium CVE-2022-35737 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-31628) It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to compromise the data (CVE-2022-31629) It was discovered that PHP incorrectly handled certain image fonts. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS. (CVE-2022-31630) Nicky Mouha discovered that PHP incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS. (CVE-2022-37454) Update Instructions: Run `sudo pro fix USN-5717-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.15 php7.4-readline - 7.4.3-4ubuntu2.15 php7.4-dba - 7.4.3-4ubuntu2.15 php7.4-common - 7.4.3-4ubuntu2.15 php7.4-xmlrpc - 7.4.3-4ubuntu2.15 php7.4-intl - 7.4.3-4ubuntu2.15 php7.4-phpdbg - 7.4.3-4ubuntu2.15 php7.4-ldap - 7.4.3-4ubuntu2.15 php7.4-soap - 7.4.3-4ubuntu2.15 php7.4-xsl - 7.4.3-4ubuntu2.15 php7.4-pgsql - 7.4.3-4ubuntu2.15 php7.4-pspell - 7.4.3-4ubuntu2.15 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.15 php7.4-zip - 7.4.3-4ubuntu2.15 php7.4-curl - 7.4.3-4ubuntu2.15 php7.4-odbc - 7.4.3-4ubuntu2.15 php7.4-json - 7.4.3-4ubuntu2.15 php7.4-mbstring - 7.4.3-4ubuntu2.15 php7.4-imap - 7.4.3-4ubuntu2.15 php7.4-bz2 - 7.4.3-4ubuntu2.15 php7.4-cgi - 7.4.3-4ubuntu2.15 php7.4 - 7.4.3-4ubuntu2.15 php7.4-bcmath - 7.4.3-4ubuntu2.15 php7.4-dev - 7.4.3-4ubuntu2.15 php7.4-interbase - 7.4.3-4ubuntu2.15 php7.4-tidy - 7.4.3-4ubuntu2.15 php7.4-gmp - 7.4.3-4ubuntu2.15 php7.4-sqlite3 - 7.4.3-4ubuntu2.15 php7.4-fpm - 7.4.3-4ubuntu2.15 php7.4-sybase - 7.4.3-4ubuntu2.15 php7.4-cli - 7.4.3-4ubuntu2.15 libphp7.4-embed - 7.4.3-4ubuntu2.15 php7.4-enchant - 7.4.3-4ubuntu2.15 php7.4-mysql - 7.4.3-4ubuntu2.15 php7.4-snmp - 7.4.3-4ubuntu2.15 php7.4-xml - 7.4.3-4ubuntu2.15 php7.4-opcache - 7.4.3-4ubuntu2.15 No subscription required Medium CVE-2022-31628 CVE-2022-31629 CVE-2022-31630 CVE-2022-37454 Ubuntu 20.04 LTS Maddie Stone discovered that pixman incorrectly handled certain memory operations. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5718-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpixman-1-0 - 0.38.4-0ubuntu2.1 libpixman-1-dev - 0.38.4-0ubuntu2.1 No subscription required Medium CVE-2022-44638 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly handled long client hostnames. An attacker could possibly use this issue to cause the corruption of sensitive information. (CVE-2022-21619) It was discovered that OpenJDK incorrectly randomized DNS port numbers. A remote attacker could possibly use this issue to perform spoofing attacks. (CVE-2022-21624) It was discovered that OpenJDK did not limit the number of connections accepted from HTTP clients. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21628) It was discovered that OpenJDK incorrectly handled X.509 certificates. An attacker could possibly use this issue to cause a denial of service. This issue only affected OpenJDK 8 and OpenJDK 11. (CVE-2022-21626) It was discovered that OpenJDK incorrectly handled cached server connections. An attacker could possibly use this issue to perform spoofing attacks. This issue only affected OpenJDK 11, OpenJDK 17 and OpenJDK 19. (CVE-2022-39399) It was discovered that OpenJDK incorrectly handled byte conversions. An attacker could possibly use this issue to obtain sensitive information. This issue only affected OpenJDK 11, OpenJDK 17 and OpenJDK 19. (CVE-2022-21618) Update Instructions: Run `sudo pro fix USN-5719-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-doc - 11.0.17+8-1ubuntu2~20.04 openjdk-11-jdk - 11.0.17+8-1ubuntu2~20.04 openjdk-11-source - 11.0.17+8-1ubuntu2~20.04 openjdk-11-jdk-headless - 11.0.17+8-1ubuntu2~20.04 openjdk-11-demo - 11.0.17+8-1ubuntu2~20.04 openjdk-11-jre-zero - 11.0.17+8-1ubuntu2~20.04 openjdk-11-jre-headless - 11.0.17+8-1ubuntu2~20.04 openjdk-11-jre - 11.0.17+8-1ubuntu2~20.04 No subscription required openjdk-17-jdk-headless - 17.0.5+8-2ubuntu1~20.04 openjdk-17-jre-headless - 17.0.5+8-2ubuntu1~20.04 openjdk-17-jre - 17.0.5+8-2ubuntu1~20.04 openjdk-17-jdk - 17.0.5+8-2ubuntu1~20.04 openjdk-17-jre-zero - 17.0.5+8-2ubuntu1~20.04 openjdk-17-source - 17.0.5+8-2ubuntu1~20.04 openjdk-17-demo - 17.0.5+8-2ubuntu1~20.04 openjdk-17-doc - 17.0.5+8-2ubuntu1~20.04 No subscription required openjdk-8-doc - 8u352-ga-1~20.04 openjdk-8-jre-headless - 8u352-ga-1~20.04 openjdk-8-jre - 8u352-ga-1~20.04 openjdk-8-demo - 8u352-ga-1~20.04 openjdk-8-jre-zero - 8u352-ga-1~20.04 openjdk-8-jdk - 8u352-ga-1~20.04 openjdk-8-source - 8u352-ga-1~20.04 openjdk-8-jdk-headless - 8u352-ga-1~20.04 No subscription required Medium CVE-2022-21619 CVE-2022-21624 CVE-2022-21626 CVE-2022-21628 CVE-2022-39399 CVE-2022-21618 Ubuntu 20.04 LTS It was discovered that nginx incorrectly handled certain memory operations in the ngx_http_mp4_module module. A local attacker could possibly use this issue with a specially crafted mp4 file to cause nginx to crash, stop responding, or access arbitrary memory. (CVE-2022-41741, CVE-2022-41742) Update Instructions: Run `sudo pro fix USN-5722-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnginx-mod-stream - 1.18.0-0ubuntu1.4 libnginx-mod-http-subs-filter - 1.18.0-0ubuntu1.4 nginx-doc - 1.18.0-0ubuntu1.4 libnginx-mod-mail - 1.18.0-0ubuntu1.4 libnginx-mod-http-image-filter - 1.18.0-0ubuntu1.4 libnginx-mod-http-echo - 1.18.0-0ubuntu1.4 libnginx-mod-nchan - 1.18.0-0ubuntu1.4 nginx-common - 1.18.0-0ubuntu1.4 libnginx-mod-http-fancyindex - 1.18.0-0ubuntu1.4 libnginx-mod-http-auth-pam - 1.18.0-0ubuntu1.4 nginx-light - 1.18.0-0ubuntu1.4 libnginx-mod-http-headers-more-filter - 1.18.0-0ubuntu1.4 nginx-extras - 1.18.0-0ubuntu1.4 libnginx-mod-http-upstream-fair - 1.18.0-0ubuntu1.4 libnginx-mod-http-xslt-filter - 1.18.0-0ubuntu1.4 libnginx-mod-http-lua - 1.18.0-0ubuntu1.4 libnginx-mod-http-perl - 1.18.0-0ubuntu1.4 nginx-core - 1.18.0-0ubuntu1.4 libnginx-mod-http-geoip - 1.18.0-0ubuntu1.4 libnginx-mod-http-dav-ext - 1.18.0-0ubuntu1.4 nginx - 1.18.0-0ubuntu1.4 libnginx-mod-http-ndk - 1.18.0-0ubuntu1.4 libnginx-mod-http-uploadprogress - 1.18.0-0ubuntu1.4 libnginx-mod-http-cache-purge - 1.18.0-0ubuntu1.4 nginx-full - 1.18.0-0ubuntu1.4 libnginx-mod-http-geoip2 - 1.18.0-0ubuntu1.4 libnginx-mod-rtmp - 1.18.0-0ubuntu1.4 No subscription required Medium CVE-2022-41741 CVE-2022-41742 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass Content Security Policy (CSP) or other security restrictions, or execute arbitrary code. These issues only affect Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-3266, CVE-2022-40956, CVE-2022-40957, CVE-2022-40958, CVE-2022-40959, CVE-2022-40960, CVE-2022-40962) Multiple security issues were discovered in the Matrix SDK bundled with Thunderbird. An attacker could potentially exploit these in order to impersonate another user. These issues only affect Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-39236, CVE-2022-39249, CVE-2022-39250, CVE-2022-39251) Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42932) Update Instructions: Run `sudo pro fix USN-5724-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.4.2+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.4.2+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.4.2+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.4.2+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-3266 CVE-2022-40956 CVE-2022-40957 CVE-2022-40958 CVE-2022-40959 CVE-2022-40960 CVE-2022-40962 CVE-2022-39236 CVE-2022-39249 CVE-2022-39250 CVE-2022-39251 CVE-2022-42927 CVE-2022-42928 CVE-2022-42929 CVE-2022-42932 Ubuntu 20.04 LTS Diederik Loerakker, Jonny Rhea, Raúl Kripalani, and Preston Van Loon discovered that Go incorrectly handled certain inputs. An attacker could possibly use this issue to cause Go applications to hang or crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5725-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.13-doc - 1.13.8-1ubuntu1.1 golang-1.13-src - 1.13.8-1ubuntu1.1 golang-1.13 - 1.13.8-1ubuntu1.1 golang-1.13-go - 1.13.8-1ubuntu1.1 No subscription required Low CVE-2020-16845 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the contents of the addressbar, bypass security restrictions, cross-site tracing or execute arbitrary code. (CVE-2022-45403, CVE-2022-45404, CVE-2022-45405, CVE-2022-45406, CVE-2022-45407, CVE-2022-45408, CVE-2022-45409, CVE-2022-45410, CVE-2022-45411, CVE-2022-45413, CVE-2022-40674, CVE-2022-45418, CVE-2022-45419, CVE-2022-45420, CVE-2022-45421) Armin Ebert discovered that Firefox did not properly manage while resolving file symlink. If a user were tricked into opening a specially crafted weblink, an attacker could potentially exploit these to cause a denial of service. (CVE-2022-45412) Jefferson Scher and Jayateertha Guruprasad discovered that Firefox did not properly sanitize the HTML download file extension under certain circumstances. If a user were tricked into downloading and executing malicious content, a remote attacker could execute arbitrary code with the privileges of the user invoking the programs. (CVE-2022-45415) Erik Kraft, Martin Schwarzl, and Andrew McCreight discovered that Firefox incorrectly handled keyboard events. An attacker could possibly use this issue to perform a timing side-channel attack and possibly figure out which keys are being pressed. (CVE-2022-45416) Kagami discovered that Firefox did not detect Private Browsing Mode correctly. An attacker could possibly use this issue to obtain sensitive information about Private Browsing Mode. (CVE-2022-45417) Update Instructions: Run `sudo pro fix USN-5726-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 107.0+build2-0ubuntu0.20.04.1 firefox - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 107.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 107.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 107.0+build2-0ubuntu0.20.04.1 firefox-dev - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 107.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-45403 CVE-2022-45404 CVE-2022-45405 CVE-2022-45406 CVE-2022-45407 CVE-2022-45408 CVE-2022-45409 CVE-2022-45410 CVE-2022-45411 CVE-2022-45412 CVE-2022-45413 CVE-2022-40674 CVE-2022-45415 CVE-2022-45416 CVE-2022-45417 CVE-2022-45418 CVE-2022-45419 CVE-2022-45420 CVE-2022-45421 Ubuntu 20.04 LTS Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41222) It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-20422) It was discovered that the KVM implementation in the Linux kernel did not properly handle virtual CPUs without APICs in certain situations. A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-2153) Hao Sun and Jiacheng Xu discovered that the NILFS file system implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2978) Johannes Wikner and Kaveh Razavi discovered that for some Intel x86-64 processors, the Linux kernel's protections against speculative branch target injection attacks were insufficient in some circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29901) Abhishek Shah discovered a race condition in the PF_KEYv2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3028) It was discovered that the Netlink device interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3625) It was discovered that the IDT 77252 ATM PCI device driver in the Linux kernel did not properly remove any pending timers during device exit, resulting in a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-3635) Xingyuan Mo and Gengjia Chen discovered that the Promise SuperTrak EX storage controller driver in the Linux kernel did not properly handle certain structures. A local attacker could potentially use this to expose sensitive information (kernel memory). (CVE-2022-40768) Sönke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42719) Update Instructions: Run `sudo pro fix USN-5728-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1037-ibm - 5.4.0-1037.42 linux-ibm-headers-5.4.0-1037 - 5.4.0-1037.42 linux-modules-5.4.0-1037-ibm - 5.4.0-1037.42 linux-ibm-source-5.4.0 - 5.4.0-1037.42 linux-ibm-tools-common - 5.4.0-1037.42 linux-tools-5.4.0-1037-ibm - 5.4.0-1037.42 linux-ibm-tools-5.4.0-1037 - 5.4.0-1037.42 linux-headers-5.4.0-1037-ibm - 5.4.0-1037.42 linux-buildinfo-5.4.0-1037-ibm - 5.4.0-1037.42 linux-ibm-cloud-tools-common - 5.4.0-1037.42 linux-modules-extra-5.4.0-1037-ibm - 5.4.0-1037.42 linux-image-unsigned-5.4.0-1037-ibm - 5.4.0-1037.42 No subscription required linux-modules-5.4.0-1050-bluefield - 5.4.0-1050.56 linux-tools-5.4.0-1050-bluefield - 5.4.0-1050.56 linux-bluefield-headers-5.4.0-1050 - 5.4.0-1050.56 linux-image-5.4.0-1050-bluefield - 5.4.0-1050.56 linux-image-unsigned-5.4.0-1050-bluefield - 5.4.0-1050.56 linux-headers-5.4.0-1050-bluefield - 5.4.0-1050.56 linux-bluefield-tools-5.4.0-1050 - 5.4.0-1050.56 linux-buildinfo-5.4.0-1050-bluefield - 5.4.0-1050.56 No subscription required linux-raspi-headers-5.4.0-1074 - 5.4.0-1074.85 linux-image-5.4.0-1074-raspi - 5.4.0-1074.85 linux-tools-5.4.0-1074-raspi - 5.4.0-1074.85 linux-buildinfo-5.4.0-1074-raspi - 5.4.0-1074.85 linux-headers-5.4.0-1074-raspi - 5.4.0-1074.85 linux-raspi-tools-5.4.0-1074 - 5.4.0-1074.85 linux-modules-5.4.0-1074-raspi - 5.4.0-1074.85 No subscription required linux-kvm-headers-5.4.0-1079 - 5.4.0-1079.85 linux-kvm-tools-5.4.0-1079 - 5.4.0-1079.85 linux-headers-5.4.0-1079-kvm - 5.4.0-1079.85 linux-image-unsigned-5.4.0-1079-kvm - 5.4.0-1079.85 linux-tools-5.4.0-1079-kvm - 5.4.0-1079.85 linux-buildinfo-5.4.0-1079-kvm - 5.4.0-1079.85 linux-modules-5.4.0-1079-kvm - 5.4.0-1079.85 linux-image-5.4.0-1079-kvm - 5.4.0-1079.85 No subscription required linux-image-5.4.0-1087-oracle - 5.4.0-1087.96 linux-headers-5.4.0-1087-oracle - 5.4.0-1087.96 linux-modules-5.4.0-1087-oracle - 5.4.0-1087.96 linux-modules-extra-5.4.0-1087-oracle - 5.4.0-1087.96 linux-image-unsigned-5.4.0-1087-oracle - 5.4.0-1087.96 linux-buildinfo-5.4.0-1087-oracle - 5.4.0-1087.96 linux-oracle-headers-5.4.0-1087 - 5.4.0-1087.96 linux-tools-5.4.0-1087-oracle - 5.4.0-1087.96 linux-oracle-tools-5.4.0-1087 - 5.4.0-1087.96 No subscription required linux-buildinfo-5.4.0-1089-aws - 5.4.0-1089.97 linux-aws-cloud-tools-5.4.0-1089 - 5.4.0-1089.97 linux-aws-headers-5.4.0-1089 - 5.4.0-1089.97 linux-modules-extra-5.4.0-1089-aws - 5.4.0-1089.97 linux-cloud-tools-5.4.0-1089-aws - 5.4.0-1089.97 linux-headers-5.4.0-1089-aws - 5.4.0-1089.97 linux-aws-tools-5.4.0-1089 - 5.4.0-1089.97 linux-modules-5.4.0-1089-aws - 5.4.0-1089.97 linux-image-5.4.0-1089-aws - 5.4.0-1089.97 linux-image-unsigned-5.4.0-1089-aws - 5.4.0-1089.97 linux-tools-5.4.0-1089-aws - 5.4.0-1089.97 No subscription required linux-image-unsigned-5.4.0-1093-gcp - 5.4.0-1093.102 linux-gcp-headers-5.4.0-1093 - 5.4.0-1093.102 linux-gcp-tools-5.4.0-1093 - 5.4.0-1093.102 linux-image-5.4.0-1093-gcp - 5.4.0-1093.102 linux-modules-extra-5.4.0-1093-gcp - 5.4.0-1093.102 linux-modules-5.4.0-1093-gcp - 5.4.0-1093.102 linux-buildinfo-5.4.0-1093-gcp - 5.4.0-1093.102 linux-headers-5.4.0-1093-gcp - 5.4.0-1093.102 linux-tools-5.4.0-1093-gcp - 5.4.0-1093.102 No subscription required linux-image-5.4.0-1095-azure - 5.4.0-1095.101 linux-modules-extra-5.4.0-1095-azure - 5.4.0-1095.101 linux-image-unsigned-5.4.0-1095-azure - 5.4.0-1095.101 linux-azure-headers-5.4.0-1095 - 5.4.0-1095.101 linux-modules-5.4.0-1095-azure - 5.4.0-1095.101 linux-azure-cloud-tools-5.4.0-1095 - 5.4.0-1095.101 linux-azure-tools-5.4.0-1095 - 5.4.0-1095.101 linux-tools-5.4.0-1095-azure - 5.4.0-1095.101 linux-headers-5.4.0-1095-azure - 5.4.0-1095.101 linux-buildinfo-5.4.0-1095-azure - 5.4.0-1095.101 linux-cloud-tools-5.4.0-1095-azure - 5.4.0-1095.101 No subscription required linux-cloud-tools-5.4.0-132-lowlatency - 5.4.0-132.148 linux-tools-common - 5.4.0-132.148 linux-modules-5.4.0-132-lowlatency - 5.4.0-132.148 linux-tools-5.4.0-132-lowlatency - 5.4.0-132.148 linux-buildinfo-5.4.0-132-generic-lpae - 5.4.0-132.148 linux-tools-host - 5.4.0-132.148 linux-doc - 5.4.0-132.148 linux-buildinfo-5.4.0-132-lowlatency - 5.4.0-132.148 linux-tools-5.4.0-132 - 5.4.0-132.148 linux-modules-5.4.0-132-generic - 5.4.0-132.148 linux-libc-dev - 5.4.0-132.148 linux-source-5.4.0 - 5.4.0-132.148 linux-cloud-tools-5.4.0-132 - 5.4.0-132.148 linux-headers-5.4.0-132-lowlatency - 5.4.0-132.148 linux-modules-5.4.0-132-generic-lpae - 5.4.0-132.148 linux-tools-5.4.0-132-generic-lpae - 5.4.0-132.148 linux-headers-5.4.0-132 - 5.4.0-132.148 linux-cloud-tools-5.4.0-132-generic - 5.4.0-132.148 linux-headers-5.4.0-132-generic - 5.4.0-132.148 linux-image-5.4.0-132-generic-lpae - 5.4.0-132.148 linux-headers-5.4.0-132-generic-lpae - 5.4.0-132.148 linux-cloud-tools-common - 5.4.0-132.148 linux-tools-5.4.0-132-generic - 5.4.0-132.148 linux-modules-extra-5.4.0-132-generic - 5.4.0-132.148 linux-image-unsigned-5.4.0-132-generic - 5.4.0-132.148 linux-image-5.4.0-132-generic - 5.4.0-132.148 linux-image-unsigned-5.4.0-132-lowlatency - 5.4.0-132.148 linux-image-5.4.0-132-lowlatency - 5.4.0-132.148 linux-buildinfo-5.4.0-132-generic - 5.4.0-132.148 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1037.65 linux-modules-extra-ibm - 5.4.0.1037.65 linux-headers-ibm-lts-20.04 - 5.4.0.1037.65 linux-image-ibm-lts-20.04 - 5.4.0.1037.65 linux-ibm-lts-20.04 - 5.4.0.1037.65 linux-image-ibm - 5.4.0.1037.65 linux-ibm - 5.4.0.1037.65 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1037.65 linux-headers-ibm - 5.4.0.1037.65 linux-tools-ibm - 5.4.0.1037.65 No subscription required linux-image-bluefield - 5.4.0.1050.48 linux-headers-bluefield - 5.4.0.1050.48 linux-tools-bluefield - 5.4.0.1050.48 linux-bluefield - 5.4.0.1050.48 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1074.106 linux-raspi2 - 5.4.0.1074.106 linux-headers-raspi2 - 5.4.0.1074.106 linux-image-raspi-hwe-18.04 - 5.4.0.1074.106 linux-image-raspi2-hwe-18.04 - 5.4.0.1074.106 linux-tools-raspi - 5.4.0.1074.106 linux-headers-raspi-hwe-18.04 - 5.4.0.1074.106 linux-headers-raspi2-hwe-18.04 - 5.4.0.1074.106 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1074.106 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1074.106 linux-headers-raspi - 5.4.0.1074.106 linux-raspi2-hwe-18.04-edge - 5.4.0.1074.106 linux-raspi-hwe-18.04 - 5.4.0.1074.106 linux-tools-raspi2-hwe-18.04 - 5.4.0.1074.106 linux-raspi-hwe-18.04-edge - 5.4.0.1074.106 linux-raspi2-hwe-18.04 - 5.4.0.1074.106 linux-image-raspi-hwe-18.04-edge - 5.4.0.1074.106 linux-image-raspi2 - 5.4.0.1074.106 linux-tools-raspi-hwe-18.04 - 5.4.0.1074.106 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1074.106 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1074.106 linux-image-raspi - 5.4.0.1074.106 linux-tools-raspi2 - 5.4.0.1074.106 linux-raspi - 5.4.0.1074.106 No subscription required linux-kvm - 5.4.0.1079.75 linux-headers-kvm - 5.4.0.1079.75 linux-image-kvm - 5.4.0.1079.75 linux-tools-kvm - 5.4.0.1079.75 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1087.83 linux-oracle-lts-20.04 - 5.4.0.1087.83 linux-tools-oracle-lts-20.04 - 5.4.0.1087.83 linux-image-oracle-lts-20.04 - 5.4.0.1087.83 No subscription required linux-headers-aws-lts-20.04 - 5.4.0.1089.88 linux-modules-extra-aws-lts-20.04 - 5.4.0.1089.88 linux-tools-aws-lts-20.04 - 5.4.0.1089.88 linux-image-aws-lts-20.04 - 5.4.0.1089.88 linux-aws-lts-20.04 - 5.4.0.1089.88 No subscription required linux-headers-gcp-lts-20.04 - 5.4.0.1093.97 linux-gcp-lts-20.04 - 5.4.0.1093.97 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1093.97 linux-image-gcp-lts-20.04 - 5.4.0.1093.97 linux-tools-gcp-lts-20.04 - 5.4.0.1093.97 No subscription required linux-azure-lts-20.04 - 5.4.0.1095.91 linux-headers-azure-lts-20.04 - 5.4.0.1095.91 linux-image-azure-lts-20.04 - 5.4.0.1095.91 linux-modules-extra-azure-lts-20.04 - 5.4.0.1095.91 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1095.91 linux-tools-azure-lts-20.04 - 5.4.0.1095.91 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.132.132 linux-cloud-tools-virtual - 5.4.0.132.132 linux-headers-virtual-hwe-18.04 - 5.4.0.132.132 linux-image-generic-hwe-18.04 - 5.4.0.132.132 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.132.132 linux-headers-generic-lpae - 5.4.0.132.132 linux-oem-osp1-tools-host - 5.4.0.132.132 linux-image-generic - 5.4.0.132.132 linux-tools-lowlatency - 5.4.0.132.132 linux-image-oem - 5.4.0.132.132 linux-headers-lowlatency-hwe-18.04 - 5.4.0.132.132 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.132.132 linux-lowlatency-hwe-18.04-edge - 5.4.0.132.132 linux-image-extra-virtual-hwe-18.04 - 5.4.0.132.132 linux-image-oem-osp1 - 5.4.0.132.132 linux-image-generic-lpae-hwe-18.04 - 5.4.0.132.132 linux-crashdump - 5.4.0.132.132 linux-tools-lowlatency-hwe-18.04 - 5.4.0.132.132 linux-headers-generic-hwe-18.04 - 5.4.0.132.132 linux-headers-virtual-hwe-18.04-edge - 5.4.0.132.132 linux-source - 5.4.0.132.132 linux-lowlatency - 5.4.0.132.132 linux-tools-virtual-hwe-18.04-edge - 5.4.0.132.132 linux-tools-generic-lpae - 5.4.0.132.132 linux-tools-virtual - 5.4.0.132.132 linux-virtual - 5.4.0.132.132 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.132.132 linux-virtual-hwe-18.04 - 5.4.0.132.132 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.132.132 linux-cloud-tools-generic - 5.4.0.132.132 linux-generic-lpae-hwe-18.04-edge - 5.4.0.132.132 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.132.132 linux-headers-oem - 5.4.0.132.132 linux-headers-oem-osp1 - 5.4.0.132.132 linux-generic - 5.4.0.132.132 linux-tools-oem-osp1 - 5.4.0.132.132 linux-image-virtual - 5.4.0.132.132 linux-image-lowlatency - 5.4.0.132.132 linux-tools-generic-hwe-18.04-edge - 5.4.0.132.132 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.132.132 linux-cloud-tools-lowlatency - 5.4.0.132.132 linux-headers-lowlatency - 5.4.0.132.132 linux-image-generic-hwe-18.04-edge - 5.4.0.132.132 linux-generic-hwe-18.04-edge - 5.4.0.132.132 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.132.132 linux-oem - 5.4.0.132.132 linux-tools-generic - 5.4.0.132.132 linux-image-extra-virtual - 5.4.0.132.132 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.132.132 linux-oem-tools-host - 5.4.0.132.132 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.132.132 linux-tools-oem - 5.4.0.132.132 linux-generic-lpae - 5.4.0.132.132 linux-generic-lpae-hwe-18.04 - 5.4.0.132.132 linux-headers-generic-hwe-18.04-edge - 5.4.0.132.132 linux-headers-generic - 5.4.0.132.132 linux-oem-osp1 - 5.4.0.132.132 linux-image-virtual-hwe-18.04 - 5.4.0.132.132 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.132.132 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.132.132 linux-image-lowlatency-hwe-18.04 - 5.4.0.132.132 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.132.132 linux-virtual-hwe-18.04-edge - 5.4.0.132.132 linux-headers-virtual - 5.4.0.132.132 linux-tools-virtual-hwe-18.04 - 5.4.0.132.132 linux-lowlatency-hwe-18.04 - 5.4.0.132.132 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.132.132 linux-generic-hwe-18.04 - 5.4.0.132.132 linux-image-generic-lpae - 5.4.0.132.132 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.132.132 linux-image-virtual-hwe-18.04-edge - 5.4.0.132.132 linux-tools-generic-hwe-18.04 - 5.4.0.132.132 No subscription required High CVE-2022-20422 CVE-2022-2153 CVE-2022-2978 CVE-2022-29901 CVE-2022-3028 CVE-2022-3625 CVE-2022-3635 CVE-2022-40768 CVE-2022-41222 CVE-2022-42703 CVE-2022-42719 Ubuntu 20.04 LTS Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41222) It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-20422) It was discovered that the KVM implementation in the Linux kernel did not properly handle virtual CPUs without APICs in certain situations. A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-2153) Hao Sun and Jiacheng Xu discovered that the NILFS file system implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2978) Johannes Wikner and Kaveh Razavi discovered that for some Intel x86-64 processors, the Linux kernel's protections against speculative branch target injection attacks were insufficient in some circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29901) Abhishek Shah discovered a race condition in the PF_KEYv2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3028) It was discovered that the Netlink device interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3625) It was discovered that the IDT 77252 ATM PCI device driver in the Linux kernel did not properly remove any pending timers during device exit, resulting in a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-3635) Xingyuan Mo and Gengjia Chen discovered that the Promise SuperTrak EX storage controller driver in the Linux kernel did not properly handle certain structures. A local attacker could potentially use this to expose sensitive information (kernel memory). (CVE-2022-40768) Sönke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42719) Update Instructions: Run `sudo pro fix USN-5728-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-gkeop-headers-5.4.0-1057 - 5.4.0-1057.61 linux-image-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-gkeop-source-5.4.0 - 5.4.0-1057.61 linux-gkeop-cloud-tools-5.4.0-1057 - 5.4.0-1057.61 linux-gkeop-tools-5.4.0-1057 - 5.4.0-1057.61 linux-image-unsigned-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-headers-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-modules-extra-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-buildinfo-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-cloud-tools-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-modules-5.4.0-1057-gkeop - 5.4.0-1057.61 No subscription required linux-gke-headers-5.4.0-1087 - 5.4.0-1087.94 linux-headers-5.4.0-1087-gke - 5.4.0-1087.94 linux-image-unsigned-5.4.0-1087-gke - 5.4.0-1087.94 linux-modules-extra-5.4.0-1087-gke - 5.4.0-1087.94 linux-gke-tools-5.4.0-1087 - 5.4.0-1087.94 linux-image-5.4.0-1087-gke - 5.4.0-1087.94 linux-buildinfo-5.4.0-1087-gke - 5.4.0-1087.94 linux-modules-5.4.0-1087-gke - 5.4.0-1087.94 linux-tools-5.4.0-1087-gke - 5.4.0-1087.94 No subscription required linux-image-unsigned-5.4.0-1095-azure-fde - 5.4.0-1095.101+cvm1.1 linux-image-5.4.0-1095-azure-fde - 5.4.0-1095.101+cvm1.1 No subscription required linux-image-gkeop-5.4 - 5.4.0.1057.57 linux-modules-extra-gkeop - 5.4.0.1057.57 linux-headers-gkeop - 5.4.0.1057.57 linux-gkeop-5.4 - 5.4.0.1057.57 linux-cloud-tools-gkeop-5.4 - 5.4.0.1057.57 linux-image-gkeop - 5.4.0.1057.57 linux-modules-extra-gkeop-5.4 - 5.4.0.1057.57 linux-cloud-tools-gkeop - 5.4.0.1057.57 linux-tools-gkeop - 5.4.0.1057.57 linux-tools-gkeop-5.4 - 5.4.0.1057.57 linux-gkeop - 5.4.0.1057.57 linux-headers-gkeop-5.4 - 5.4.0.1057.57 No subscription required linux-modules-extra-gke - 5.4.0.1087.94 linux-gke-5.4 - 5.4.0.1087.94 linux-tools-gke - 5.4.0.1087.94 linux-gke - 5.4.0.1087.94 linux-image-gke - 5.4.0.1087.94 linux-headers-gke-5.4 - 5.4.0.1087.94 linux-image-gke-5.4 - 5.4.0.1087.94 linux-tools-gke-5.4 - 5.4.0.1087.94 linux-headers-gke - 5.4.0.1087.94 linux-modules-extra-gke-5.4 - 5.4.0.1087.94 No subscription required linux-image-azure-fde - 5.4.0.1095.101+cvm1.33 linux-cloud-tools-azure-fde - 5.4.0.1095.101+cvm1.33 linux-modules-extra-azure-fde - 5.4.0.1095.101+cvm1.33 linux-tools-azure-fde - 5.4.0.1095.101+cvm1.33 linux-azure-fde - 5.4.0.1095.101+cvm1.33 linux-headers-azure-fde - 5.4.0.1095.101+cvm1.33 No subscription required High CVE-2022-20422 CVE-2022-2153 CVE-2022-2978 CVE-2022-29901 CVE-2022-3028 CVE-2022-3625 CVE-2022-3635 CVE-2022-40768 CVE-2022-41222 CVE-2022-42703 CVE-2022-42719 Ubuntu 20.04 LTS It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-20422) Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an out-of-bounds read vulnerability in the x86 JIT compiler. A local attacker could possibly use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-2905) Hao Sun and Jiacheng Xu discovered that the NILFS file system implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2978) Abhishek Shah discovered a race condition in the PF_KEYv2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3028) It was discovered that the Netlink device interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3625) It was discovered that the IDT 77252 ATM PCI device driver in the Linux kernel did not properly remove any pending timers during device exit, resulting in a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-3635) Gwangun Jung discovered that the netfilter subsystem in the Linux kernel did not properly prevent binding to an already bound chain. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-39190) Xingyuan Mo and Gengjia Chen discovered that the Promise SuperTrak EX storage controller driver in the Linux kernel did not properly handle certain structures. A local attacker could potentially use this to expose sensitive information (kernel memory). (CVE-2022-40768) Update Instructions: Run `sudo pro fix USN-5729-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 linux-oracle-5.15-tools-5.15.0-1022 - 5.15.0-1022.28~20.04.1 linux-tools-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 linux-image-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 linux-oracle-5.15-headers-5.15.0-1022 - 5.15.0-1022.28~20.04.1 linux-image-unsigned-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 linux-buildinfo-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 linux-modules-extra-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 linux-headers-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 No subscription required linux-aws-5.15-headers-5.15.0-1023 - 5.15.0-1023.27~20.04.1 linux-buildinfo-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-headers-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-cloud-tools-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1023 - 5.15.0-1023.27~20.04.1 linux-tools-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-modules-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-modules-extra-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-image-unsigned-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-aws-5.15-tools-5.15.0-1023 - 5.15.0-1023.27~20.04.1 linux-image-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 No subscription required linux-headers-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-tools-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-azure-5.15-headers-5.15.0-1023 - 5.15.0-1023.29~20.04.1 linux-image-unsigned-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-image-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-modules-extra-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1023 - 5.15.0-1023.29~20.04.1 linux-cloud-tools-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-azure-5.15-tools-5.15.0-1023 - 5.15.0-1023.29~20.04.1 linux-modules-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-buildinfo-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 No subscription required linux-buildinfo-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-modules-extra-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-modules-5.15.0-53-generic-lpae - 5.15.0-53.59~20.04.1 linux-image-5.15.0-53-generic-lpae - 5.15.0-53.59~20.04.1 linux-image-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-cloud-tools-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-image-unsigned-5.15.0-53-generic-64k - 5.15.0-53.59~20.04.1 linux-tools-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-modules-iwlwifi-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-hwe-5.15-tools-5.15.0-53 - 5.15.0-53.59~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-53.59~20.04.1 linux-image-5.15.0-53-generic-64k - 5.15.0-53.59~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-53.59~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-53.59~20.04.1 linux-modules-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-cloud-tools-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-image-unsigned-5.15.0-53-lowlatency-64k - 5.15.0-53.59~20.04.1 linux-headers-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-headers-5.15.0-53-generic-lpae - 5.15.0-53.59~20.04.1 linux-buildinfo-5.15.0-53-generic-64k - 5.15.0-53.59~20.04.1 linux-modules-iwlwifi-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-tools-5.15.0-53-generic-lpae - 5.15.0-53.59~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-53.59~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-53 - 5.15.0-53.59~20.04.1 linux-image-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-headers-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-modules-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-53.59~20.04.1 linux-image-unsigned-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-53 - 5.15.0-53.59~20.04.1 linux-image-5.15.0-53-lowlatency-64k - 5.15.0-53.59~20.04.1 linux-headers-5.15.0-53-generic-64k - 5.15.0-53.59~20.04.1 linux-tools-5.15.0-53-lowlatency-64k - 5.15.0-53.59~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-53 - 5.15.0-53.59~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-53 - 5.15.0-53.59~20.04.1 linux-image-unsigned-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-headers-5.15.0-53-lowlatency-64k - 5.15.0-53.59~20.04.1 linux-buildinfo-5.15.0-53-generic-lpae - 5.15.0-53.59~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-53.59~20.04.1 linux-buildinfo-5.15.0-53-lowlatency-64k - 5.15.0-53.59~20.04.1 linux-modules-5.15.0-53-lowlatency-64k - 5.15.0-53.59~20.04.1 linux-modules-5.15.0-53-generic-64k - 5.15.0-53.59~20.04.1 linux-buildinfo-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-tools-5.15.0-53-generic-64k - 5.15.0-53.59~20.04.1 linux-tools-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-hwe-5.15-headers-5.15.0-53 - 5.15.0-53.59~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-53.59~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1022.28~20.04.1 linux-tools-oracle-edge - 5.15.0.1022.28~20.04.1 linux-oracle-edge - 5.15.0.1022.28~20.04.1 linux-image-oracle-edge - 5.15.0.1022.28~20.04.1 linux-headers-oracle-edge - 5.15.0.1022.28~20.04.1 linux-image-oracle - 5.15.0.1022.28~20.04.1 linux-tools-oracle - 5.15.0.1022.28~20.04.1 linux-oracle - 5.15.0.1022.28~20.04.1 No subscription required linux-image-aws - 5.15.0.1023.27~20.04.15 linux-modules-extra-aws-edge - 5.15.0.1023.27~20.04.15 linux-image-aws-edge - 5.15.0.1023.27~20.04.15 linux-aws-edge - 5.15.0.1023.27~20.04.15 linux-aws - 5.15.0.1023.27~20.04.15 linux-tools-aws - 5.15.0.1023.27~20.04.15 linux-headers-aws-edge - 5.15.0.1023.27~20.04.15 linux-modules-extra-aws - 5.15.0.1023.27~20.04.15 linux-headers-aws - 5.15.0.1023.27~20.04.15 linux-tools-aws-edge - 5.15.0.1023.27~20.04.15 No subscription required linux-tools-azure-edge - 5.15.0.1023.29~20.04.16 linux-cloud-tools-azure - 5.15.0.1023.29~20.04.16 linux-tools-azure - 5.15.0.1023.29~20.04.16 linux-image-azure-edge - 5.15.0.1023.29~20.04.16 linux-cloud-tools-azure-edge - 5.15.0.1023.29~20.04.16 linux-modules-extra-azure - 5.15.0.1023.29~20.04.16 linux-azure - 5.15.0.1023.29~20.04.16 linux-image-azure - 5.15.0.1023.29~20.04.16 linux-headers-azure-edge - 5.15.0.1023.29~20.04.16 linux-azure-edge - 5.15.0.1023.29~20.04.16 linux-modules-extra-azure-edge - 5.15.0.1023.29~20.04.16 linux-headers-azure - 5.15.0.1023.29~20.04.16 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-headers-lowlatency-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-image-lowlatency-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-lowlatency-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-lowlatency-64k-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-tools-lowlatency-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-lowlatency-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.19 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-image-virtual-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-virtual-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-generic-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-image-virtual-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-image-extra-virtual-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-virtual-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-image-generic-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-headers-generic-64k-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-generic-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-generic-lpae-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-tools-virtual-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-virtual-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-tools-generic-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-tools-generic-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-generic-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-generic-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-generic-lpae-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-generic-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-image-generic-lpae-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-tools-generic-64k-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-tools-virtual-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-image-generic-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-generic-64k-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-image-generic-64k-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-virtual-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.53.59~20.04.21 No subscription required Medium CVE-2022-20422 CVE-2022-2905 CVE-2022-2978 CVE-2022-3028 CVE-2022-3625 CVE-2022-3635 CVE-2022-39190 CVE-2022-40768 Ubuntu 20.04 LTS It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-20422) Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an out-of-bounds read vulnerability in the x86 JIT compiler. A local attacker could possibly use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-2905) Hao Sun and Jiacheng Xu discovered that the NILFS file system implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2978) Abhishek Shah discovered a race condition in the PF_KEYv2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3028) It was discovered that the Netlink device interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3625) It was discovered that the IDT 77252 ATM PCI device driver in the Linux kernel did not properly remove any pending timers during device exit, resulting in a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-3635) Gwangun Jung discovered that the netfilter subsystem in the Linux kernel did not properly prevent binding to an already bound chain. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-39190) Xingyuan Mo and Gengjia Chen discovered that the Promise SuperTrak EX storage controller driver in the Linux kernel did not properly handle certain structures. A local attacker could potentially use this to expose sensitive information (kernel memory). (CVE-2022-40768) Update Instructions: Run `sudo pro fix USN-5729-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-image-unsigned-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-gke-5.15-headers-5.15.0-1020 - 5.15.0-1020.25~20.04.1 linux-modules-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-modules-iwlwifi-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-gke-5.15-tools-5.15.0-1020 - 5.15.0-1020.25~20.04.1 linux-headers-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-tools-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-modules-extra-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-image-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 No subscription required linux-buildinfo-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-gcp-5.15-headers-5.15.0-1022 - 5.15.0-1022.29~20.04.1 linux-modules-iwlwifi-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-gcp-5.15-tools-5.15.0-1022 - 5.15.0-1022.29~20.04.1 linux-modules-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-headers-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-modules-extra-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-image-unsigned-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-image-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-tools-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 No subscription required linux-tools-gke-edge - 5.15.0.1020.25~20.04.1 linux-gke-edge - 5.15.0.1020.25~20.04.1 linux-headers-gke-5.15 - 5.15.0.1020.25~20.04.1 linux-tools-gke-5.15 - 5.15.0.1020.25~20.04.1 linux-headers-gke-edge - 5.15.0.1020.25~20.04.1 linux-image-gke-edge - 5.15.0.1020.25~20.04.1 linux-gke-5.15 - 5.15.0.1020.25~20.04.1 linux-image-gke-5.15 - 5.15.0.1020.25~20.04.1 No subscription required linux-gcp - 5.15.0.1022.29~20.04.1 linux-headers-gcp - 5.15.0.1022.29~20.04.1 linux-tools-gcp - 5.15.0.1022.29~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1022.29~20.04.1 linux-headers-gcp-edge - 5.15.0.1022.29~20.04.1 linux-tools-gcp-edge - 5.15.0.1022.29~20.04.1 linux-image-gcp-edge - 5.15.0.1022.29~20.04.1 linux-image-gcp - 5.15.0.1022.29~20.04.1 linux-modules-extra-gcp - 5.15.0.1022.29~20.04.1 linux-gcp-edge - 5.15.0.1022.29~20.04.1 No subscription required Medium CVE-2022-20422 CVE-2022-2905 CVE-2022-2978 CVE-2022-3028 CVE-2022-3625 CVE-2022-3635 CVE-2022-39190 CVE-2022-40768 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5730-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.38.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.38.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.38.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.38.2-0ubuntu0.20.04.1 webkit2gtk-driver - 2.38.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.38.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.38.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.38.2-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.38.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.38.2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-32888 CVE-2022-32923 CVE-2022-42799 CVE-2022-42823 CVE-2022-42824 Ubuntu 20.04 LTS It was discovered that multipath-tools incorrectly handled symlinks. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-41973) It was discovered that multipath-tools incorrectly handled access controls. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges. (CVE-2022-41974) Update Instructions: Run `sudo pro fix USN-5731-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: kpartx-boot - 0.8.3-1ubuntu2.1 multipath-tools-boot - 0.8.3-1ubuntu2.1 kpartx - 0.8.3-1ubuntu2.1 multipath-tools - 0.8.3-1ubuntu2.1 No subscription required Medium CVE-2022-41973 CVE-2022-41974 Ubuntu 20.04 LTS It was discovered that Unbound incorrectly handled delegations with a large number of non-responsive nameservers. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-5732-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: unbound - 1.9.4-2ubuntu1.4 python3-unbound - 1.9.4-2ubuntu1.4 libunbound8 - 1.9.4-2ubuntu1.4 python-unbound - 1.9.4-2ubuntu1.4 unbound-anchor - 1.9.4-2ubuntu1.4 unbound-host - 1.9.4-2ubuntu1.4 libunbound-dev - 1.9.4-2ubuntu1.4 No subscription required Medium CVE-2022-3204 Ubuntu 20.04 LTS It was discovered that FLAC was not properly performing memory management operations, which could result in a memory leak. An attacker could possibly use this issue to cause FLAC to consume resources, leading to a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2017-6888) It was discovered that FLAC was not properly performing bounds checking operations when decoding data. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to expose sensitive information or to cause FLAC to crash, leading to a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-0499) It was discovered that FLAC was not properly performing bounds checking operations when encoding data. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to expose sensitive information or to cause FLAC to crash, leading to a denial of service. (CVE-2021-0561) Update Instructions: Run `sudo pro fix USN-5733-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libflac-doc - 1.3.3-1ubuntu0.1 libflac-dev - 1.3.3-1ubuntu0.1 libflac++-dev - 1.3.3-1ubuntu0.1 flac - 1.3.3-1ubuntu0.1 libflac++6v5 - 1.3.3-1ubuntu0.1 libflac8 - 1.3.3-1ubuntu0.1 No subscription required Low CVE-2017-6888 CVE-2020-0499 CVE-2021-0561 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled certain data lenghts. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-39282, CVE-2022-39283) It was discovered that FreeRDP incorrectly handled certain data lenghts. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319, CVE-2022-39320) It was discovered that FreeRDP incorrectly handled certain path checks. A malicious server could use this issue to cause FreeRDP clients to read files outside of the shared directory. (CVE-2022-39347) Update Instructions: Run `sudo pro fix USN-5734-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 freerdp2-shadow-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.4 libfreerdp2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 freerdp2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.4 freerdp2-wayland - 2.2.0+dfsg1-0ubuntu0.20.04.4 libwinpr2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.4 libfreerdp-shadow2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 libuwac0-0 - 2.2.0+dfsg1-0ubuntu0.20.04.4 freerdp2-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.4 libwinpr2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 libwinpr-tools2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 libuwac0-dev - 2.2.0+dfsg1-0ubuntu0.20.04.4 libfreerdp-shadow-subsystem2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 libfreerdp-client2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 winpr-utils - 2.2.0+dfsg1-0ubuntu0.20.04.4 No subscription required Medium CVE-2022-39282 CVE-2022-39283 CVE-2022-39316 CVE-2022-39317 CVE-2022-39318 CVE-2022-39319 CVE-2022-39320 CVE-2022-39347 Ubuntu 20.04 LTS USN-5736-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. One of the issues, CVE-2021-20224, only affected Ubuntu 20.04 ESM, while CVE-2021-20245, CVE-2021-3574, CVE-2021-4219 and CVE-2022-1114 only affected Ubuntu 22.04 ESM. Original advisory details: It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2021-20224) Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2021-20241) Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2021-20243) It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20244) It was discovered that ImageMagick could be made to divide by zero when processing crafted files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20245) It was discovered that ImageMagick incorrectly handled certain values when performing resampling operations. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20246) It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20309) It was discovered that ImageMagick incorrectly handled certain values when processing thumbnail image data. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20312) It was discovered that ImageMagick incorrectly handled memory cleanup when performing certain cryptographic operations. Under certain conditions sensitive cryptographic information could be disclosed. This issue only affected Ubuntu 22.10. (CVE-2021-20313) It was discovered that ImageMagick did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted file using the convert command, an attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-3574) It was discovered that ImageMagick did not use the correct rights when specifically excluded by a module policy. An attacker could use this issue to read and write certain restricted files. This issue only affected Ubuntu 22.10. (CVE-2021-39212) It was discovered that ImageMagick incorrectly handled certain values when processing specially crafted SVG files. By tricking a user into opening a specially crafted SVG file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-4219) It was discovered that ImageMagick did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted DICOM file, an attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service, or expose sensitive information. This issue only affected Ubuntu 22.10. (CVE-2022-1114) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 22.10. (CVE-2022-28463) It was discovered that ImageMagick incorrectly handled certain values. If a user were tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2022-32545, CVE-2022-32546) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2022-32547) Update Instructions: Run `sudo pro fix USN-5736-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-20224 CVE-2021-20241 CVE-2021-20243 CVE-2021-20244 CVE-2021-20245 CVE-2021-20246 CVE-2021-20309 CVE-2021-20312 CVE-2021-20313 CVE-2021-3574 CVE-2021-39212 CVE-2021-4219 CVE-2022-1114 CVE-2022-28463 CVE-2022-32545 CVE-2022-32546 CVE-2022-32547 Ubuntu 20.04 LTS Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.37 in Ubuntu 20.04 LTS and to 10.6.11 in Ubuntu 22.04 LTS and Ubuntu 22.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Update Instructions: Run `sudo pro fix USN-5739-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.37-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.37-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.37-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.37-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.37-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.37-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.37-0ubuntu0.20.04.1 mariadb-client - 1:10.3.37-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.37-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.37-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.37-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.37-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.37-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.37-0ubuntu0.20.04.1 mariadb-server - 1:10.3.37-0ubuntu0.20.04.1 mariadb-common - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.37-0ubuntu0.20.04.1 mariadb-test - 1:10.3.37-0ubuntu0.20.04.1 No subscription required Medium CVE-2018-25032 CVE-2021-46669 CVE-2022-21427 CVE-2022-27376 CVE-2022-27377 CVE-2022-27378 CVE-2022-27379 CVE-2022-27380 CVE-2022-27381 CVE-2022-27382 CVE-2022-27383 CVE-2022-27384 CVE-2022-27386 CVE-2022-27387 CVE-2022-27444 CVE-2022-27445 CVE-2022-27446 CVE-2022-27447 CVE-2022-27448 CVE-2022-27449 CVE-2022-27451 CVE-2022-27452 CVE-2022-27455 CVE-2022-27456 CVE-2022-27457 CVE-2022-27458 CVE-2022-32081 CVE-2022-32082 CVE-2022-32083 CVE-2022-32084 CVE-2022-32085 CVE-2022-32086 CVE-2022-32087 CVE-2022-32088 CVE-2022-32089 CVE-2022-32091 Ubuntu 20.04 LTS USN-5739-1 fixed vulnerabilities in MariaDB. It caused a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: MariaDB has been updated to 10.3.38 in Ubuntu 20.04 LTS and to 10.6.12 in Ubuntu 22.04 LTS and Ubuntu 22.10. Update Instructions: Run `sudo pro fix USN-5739-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.38-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.38-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.38-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.38-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.38-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.38-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.38-0ubuntu0.20.04.1 mariadb-client - 1:10.3.38-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.38-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.38-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.38-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.38-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.38-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.38-0ubuntu0.20.04.1 mariadb-server - 1:10.3.38-0ubuntu0.20.04.1 mariadb-common - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.38-0ubuntu0.20.04.1 mariadb-test - 1:10.3.38-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2006882 Ubuntu 20.04 LTS It was discovered that X.Org X Server incorrectly handled certain inputs. An attacker could use these issues to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5740-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.4 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.4 xwayland - 2:1.20.13-1ubuntu1~20.04.4 xdmx - 2:1.20.13-1ubuntu1~20.04.4 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.4 xvfb - 2:1.20.13-1ubuntu1~20.04.4 xnest - 2:1.20.13-1ubuntu1~20.04.4 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.4 xserver-common - 2:1.20.13-1ubuntu1~20.04.4 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.4 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.4 No subscription required Medium CVE-2022-3550 CVE-2022-3551 Ubuntu 20.04 LTS It was discovered that Exim incorrectly handled certain regular expressions. An attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5741-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4-dev - 4.93-13ubuntu1.7 eximon4 - 4.93-13ubuntu1.7 exim4 - 4.93-13ubuntu1.7 exim4-base - 4.93-13ubuntu1.7 exim4-config - 4.93-13ubuntu1.7 exim4-daemon-heavy - 4.93-13ubuntu1.7 exim4-daemon-light - 4.93-13ubuntu1.7 No subscription required Medium CVE-2022-3559 Ubuntu 20.04 LTS It was discovered that JBIG-KIT incorrectly handled decoding certain large image files. If a user or automated system using JBIG-KIT were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5742-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: jbigkit-bin - 2.1-3.1ubuntu0.20.04.1 libjbig-dev - 2.1-3.1ubuntu0.20.04.1 libjbig0 - 2.1-3.1ubuntu0.20.04.1 No subscription required Negligible CVE-2017-9937 Ubuntu 20.04 LTS USN-5743-1 fixed a vulnerability in LibTIFF. This update provides the corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. Original advisory details: It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Update Instructions: Run `sudo pro fix USN-5743-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.7 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.7 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.7 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.7 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.7 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.7 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.7 No subscription required Medium CVE-2022-3970 Ubuntu 20.04 LTS Florian Weimer discovered that shadow was not properly copying and removing user directory trees, which could lead to a race condition. A local attacker could possibly use this issue to setup a symlink attack and alter or remove directories without authorization. Update Instructions: Run `sudo pro fix USN-5745-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: passwd - 1:4.8.1-1ubuntu5.20.04.3 login - 1:4.8.1-1ubuntu5.20.04.3 uidmap - 1:4.8.1-1ubuntu5.20.04.3 No subscription required Low CVE-2013-4235 Ubuntu 20.04 LTS USN-5745-1 fixed vulnerabilities in shadow. Unfortunately that update introduced a regression that caused useradd to behave incorrectly in Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update reverts the security fix pending further investigation. We apologize for the inconvenience. Original advisory details: Florian Weimer discovered that shadow was not properly copying and removing user directory trees, which could lead to a race condition. A local attacker could possibly use this issue to setup a symlink attack and alter or remove directories without authorization. Update Instructions: Run `sudo pro fix USN-5745-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: passwd - 1:4.8.1-1ubuntu5.20.04.4 login - 1:4.8.1-1ubuntu5.20.04.4 uidmap - 1:4.8.1-1ubuntu5.20.04.4 No subscription required None https://launchpad.net/bugs/1998169 Ubuntu 20.04 LTS It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5748-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: isag - 12.2.0-2ubuntu0.2 sysstat - 12.2.0-2ubuntu0.2 No subscription required Medium CVE-2022-39377 Ubuntu 20.04 LTS The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5753-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.57.5+20.04ubuntu0.1 ubuntu-core-launcher - 2.57.5+20.04ubuntu0.1 snap-confine - 2.57.5+20.04ubuntu0.1 ubuntu-snappy-cli - 2.57.5+20.04ubuntu0.1 golang-github-snapcore-snapd-dev - 2.57.5+20.04ubuntu0.1 snapd-xdg-open - 2.57.5+20.04ubuntu0.1 snapd - 2.57.5+20.04ubuntu0.1 golang-github-ubuntu-core-snappy-dev - 2.57.5+20.04ubuntu0.1 ubuntu-snappy - 2.57.5+20.04ubuntu0.1 No subscription required High CVE-2022-3328 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5755-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oracle-5.15-headers-5.15.0-1025 - 5.15.0-1025.31~20.04.2 linux-oracle-5.15-tools-5.15.0-1025 - 5.15.0-1025.31~20.04.2 linux-tools-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 linux-modules-extra-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 linux-buildinfo-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 linux-headers-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 linux-modules-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 linux-image-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 linux-image-unsigned-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 No subscription required linux-aws-5.15-headers-5.15.0-1026 - 5.15.0-1026.30~20.04.2 linux-tools-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-image-unsigned-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-buildinfo-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-image-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-headers-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-aws-5.15-cloud-tools-5.15.0-1026 - 5.15.0-1026.30~20.04.2 linux-modules-extra-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-aws-5.15-tools-5.15.0-1026 - 5.15.0-1026.30~20.04.2 linux-modules-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-cloud-tools-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 No subscription required linux-modules-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-cloud-tools-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-image-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-modules-5.15.0-56-lowlatency-64k - 5.15.0-56.62~20.04.1 linux-modules-extra-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-image-5.15.0-56-generic-lpae - 5.15.0-56.62~20.04.1 linux-headers-5.15.0-56-generic-64k - 5.15.0-56.62~20.04.1 linux-hwe-5.15-tools-5.15.0-56 - 5.15.0-56.62~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-56.62~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-56.62~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-56.62~20.04.1 linux-modules-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-buildinfo-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-headers-5.15.0-56-generic-lpae - 5.15.0-56.62~20.04.1 linux-buildinfo-5.15.0-56-generic-64k - 5.15.0-56.62~20.04.1 linux-modules-5.15.0-56-generic-64k - 5.15.0-56.62~20.04.1 linux-tools-5.15.0-56-generic-lpae - 5.15.0-56.62~20.04.1 linux-buildinfo-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-image-unsigned-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-56.62~20.04.1 linux-image-5.15.0-56-lowlatency-64k - 5.15.0-56.62~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-56 - 5.15.0-56.62~20.04.1 linux-image-unsigned-5.15.0-56-generic-64k - 5.15.0-56.62~20.04.1 linux-cloud-tools-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-buildinfo-5.15.0-56-generic-lpae - 5.15.0-56.62~20.04.1 linux-tools-5.15.0-56-generic-64k - 5.15.0-56.62~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-56 - 5.15.0-56.62~20.04.1 linux-tools-5.15.0-56-lowlatency-64k - 5.15.0-56.62~20.04.1 linux-buildinfo-5.15.0-56-lowlatency-64k - 5.15.0-56.62~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-56.62~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-56 - 5.15.0-56.62~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-56 - 5.15.0-56.62~20.04.1 linux-modules-iwlwifi-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-tools-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-headers-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-56.62~20.04.1 linux-image-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-headers-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-image-unsigned-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-tools-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-modules-iwlwifi-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-hwe-5.15-headers-5.15.0-56 - 5.15.0-56.62~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-56.62~20.04.1 linux-image-unsigned-5.15.0-56-lowlatency-64k - 5.15.0-56.62~20.04.1 linux-headers-5.15.0-56-lowlatency-64k - 5.15.0-56.62~20.04.1 linux-image-5.15.0-56-generic-64k - 5.15.0-56.62~20.04.1 linux-modules-5.15.0-56-generic-lpae - 5.15.0-56.62~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1025.31~20.04.1 linux-tools-oracle - 5.15.0.1025.31~20.04.1 linux-tools-oracle-edge - 5.15.0.1025.31~20.04.1 linux-oracle-edge - 5.15.0.1025.31~20.04.1 linux-image-oracle-edge - 5.15.0.1025.31~20.04.1 linux-headers-oracle-edge - 5.15.0.1025.31~20.04.1 linux-image-oracle - 5.15.0.1025.31~20.04.1 linux-oracle - 5.15.0.1025.31~20.04.1 No subscription required linux-headers-aws - 5.15.0.1026.30~20.04.16 linux-image-aws - 5.15.0.1026.30~20.04.16 linux-modules-extra-aws-edge - 5.15.0.1026.30~20.04.16 linux-image-aws-edge - 5.15.0.1026.30~20.04.16 linux-aws-edge - 5.15.0.1026.30~20.04.16 linux-aws - 5.15.0.1026.30~20.04.16 linux-tools-aws - 5.15.0.1026.30~20.04.16 linux-headers-aws-edge - 5.15.0.1026.30~20.04.16 linux-modules-extra-aws - 5.15.0.1026.30~20.04.16 linux-tools-aws-edge - 5.15.0.1026.30~20.04.16 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-headers-lowlatency-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-image-lowlatency-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-lowlatency-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-lowlatency-64k-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-tools-lowlatency-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-lowlatency-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.56.62~20.04.20 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-image-virtual-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-headers-virtual-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-headers-generic-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-image-virtual-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-extra-virtual-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-virtual-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-headers-generic-64k-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-generic-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-generic-lpae-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-generic-64k-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-virtual-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-tools-generic-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-generic-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-generic-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-generic-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-generic-lpae-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-tools-generic-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-headers-generic-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-generic-lpae-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-tools-virtual-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-tools-generic-64k-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-tools-virtual-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-generic-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-generic-64k-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-headers-virtual-hwe-20.04 - 5.15.0.56.62~20.04.22 No subscription required High CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 CVE-2022-43945 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5755-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-headers-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-gke-5.15-headers-5.15.0-1023 - 5.15.0-1023.28~20.04.2 linux-buildinfo-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-modules-iwlwifi-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-modules-extra-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-image-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-gke-5.15-tools-5.15.0-1023 - 5.15.0-1023.28~20.04.2 linux-tools-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-image-unsigned-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 No subscription required linux-headers-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-image-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-modules-iwlwifi-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-gcp-5.15-tools-5.15.0-1025 - 5.15.0-1025.32~20.04.2 linux-tools-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-image-unsigned-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-gcp-5.15-headers-5.15.0-1025 - 5.15.0-1025.32~20.04.2 linux-buildinfo-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-modules-extra-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-modules-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 No subscription required linux-tools-gke-edge - 5.15.0.1023.28~20.04.1 linux-gke-edge - 5.15.0.1023.28~20.04.1 linux-headers-gke-5.15 - 5.15.0.1023.28~20.04.1 linux-tools-gke-5.15 - 5.15.0.1023.28~20.04.1 linux-headers-gke-edge - 5.15.0.1023.28~20.04.1 linux-image-gke-edge - 5.15.0.1023.28~20.04.1 linux-gke-5.15 - 5.15.0.1023.28~20.04.1 linux-image-gke-5.15 - 5.15.0.1023.28~20.04.1 No subscription required linux-tools-gcp-edge - 5.15.0.1025.32~20.04.1 linux-tools-gcp - 5.15.0.1025.32~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1025.32~20.04.1 linux-headers-gcp-edge - 5.15.0.1025.32~20.04.1 linux-gcp - 5.15.0.1025.32~20.04.1 linux-headers-gcp - 5.15.0.1025.32~20.04.1 linux-image-gcp-edge - 5.15.0.1025.32~20.04.1 linux-image-gcp - 5.15.0.1025.32~20.04.1 linux-modules-extra-gcp - 5.15.0.1025.32~20.04.1 linux-gcp-edge - 5.15.0.1025.32~20.04.1 No subscription required High CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 CVE-2022-43945 Ubuntu 20.04 LTS Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5756-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1040-ibm - 5.4.0-1040.45 linux-modules-5.4.0-1040-ibm - 5.4.0-1040.45 linux-image-unsigned-5.4.0-1040-ibm - 5.4.0-1040.45 linux-tools-5.4.0-1040-ibm - 5.4.0-1040.45 linux-ibm-source-5.4.0 - 5.4.0-1040.45 linux-ibm-tools-common - 5.4.0-1040.45 linux-ibm-cloud-tools-common - 5.4.0-1040.45 linux-buildinfo-5.4.0-1040-ibm - 5.4.0-1040.45 linux-ibm-headers-5.4.0-1040 - 5.4.0-1040.45 linux-headers-5.4.0-1040-ibm - 5.4.0-1040.45 linux-modules-extra-5.4.0-1040-ibm - 5.4.0-1040.45 linux-ibm-tools-5.4.0-1040 - 5.4.0-1040.45 No subscription required linux-modules-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-image-unsigned-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-gkeop-source-5.4.0 - 5.4.0-1060.64 linux-gkeop-headers-5.4.0-1060 - 5.4.0-1060.64 linux-gkeop-tools-5.4.0-1060 - 5.4.0-1060.64 linux-image-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-cloud-tools-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-headers-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-modules-extra-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-tools-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-buildinfo-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-gkeop-cloud-tools-5.4.0-1060 - 5.4.0-1060.64 No subscription required linux-modules-5.4.0-1077-raspi - 5.4.0-1077.88 linux-headers-5.4.0-1077-raspi - 5.4.0-1077.88 linux-raspi-headers-5.4.0-1077 - 5.4.0-1077.88 linux-tools-5.4.0-1077-raspi - 5.4.0-1077.88 linux-buildinfo-5.4.0-1077-raspi - 5.4.0-1077.88 linux-raspi-tools-5.4.0-1077 - 5.4.0-1077.88 linux-image-5.4.0-1077-raspi - 5.4.0-1077.88 No subscription required linux-image-5.4.0-1082-kvm - 5.4.0-1082.88 linux-buildinfo-5.4.0-1082-kvm - 5.4.0-1082.88 linux-kvm-headers-5.4.0-1082 - 5.4.0-1082.88 linux-modules-5.4.0-1082-kvm - 5.4.0-1082.88 linux-kvm-tools-5.4.0-1082 - 5.4.0-1082.88 linux-image-unsigned-5.4.0-1082-kvm - 5.4.0-1082.88 linux-tools-5.4.0-1082-kvm - 5.4.0-1082.88 linux-headers-5.4.0-1082-kvm - 5.4.0-1082.88 No subscription required linux-oracle-headers-5.4.0-1090 - 5.4.0-1090.99 linux-modules-extra-5.4.0-1090-oracle - 5.4.0-1090.99 linux-buildinfo-5.4.0-1090-oracle - 5.4.0-1090.99 linux-headers-5.4.0-1090-oracle - 5.4.0-1090.99 linux-image-unsigned-5.4.0-1090-oracle - 5.4.0-1090.99 linux-tools-5.4.0-1090-oracle - 5.4.0-1090.99 linux-oracle-tools-5.4.0-1090 - 5.4.0-1090.99 linux-modules-5.4.0-1090-oracle - 5.4.0-1090.99 linux-image-5.4.0-1090-oracle - 5.4.0-1090.99 No subscription required linux-headers-5.4.0-1092-aws - 5.4.0-1092.100 linux-buildinfo-5.4.0-1092-aws - 5.4.0-1092.100 linux-aws-cloud-tools-5.4.0-1092 - 5.4.0-1092.100 linux-cloud-tools-5.4.0-1092-aws - 5.4.0-1092.100 linux-image-unsigned-5.4.0-1092-aws - 5.4.0-1092.100 linux-aws-tools-5.4.0-1092 - 5.4.0-1092.100 linux-image-5.4.0-1092-aws - 5.4.0-1092.100 linux-tools-5.4.0-1092-aws - 5.4.0-1092.100 linux-modules-5.4.0-1092-aws - 5.4.0-1092.100 linux-modules-extra-5.4.0-1092-aws - 5.4.0-1092.100 linux-aws-headers-5.4.0-1092 - 5.4.0-1092.100 No subscription required linux-modules-extra-5.4.0-1096-gcp - 5.4.0-1096.105 linux-image-5.4.0-1096-gcp - 5.4.0-1096.105 linux-gcp-tools-5.4.0-1096 - 5.4.0-1096.105 linux-modules-5.4.0-1096-gcp - 5.4.0-1096.105 linux-buildinfo-5.4.0-1096-gcp - 5.4.0-1096.105 linux-image-unsigned-5.4.0-1096-gcp - 5.4.0-1096.105 linux-headers-5.4.0-1096-gcp - 5.4.0-1096.105 linux-tools-5.4.0-1096-gcp - 5.4.0-1096.105 linux-gcp-headers-5.4.0-1096 - 5.4.0-1096.105 No subscription required linux-tools-common - 5.4.0-135.152 linux-headers-5.4.0-135-generic - 5.4.0-135.152 linux-tools-host - 5.4.0-135.152 linux-doc - 5.4.0-135.152 linux-image-unsigned-5.4.0-135-lowlatency - 5.4.0-135.152 linux-cloud-tools-5.4.0-135-generic - 5.4.0-135.152 linux-modules-extra-5.4.0-135-generic - 5.4.0-135.152 linux-image-5.4.0-135-generic - 5.4.0-135.152 linux-tools-5.4.0-135-generic - 5.4.0-135.152 linux-libc-dev - 5.4.0-135.152 linux-source-5.4.0 - 5.4.0-135.152 linux-image-5.4.0-135-lowlatency - 5.4.0-135.152 linux-cloud-tools-5.4.0-135 - 5.4.0-135.152 linux-cloud-tools-5.4.0-135-lowlatency - 5.4.0-135.152 linux-tools-5.4.0-135 - 5.4.0-135.152 linux-tools-5.4.0-135-generic-lpae - 5.4.0-135.152 linux-headers-5.4.0-135-lowlatency - 5.4.0-135.152 linux-modules-5.4.0-135-lowlatency - 5.4.0-135.152 linux-modules-5.4.0-135-generic-lpae - 5.4.0-135.152 linux-buildinfo-5.4.0-135-generic - 5.4.0-135.152 linux-headers-5.4.0-135-generic-lpae - 5.4.0-135.152 linux-tools-5.4.0-135-lowlatency - 5.4.0-135.152 linux-cloud-tools-common - 5.4.0-135.152 linux-image-5.4.0-135-generic-lpae - 5.4.0-135.152 linux-buildinfo-5.4.0-135-lowlatency - 5.4.0-135.152 linux-modules-5.4.0-135-generic - 5.4.0-135.152 linux-headers-5.4.0-135 - 5.4.0-135.152 linux-buildinfo-5.4.0-135-generic-lpae - 5.4.0-135.152 linux-image-unsigned-5.4.0-135-generic - 5.4.0-135.152 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1040.66 linux-image-ibm - 5.4.0.1040.66 linux-headers-ibm-lts-20.04 - 5.4.0.1040.66 linux-tools-ibm - 5.4.0.1040.66 linux-image-ibm-lts-20.04 - 5.4.0.1040.66 linux-ibm-lts-20.04 - 5.4.0.1040.66 linux-modules-extra-ibm - 5.4.0.1040.66 linux-ibm - 5.4.0.1040.66 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1040.66 linux-headers-ibm - 5.4.0.1040.66 No subscription required linux-headers-gkeop - 5.4.0.1060.58 linux-cloud-tools-gkeop-5.4 - 5.4.0.1060.58 linux-image-gkeop - 5.4.0.1060.58 linux-modules-extra-gkeop-5.4 - 5.4.0.1060.58 linux-gkeop-5.4 - 5.4.0.1060.58 linux-image-gkeop-5.4 - 5.4.0.1060.58 linux-gkeop - 5.4.0.1060.58 linux-cloud-tools-gkeop - 5.4.0.1060.58 linux-headers-gkeop-5.4 - 5.4.0.1060.58 linux-modules-extra-gkeop - 5.4.0.1060.58 linux-tools-gkeop - 5.4.0.1060.58 linux-tools-gkeop-5.4 - 5.4.0.1060.58 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1077.107 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1077.107 linux-headers-raspi2 - 5.4.0.1077.107 linux-image-raspi-hwe-18.04 - 5.4.0.1077.107 linux-image-raspi2-hwe-18.04 - 5.4.0.1077.107 linux-tools-raspi - 5.4.0.1077.107 linux-headers-raspi-hwe-18.04 - 5.4.0.1077.107 linux-headers-raspi2-hwe-18.04 - 5.4.0.1077.107 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1077.107 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1077.107 linux-headers-raspi - 5.4.0.1077.107 linux-image-raspi-hwe-18.04-edge - 5.4.0.1077.107 linux-raspi-hwe-18.04 - 5.4.0.1077.107 linux-tools-raspi2-hwe-18.04 - 5.4.0.1077.107 linux-raspi2-hwe-18.04 - 5.4.0.1077.107 linux-image-raspi2 - 5.4.0.1077.107 linux-tools-raspi-hwe-18.04 - 5.4.0.1077.107 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1077.107 linux-raspi-hwe-18.04-edge - 5.4.0.1077.107 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1077.107 linux-image-raspi - 5.4.0.1077.107 linux-raspi2 - 5.4.0.1077.107 linux-tools-raspi2 - 5.4.0.1077.107 linux-raspi - 5.4.0.1077.107 No subscription required linux-kvm - 5.4.0.1082.76 linux-headers-kvm - 5.4.0.1082.76 linux-image-kvm - 5.4.0.1082.76 linux-tools-kvm - 5.4.0.1082.76 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1090.84 linux-headers-oracle-lts-20.04 - 5.4.0.1090.84 linux-oracle-lts-20.04 - 5.4.0.1090.84 linux-image-oracle-lts-20.04 - 5.4.0.1090.84 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1092.89 linux-image-aws-lts-20.04 - 5.4.0.1092.89 linux-headers-aws-lts-20.04 - 5.4.0.1092.89 linux-tools-aws-lts-20.04 - 5.4.0.1092.89 linux-aws-lts-20.04 - 5.4.0.1092.89 No subscription required linux-gcp-lts-20.04 - 5.4.0.1096.98 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1096.98 linux-headers-gcp-lts-20.04 - 5.4.0.1096.98 linux-image-gcp-lts-20.04 - 5.4.0.1096.98 linux-tools-gcp-lts-20.04 - 5.4.0.1096.98 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.135.133 linux-cloud-tools-virtual - 5.4.0.135.133 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.135.133 linux-headers-generic-lpae - 5.4.0.135.133 linux-image-virtual - 5.4.0.135.133 linux-oem-osp1-tools-host - 5.4.0.135.133 linux-image-generic - 5.4.0.135.133 linux-tools-lowlatency - 5.4.0.135.133 linux-image-oem - 5.4.0.135.133 linux-headers-lowlatency-hwe-18.04 - 5.4.0.135.133 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.135.133 linux-image-extra-virtual-hwe-18.04 - 5.4.0.135.133 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.135.133 linux-oem - 5.4.0.135.133 linux-image-oem-osp1 - 5.4.0.135.133 linux-image-generic-hwe-18.04 - 5.4.0.135.133 linux-image-generic-lpae-hwe-18.04 - 5.4.0.135.133 linux-crashdump - 5.4.0.135.133 linux-tools-lowlatency-hwe-18.04 - 5.4.0.135.133 linux-headers-generic-hwe-18.04 - 5.4.0.135.133 linux-headers-virtual-hwe-18.04-edge - 5.4.0.135.133 linux-source - 5.4.0.135.133 linux-lowlatency - 5.4.0.135.133 linux-tools-virtual-hwe-18.04-edge - 5.4.0.135.133 linux-tools-generic-lpae - 5.4.0.135.133 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.135.133 linux-cloud-tools-generic - 5.4.0.135.133 linux-virtual - 5.4.0.135.133 linux-tools-virtual - 5.4.0.135.133 linux-virtual-hwe-18.04 - 5.4.0.135.133 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.135.133 linux-headers-virtual - 5.4.0.135.133 linux-generic-lpae-hwe-18.04-edge - 5.4.0.135.133 linux-lowlatency-hwe-18.04-edge - 5.4.0.135.133 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.135.133 linux-generic-lpae - 5.4.0.135.133 linux-headers-oem - 5.4.0.135.133 linux-generic - 5.4.0.135.133 linux-tools-oem-osp1 - 5.4.0.135.133 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.135.133 linux-tools-generic-hwe-18.04-edge - 5.4.0.135.133 linux-tools-generic - 5.4.0.135.133 linux-headers-virtual-hwe-18.04 - 5.4.0.135.133 linux-image-virtual-hwe-18.04 - 5.4.0.135.133 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.135.133 linux-cloud-tools-lowlatency - 5.4.0.135.133 linux-image-generic-hwe-18.04-edge - 5.4.0.135.133 linux-generic-hwe-18.04-edge - 5.4.0.135.133 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.135.133 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.135.133 linux-image-extra-virtual - 5.4.0.135.133 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.135.133 linux-oem-tools-host - 5.4.0.135.133 linux-tools-oem - 5.4.0.135.133 linux-headers-oem-osp1 - 5.4.0.135.133 linux-generic-lpae-hwe-18.04 - 5.4.0.135.133 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.135.133 linux-headers-generic-hwe-18.04-edge - 5.4.0.135.133 linux-headers-generic - 5.4.0.135.133 linux-oem-osp1 - 5.4.0.135.133 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.135.133 linux-headers-lowlatency - 5.4.0.135.133 linux-tools-virtual-hwe-18.04 - 5.4.0.135.133 linux-image-lowlatency-hwe-18.04 - 5.4.0.135.133 linux-virtual-hwe-18.04-edge - 5.4.0.135.133 linux-lowlatency-hwe-18.04 - 5.4.0.135.133 linux-generic-hwe-18.04 - 5.4.0.135.133 linux-image-generic-lpae - 5.4.0.135.133 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.135.133 linux-image-lowlatency - 5.4.0.135.133 linux-tools-generic-hwe-18.04 - 5.4.0.135.133 linux-image-virtual-hwe-18.04-edge - 5.4.0.135.133 No subscription required High CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 Ubuntu 20.04 LTS Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5756-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1090-gke - 5.4.0-1090.97 linux-headers-5.4.0-1090-gke - 5.4.0-1090.97 linux-gke-headers-5.4.0-1090 - 5.4.0-1090.97 linux-gke-tools-5.4.0-1090 - 5.4.0-1090.97 linux-image-5.4.0-1090-gke - 5.4.0-1090.97 linux-buildinfo-5.4.0-1090-gke - 5.4.0-1090.97 linux-modules-extra-5.4.0-1090-gke - 5.4.0-1090.97 linux-tools-5.4.0-1090-gke - 5.4.0-1090.97 linux-modules-5.4.0-1090-gke - 5.4.0-1090.97 No subscription required linux-modules-extra-gke - 5.4.0.1090.95 linux-image-gke - 5.4.0.1090.95 linux-gke-5.4 - 5.4.0.1090.95 linux-headers-gke-5.4 - 5.4.0.1090.95 linux-image-gke-5.4 - 5.4.0.1090.95 linux-tools-gke-5.4 - 5.4.0.1090.95 linux-modules-extra-gke-5.4 - 5.4.0.1090.95 linux-headers-gke - 5.4.0.1090.95 linux-gke - 5.4.0.1090.95 linux-tools-gke - 5.4.0.1090.95 No subscription required High CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 Ubuntu 20.04 LTS Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5756-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-headers-5.4.0-1098 - 5.4.0-1098.104 linux-image-5.4.0-1098-azure - 5.4.0-1098.104 linux-modules-extra-5.4.0-1098-azure - 5.4.0-1098.104 linux-modules-5.4.0-1098-azure - 5.4.0-1098.104 linux-cloud-tools-5.4.0-1098-azure - 5.4.0-1098.104 linux-image-unsigned-5.4.0-1098-azure - 5.4.0-1098.104 linux-headers-5.4.0-1098-azure - 5.4.0-1098.104 linux-azure-cloud-tools-5.4.0-1098 - 5.4.0-1098.104 linux-tools-5.4.0-1098-azure - 5.4.0-1098.104 linux-buildinfo-5.4.0-1098-azure - 5.4.0-1098.104 linux-azure-tools-5.4.0-1098 - 5.4.0-1098.104 No subscription required linux-tools-azure-lts-20.04 - 5.4.0.1098.92 linux-modules-extra-azure-lts-20.04 - 5.4.0.1098.92 linux-image-azure-lts-20.04 - 5.4.0.1098.92 linux-azure-lts-20.04 - 5.4.0.1098.92 linux-headers-azure-lts-20.04 - 5.4.0.1098.92 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1098.92 No subscription required High CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 Ubuntu 20.04 LTS USN-5759-1 fixed vulnerabilities in LibBPF. This update provides the corresponding updates for Ubuntu 20.04 ESM. Original advisory details: It was discovered that LibBPF incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause LibBPF to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.10. (CVE-2021-45940, CVE-2021-45941, CVE-2022-3533) It was discovered that LibBPF incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause LibBPF to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-3534, CVE-2022-3606) Update Instructions: Run `sudo pro fix USN-5759-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbpf-dev - 1:0.5.0-1~ubuntu20.04.1+esm1 libbpf0 - 1:0.5.0-1~ubuntu20.04.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-3534 CVE-2022-3606 Ubuntu 20.04 LTS It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash. (CVE-2022-2309) It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information or cause a crash. (CVE-2022-40303) It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-40304) Update Instructions: Run `sudo pro fix USN-5760-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.5 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.5 libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.5 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.5 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.5 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.5 No subscription required Medium CVE-2022-2309 CVE-2022-40303 CVE-2022-40304 Ubuntu 20.04 LTS Due to security concerns, the TrustCor certificate authority has been marked as distrusted in Mozilla's root store. This update removes the TrustCor CA certificates from the ca-certificates package. Update Instructions: Run `sudo pro fix USN-5761-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates - 20211016ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1998785 Ubuntu 20.04 LTS It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5762-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils-dev - 2.34-6ubuntu1.4 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.4 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.4 binutils-ia64-linux-gnu - 2.34-6ubuntu1.4 binutils-multiarch - 2.34-6ubuntu1.4 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.4 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.4 binutils-m68k-linux-gnu - 2.34-6ubuntu1.4 binutils-for-build - 2.34-6ubuntu1.4 binutils-s390x-linux-gnu - 2.34-6ubuntu1.4 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.4 binutils-multiarch-dev - 2.34-6ubuntu1.4 binutils-for-host - 2.34-6ubuntu1.4 libctf-nobfd0 - 2.34-6ubuntu1.4 binutils-i686-gnu - 2.34-6ubuntu1.4 binutils-doc - 2.34-6ubuntu1.4 binutils-sh4-linux-gnu - 2.34-6ubuntu1.4 libctf0 - 2.34-6ubuntu1.4 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.4 binutils-source - 2.34-6ubuntu1.4 binutils-i686-linux-gnu - 2.34-6ubuntu1.4 binutils-common - 2.34-6ubuntu1.4 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.4 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.4 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.4 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.4 binutils-hppa-linux-gnu - 2.34-6ubuntu1.4 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.4 libbinutils - 2.34-6ubuntu1.4 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.4 binutils-alpha-linux-gnu - 2.34-6ubuntu1.4 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.4 binutils - 2.34-6ubuntu1.4 No subscription required Medium CVE-2022-38533 Ubuntu 20.04 LTS It was discovered that NumPy did not properly manage memory when specifying arrays of large dimensions. If a user were tricked into running malicious Python file, an attacker could cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-33430) It was discovered that NumPy did not properly perform string comparison operations under certain circumstances. An attacker could possibly use this issue to cause NumPy to crash, resulting in a denial of service. (CVE-2021-34141) It was discovered that NumPy did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause NumPy to crash, resulting in a denial of service. (CVE-2021-41495, CVE-2021-41496) Update Instructions: Run `sudo pro fix USN-5763-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-numpy-doc - 1:1.17.4-5ubuntu3.1 python3-numpy - 1:1.17.4-5ubuntu3.1 No subscription required Medium CVE-2021-33430 CVE-2021-34141 CVE-2021-41495 CVE-2021-41496 Ubuntu 20.04 LTS It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-2347) Nicolas Bidron and Nicolas Guigo discovered that U-Boot incorrectly handled certain fragmented IP packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-30552, CVE-2022-30790) It was discovered that U-Boot incorrectly handled certain NFS lookup replies. A remote attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-30767) Jincheng Wang discovered that U-Boot incorrectly handled certain SquashFS structures. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-33103) Tatsuhiko Yasumatsu discovered that U-Boot incorrectly handled certain SquashFS structures. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-33967) It was discovered that U-Boot incorrectly handled the i2c command. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-34835) Update Instructions: Run `sudo pro fix USN-5764-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: u-boot - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-qemu - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-sifive - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-amlogic - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-tools - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-imx - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-tegra - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-sunxi - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-qcom - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-rpi - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-omap - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-mvebu - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-rockchip - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-exynos - 2021.01+dfsg-3ubuntu0~20.04.5 No subscription required Medium CVE-2022-2347 CVE-2022-30552 CVE-2022-30767 CVE-2022-30790 CVE-2022-33103 CVE-2022-33967 CVE-2022-34835 Ubuntu 20.04 LTS It was discovered that Heimdal did not properly manage memory when normalizing Unicode. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5766-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhcrypto4-heimdal - 7.7.0+dfsg-1ubuntu1.2 libwind0-heimdal - 7.7.0+dfsg-1ubuntu1.2 libroken18-heimdal - 7.7.0+dfsg-1ubuntu1.2 libgssapi3-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-kcm - 7.7.0+dfsg-1ubuntu1.2 libhdb9-heimdal - 7.7.0+dfsg-1ubuntu1.2 libasn1-8-heimdal - 7.7.0+dfsg-1ubuntu1.2 libsl0-heimdal - 7.7.0+dfsg-1ubuntu1.2 libkadm5clnt7-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-kdc - 7.7.0+dfsg-1ubuntu1.2 libkdc2-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-servers - 7.7.0+dfsg-1ubuntu1.2 libheimntlm0-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-docs - 7.7.0+dfsg-1ubuntu1.2 libheimbase1-heimdal - 7.7.0+dfsg-1ubuntu1.2 libkrb5-26-heimdal - 7.7.0+dfsg-1ubuntu1.2 libotp0-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-dev - 7.7.0+dfsg-1ubuntu1.2 libkafs0-heimdal - 7.7.0+dfsg-1ubuntu1.2 libhx509-5-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-multidev - 7.7.0+dfsg-1ubuntu1.2 libkadm5srv8-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-clients - 7.7.0+dfsg-1ubuntu1.2 No subscription required Medium CVE-2022-41916 Ubuntu 20.04 LTS Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-37454) It was discovered that Python incorrectly handled certain IDNA inputs. An attacker could possibly use this issue to expose sensitive information denial of service, or cause a crash. (CVE-2022-45061) Update Instructions: Run `sudo pro fix USN-5767-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.10-0ubuntu1~20.04.6 python3.8-full - 3.8.10-0ubuntu1~20.04.6 python3.8-examples - 3.8.10-0ubuntu1~20.04.6 python3.8-dev - 3.8.10-0ubuntu1~20.04.6 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.6 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.6 python3.8-venv - 3.8.10-0ubuntu1~20.04.6 libpython3.8 - 3.8.10-0ubuntu1~20.04.6 idle-python3.8 - 3.8.10-0ubuntu1~20.04.6 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.6 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.6 python3.8 - 3.8.10-0ubuntu1~20.04.6 python3.8-doc - 3.8.10-0ubuntu1~20.04.6 No subscription required Medium CVE-2022-37454 CVE-2022-45061 Ubuntu 20.04 LTS It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2021-3682) It was discovered that QEMU did not properly manage memory when it transfers the USB packets. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2021-3750) It was discovered that the QEMU SCSI device emulation incorrectly handled certain MODE SELECT commands. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2021-3930) It was discovered that QEMU did not properly manage memory when it processing repeated messages to cancel the current SCSI request. A malicious privileged guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2022-0216) It was discovered that QEMU did not properly manage memory when it using Tulip device emulation. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 22.10. (CVE-2022-2962) It was discovered that QEMU did not properly manage memory when processing ClientCutText messages. A attacker could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3165) Update Instructions: Run `sudo pro fix USN-5772-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-common - 1:4.2-3ubuntu6.24 qemu-user-static - 1:4.2-3ubuntu6.24 qemu-system-s390x - 1:4.2-3ubuntu6.24 qemu-block-extra - 1:4.2-3ubuntu6.24 qemu-system-misc - 1:4.2-3ubuntu6.24 qemu-user - 1:4.2-3ubuntu6.24 qemu-system-gui - 1:4.2-3ubuntu6.24 qemu-guest-agent - 1:4.2-3ubuntu6.24 qemu - 1:4.2-3ubuntu6.24 qemu-system - 1:4.2-3ubuntu6.24 qemu-utils - 1:4.2-3ubuntu6.24 qemu-system-data - 1:4.2-3ubuntu6.24 qemu-kvm - 1:4.2-3ubuntu6.24 qemu-user-binfmt - 1:4.2-3ubuntu6.24 qemu-system-x86 - 1:4.2-3ubuntu6.24 qemu-system-arm - 1:4.2-3ubuntu6.24 qemu-system-sparc - 1:4.2-3ubuntu6.24 qemu-system-x86-microvm - 1:4.2-3ubuntu6.24 qemu-system-ppc - 1:4.2-3ubuntu6.24 qemu-system-mips - 1:4.2-3ubuntu6.24 qemu-system-x86-xen - 1:4.2-3ubuntu6.24 No subscription required Medium CVE-2021-3682 CVE-2021-3750 CVE-2021-3930 CVE-2022-0216 CVE-2022-2962 CVE-2022-3165 Ubuntu 20.04 LTS It was discovered that containerd incorrectly handled memory when receiving certain faulty Exec or ExecSync commands. A remote attacker could possibly use this issue to cause a denial of service or crash containerd. (CVE-2022-23471, CVE-2022-31030) It was discovered that containerd incorrectly set up inheritable file capabilities. An attacker could possibly use this issue to escalate privileges inside a container. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-24769) It was discovered that containerd incorrectly handled access to encrypted container images when using imgcrypt library. A remote attacker could possibly use this issue to access encrypted images from other users. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-24778) Update Instructions: Run `sudo pro fix USN-5776-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.5.9-0ubuntu1~20.04.6 golang-github-containerd-containerd-dev - 1.5.9-0ubuntu1~20.04.6 No subscription required Medium CVE-2022-23471 CVE-2022-24769 CVE-2022-24778 CVE-2022-31030 Ubuntu 20.04 LTS It was discovered that Pillow incorrectly handled the deletion of temporary files when using a temporary directory that contains spaces. An attacker could possibly use this issue to delete arbitrary files. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-24303) It was discovered that Pillow incorrectly handled the decompression of highly compressed GIF data. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. (CVE-2022-45198) Update Instructions: Run `sudo pro fix USN-5777-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.7 python-pil-doc - 7.0.0-4ubuntu0.7 python3-pil - 7.0.0-4ubuntu0.7 No subscription required Low CVE-2022-24303 CVE-2022-45198 Ubuntu 20.04 LTS USN-5777-1 fixed vulnerabilities in Pillow (Python 3). This update provides the corresponding updates for Pillow (Python 2) in Ubuntu 20.04 LTS. Original advisory details: It was discovered that Pillow incorrectly handled the deletion of temporary files when using a temporary directory that contains spaces. An attacker could possibly use this issue to delete arbitrary files. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-24303) It was discovered that Pillow incorrectly handled the decompression of highly compressed GIF data. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. (CVE-2022-45198) Update Instructions: Run `sudo pro fix USN-5777-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pil - 6.2.1-3ubuntu0.1~esm1 python-pil.imagetk - 6.2.1-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Low CVE-2022-24303 CVE-2022-45198 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges. Update Instructions: Run `sudo pro fix USN-5778-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.5 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.5 xwayland - 2:1.20.13-1ubuntu1~20.04.5 xdmx - 2:1.20.13-1ubuntu1~20.04.5 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.5 xvfb - 2:1.20.13-1ubuntu1~20.04.5 xnest - 2:1.20.13-1ubuntu1~20.04.5 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.5 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.5 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.5 xserver-common - 2:1.20.13-1ubuntu1~20.04.5 No subscription required Medium CVE-2022-4283 CVE-2022-46340 CVE-2022-46341 CVE-2022-46342 CVE-2022-46343 CVE-2022-46344 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5779-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-azure-5.15-headers-5.15.0-1029 - 5.15.0-1029.36~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1029 - 5.15.0-1029.36~20.04.1 linux-image-unsigned-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-headers-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-buildinfo-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-tools-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-azure-5.15-tools-5.15.0-1029 - 5.15.0-1029.36~20.04.1 linux-image-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-modules-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-modules-extra-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 No subscription required linux-tools-azure-edge - 5.15.0.1029.36~20.04.19 linux-azure - 5.15.0.1029.36~20.04.19 linux-image-azure - 5.15.0.1029.36~20.04.19 linux-cloud-tools-azure - 5.15.0.1029.36~20.04.19 linux-cloud-tools-azure-edge - 5.15.0.1029.36~20.04.19 linux-tools-azure - 5.15.0.1029.36~20.04.19 linux-headers-azure-edge - 5.15.0.1029.36~20.04.19 linux-image-azure-edge - 5.15.0.1029.36~20.04.19 linux-modules-extra-azure - 5.15.0.1029.36~20.04.19 linux-azure-edge - 5.15.0.1029.36~20.04.19 linux-modules-extra-azure-edge - 5.15.0.1029.36~20.04.19 linux-headers-azure - 5.15.0.1029.36~20.04.19 No subscription required High CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 CVE-2022-43945 Ubuntu 20.04 LTS It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Firefox. (CVE-2022-46871) Nika Layzell discovered that Firefox was not performing a check on paste received from cross-processes. An attacker could potentially exploit this to obtain sensitive information. (CVE-2022-46872) Pete Freitag discovered that Firefox did not implement the unsafe-hashes CSP directive. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script. (CVE-2022-46873) Matthias Zoellner discovered that Firefox was not keeping the filename ending intact when using the drag-and-drop event. An attacker could possibly use this issue to add a file with a malicious extension, leading to execute arbitrary code. (CVE-2022-46874) Hafiizh discovered that Firefox was not handling fullscreen notifications when the browser window goes into fullscreen mode. An attacker could possibly use this issue to spoof the user and obtain sensitive information. (CVE-2022-46877) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2022-46878, CVE-2022-46879) Update Instructions: Run `sudo pro fix USN-5782-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 108.0+build2-0ubuntu0.20.04.1 firefox - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 108.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 108.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 108.0+build2-0ubuntu0.20.04.1 firefox-dev - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 108.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-46871 CVE-2022-46872 CVE-2022-46873 CVE-2022-46874 CVE-2022-46877 CVE-2022-46878 CVE-2022-46879 Ubuntu 20.04 LTS USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Firefox. (CVE-2022-46871) Nika Layzell discovered that Firefox was not performing a check on paste received from cross-processes. An attacker could potentially exploit this to obtain sensitive information. (CVE-2022-46872) Pete Freitag discovered that Firefox did not implement the unsafe-hashes CSP directive. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script. (CVE-2022-46873) Matthias Zoellner discovered that Firefox was not keeping the filename ending intact when using the drag-and-drop event. An attacker could possibly use this issue to add a file with a malicious extension, leading to execute arbitrary code. (CVE-2022-46874) Hafiizh discovered that Firefox was not handling fullscreen notifications when the browser window goes into fullscreen mode. An attacker could possibly use this issue to spoof the user and obtain sensitive information. (CVE-2022-46877) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2022-46878, CVE-2022-46879) Update Instructions: Run `sudo pro fix USN-5782-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 108.0.1+build1-0ubuntu0.20.04.1 firefox - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 108.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 108.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 108.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 108.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2001921 Ubuntu 20.04 LTS USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Firefox. (CVE-2022-46871) Nika Layzell discovered that Firefox was not performing a check on paste received from cross-processes. An attacker could potentially exploit this to obtain sensitive information. (CVE-2022-46872) Pete Freitag discovered that Firefox did not implement the unsafe-hashes CSP directive. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script. (CVE-2022-46873) Matthias Zoellner discovered that Firefox was not keeping the filename ending intact when using the drag-and-drop event. An attacker could possibly use this issue to add a file with a malicious extension, leading to execute arbitrary code. (CVE-2022-46874) Hafiizh discovered that Firefox was not handling fullscreen notifications when the browser window goes into fullscreen mode. An attacker could possibly use this issue to spoof the user and obtain sensitive information. (CVE-2022-46877) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2022-46878, CVE-2022-46879) Update Instructions: Run `sudo pro fix USN-5782-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 108.0.2+build1-0ubuntu0.20.04.1 firefox - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 108.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 108.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 108.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 108.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2002377 Ubuntu 20.04 LTS It was discovered that usbredir incorrectly handled memory when serializing large amounts of data in the case of a slow or blocked destination. An attacker could possibly use this issue to cause applications using usbredir to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5784-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libusbredirparser-dev - 0.8.0-1ubuntu0.1 libusbredirhost-dev - 0.8.0-1ubuntu0.1 usbredirserver - 0.8.0-1ubuntu0.1 libusbredirhost1 - 0.8.0-1ubuntu0.1 libusbredirparser1 - 0.8.0-1ubuntu0.1 No subscription required Low CVE-2021-3700 Ubuntu 20.04 LTS It was discovered that FreeRADIUS incorrectly handled multiple EAP-pwd handshakes. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-17185) Shane Guan discovered that FreeRADIUS incorrectly handled memory when checking unknown SIM option sent by EAP-SIM supplicant. An attacker could possibly use this issue to cause a denial of service on the server. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-41860) It was discovered that FreeRADIUS incorrectly handled memory when processing certain abinary attributes. An attacker could possibly use this issue to cause a denial of service on the server. (CVE-2022-41861) Update Instructions: Run `sudo pro fix USN-5785-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freeradius-ldap - 3.0.20+dfsg-3ubuntu0.2 freeradius-redis - 3.0.20+dfsg-3ubuntu0.2 libfreeradius3 - 3.0.20+dfsg-3ubuntu0.2 freeradius-yubikey - 3.0.20+dfsg-3ubuntu0.2 freeradius-memcached - 3.0.20+dfsg-3ubuntu0.2 freeradius-postgresql - 3.0.20+dfsg-3ubuntu0.2 freeradius-mysql - 3.0.20+dfsg-3ubuntu0.2 libfreeradius-dev - 3.0.20+dfsg-3ubuntu0.2 freeradius-dhcp - 3.0.20+dfsg-3ubuntu0.2 freeradius-python3 - 3.0.20+dfsg-3ubuntu0.2 freeradius - 3.0.20+dfsg-3ubuntu0.2 freeradius-iodbc - 3.0.20+dfsg-3ubuntu0.2 freeradius-common - 3.0.20+dfsg-3ubuntu0.2 freeradius-rest - 3.0.20+dfsg-3ubuntu0.2 freeradius-utils - 3.0.20+dfsg-3ubuntu0.2 freeradius-config - 3.0.20+dfsg-3ubuntu0.2 freeradius-krb5 - 3.0.20+dfsg-3ubuntu0.2 No subscription required Medium CVE-2019-17185 CVE-2022-41860 CVE-2022-41861 Ubuntu 20.04 LTS It was discovered that GNOME Files incorrectly handled certain filenames. An attacker could possibly use this issue to cause GNOME Files to crash, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-5786-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nautilus-data - 1:3.36.3-0ubuntu1.20.04.2 gir1.2-nautilus-3.0 - 1:3.36.3-0ubuntu1.20.04.2 nautilus - 1:3.36.3-0ubuntu1.20.04.2 libnautilus-extension-dev - 1:3.36.3-0ubuntu1.20.04.2 libnautilus-extension1a - 1:3.36.3-0ubuntu1.20.04.2 No subscription required Medium CVE-2022-37290 Ubuntu 20.04 LTS It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5787-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libksba-mingw-w64-dev - 1.3.5-2ubuntu0.20.04.2 libksba8 - 1.3.5-2ubuntu0.20.04.2 libksba-dev - 1.3.5-2ubuntu0.20.04.2 No subscription required Medium CVE-2022-47629 Ubuntu 20.04 LTS Hiroki Kurosawa discovered that curl incorrectly handled HSTS support when certain hostnames included IDN characters. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-43551) It was discovered that curl incorrectly handled denials when using HTTP proxies. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-43552) Update Instructions: Run `sudo pro fix USN-5788-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.15 libcurl4-openssl-dev - 7.68.0-1ubuntu2.15 libcurl3-gnutls - 7.68.0-1ubuntu2.15 libcurl4-doc - 7.68.0-1ubuntu2.15 libcurl3-nss - 7.68.0-1ubuntu2.15 libcurl4-nss-dev - 7.68.0-1ubuntu2.15 libcurl4 - 7.68.0-1ubuntu2.15 curl - 7.68.0-1ubuntu2.15 No subscription required Medium CVE-2022-43551 CVE-2022-43552 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Jan Beulich discovered that the Xen network device frontend driver in the Linux kernel incorrectly handled socket buffers (skb) references when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash). (CVE-2022-33743) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5789-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-iwlwifi-5.14.0-1055-oem - 5.14.0-1055.62 linux-tools-5.14.0-1055-oem - 5.14.0-1055.62 linux-oem-5.14-headers-5.14.0-1055 - 5.14.0-1055.62 linux-image-5.14.0-1055-oem - 5.14.0-1055.62 linux-image-unsigned-5.14.0-1055-oem - 5.14.0-1055.62 linux-modules-5.14.0-1055-oem - 5.14.0-1055.62 linux-headers-5.14.0-1055-oem - 5.14.0-1055.62 linux-oem-5.14-tools-5.14.0-1055 - 5.14.0-1055.62 linux-buildinfo-5.14.0-1055-oem - 5.14.0-1055.62 linux-oem-5.14-tools-host - 5.14.0-1055.62 No subscription required linux-image-oem-20.04c - 5.14.0.1055.53 linux-image-oem-20.04b - 5.14.0.1055.53 linux-headers-oem-20.04 - 5.14.0.1055.53 linux-tools-oem-20.04c - 5.14.0.1055.53 linux-tools-oem-20.04b - 5.14.0.1055.53 linux-oem-20.04 - 5.14.0.1055.53 linux-image-oem-20.04 - 5.14.0.1055.53 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1055.53 linux-oem-20.04d - 5.14.0.1055.53 linux-oem-20.04c - 5.14.0.1055.53 linux-oem-20.04b - 5.14.0.1055.53 linux-image-oem-20.04d - 5.14.0.1055.53 linux-tools-oem-20.04d - 5.14.0.1055.53 linux-headers-oem-20.04b - 5.14.0.1055.53 linux-headers-oem-20.04c - 5.14.0.1055.53 linux-headers-oem-20.04d - 5.14.0.1055.53 linux-tools-oem-20.04 - 5.14.0.1055.53 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1055.53 No subscription required High CVE-2022-26365 CVE-2022-33743 CVE-2022-3524 CVE-2022-3564 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 CVE-2022-43945 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Update Instructions: Run `sudo pro fix USN-5791-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1041-ibm - 5.4.0-1041.46 linux-modules-5.4.0-1041-ibm - 5.4.0-1041.46 linux-image-unsigned-5.4.0-1041-ibm - 5.4.0-1041.46 linux-ibm-headers-5.4.0-1041 - 5.4.0-1041.46 linux-modules-extra-5.4.0-1041-ibm - 5.4.0-1041.46 linux-buildinfo-5.4.0-1041-ibm - 5.4.0-1041.46 linux-ibm-source-5.4.0 - 5.4.0-1041.46 linux-ibm-cloud-tools-common - 5.4.0-1041.46 linux-ibm-tools-common - 5.4.0-1041.46 linux-image-5.4.0-1041-ibm - 5.4.0-1041.46 linux-headers-5.4.0-1041-ibm - 5.4.0-1041.46 linux-ibm-tools-5.4.0-1041 - 5.4.0-1041.46 No subscription required linux-tools-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-image-unsigned-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-modules-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-gkeop-source-5.4.0 - 5.4.0-1061.65 linux-cloud-tools-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-gkeop-headers-5.4.0-1061 - 5.4.0-1061.65 linux-gkeop-cloud-tools-5.4.0-1061 - 5.4.0-1061.65 linux-modules-extra-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-buildinfo-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-gkeop-tools-5.4.0-1061 - 5.4.0-1061.65 linux-image-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-headers-5.4.0-1061-gkeop - 5.4.0-1061.65 No subscription required linux-buildinfo-5.4.0-1078-raspi - 5.4.0-1078.89 linux-raspi-headers-5.4.0-1078 - 5.4.0-1078.89 linux-tools-5.4.0-1078-raspi - 5.4.0-1078.89 linux-modules-5.4.0-1078-raspi - 5.4.0-1078.89 linux-raspi-tools-5.4.0-1078 - 5.4.0-1078.89 linux-headers-5.4.0-1078-raspi - 5.4.0-1078.89 linux-image-5.4.0-1078-raspi - 5.4.0-1078.89 No subscription required linux-modules-5.4.0-1083-kvm - 5.4.0-1083.89 linux-kvm-tools-5.4.0-1083 - 5.4.0-1083.89 linux-image-5.4.0-1083-kvm - 5.4.0-1083.89 linux-headers-5.4.0-1083-kvm - 5.4.0-1083.89 linux-tools-5.4.0-1083-kvm - 5.4.0-1083.89 linux-image-unsigned-5.4.0-1083-kvm - 5.4.0-1083.89 linux-buildinfo-5.4.0-1083-kvm - 5.4.0-1083.89 linux-kvm-headers-5.4.0-1083 - 5.4.0-1083.89 No subscription required linux-buildinfo-5.4.0-1091-oracle - 5.4.0-1091.100 linux-oracle-tools-5.4.0-1091 - 5.4.0-1091.100 linux-tools-5.4.0-1091-oracle - 5.4.0-1091.100 linux-headers-5.4.0-1091-oracle - 5.4.0-1091.100 linux-image-unsigned-5.4.0-1091-oracle - 5.4.0-1091.100 linux-modules-extra-5.4.0-1091-oracle - 5.4.0-1091.100 linux-modules-5.4.0-1091-oracle - 5.4.0-1091.100 linux-oracle-headers-5.4.0-1091 - 5.4.0-1091.100 linux-image-5.4.0-1091-oracle - 5.4.0-1091.100 No subscription required linux-gke-tools-5.4.0-1091 - 5.4.0-1091.98 linux-buildinfo-5.4.0-1091-gke - 5.4.0-1091.98 linux-tools-5.4.0-1091-gke - 5.4.0-1091.98 linux-headers-5.4.0-1091-gke - 5.4.0-1091.98 linux-image-5.4.0-1091-gke - 5.4.0-1091.98 linux-modules-extra-5.4.0-1091-gke - 5.4.0-1091.98 linux-modules-5.4.0-1091-gke - 5.4.0-1091.98 linux-gke-headers-5.4.0-1091 - 5.4.0-1091.98 linux-image-unsigned-5.4.0-1091-gke - 5.4.0-1091.98 No subscription required linux-modules-extra-5.4.0-1093-aws - 5.4.0-1093.101 linux-tools-5.4.0-1093-aws - 5.4.0-1093.101 linux-aws-cloud-tools-5.4.0-1093 - 5.4.0-1093.101 linux-cloud-tools-5.4.0-1093-aws - 5.4.0-1093.101 linux-image-5.4.0-1093-aws - 5.4.0-1093.101 linux-headers-5.4.0-1093-aws - 5.4.0-1093.101 linux-buildinfo-5.4.0-1093-aws - 5.4.0-1093.101 linux-image-unsigned-5.4.0-1093-aws - 5.4.0-1093.101 linux-aws-tools-5.4.0-1093 - 5.4.0-1093.101 linux-modules-5.4.0-1093-aws - 5.4.0-1093.101 linux-aws-headers-5.4.0-1093 - 5.4.0-1093.101 No subscription required linux-headers-5.4.0-1097-gcp - 5.4.0-1097.106 linux-gcp-tools-5.4.0-1097 - 5.4.0-1097.106 linux-modules-5.4.0-1097-gcp - 5.4.0-1097.106 linux-buildinfo-5.4.0-1097-gcp - 5.4.0-1097.106 linux-modules-extra-5.4.0-1097-gcp - 5.4.0-1097.106 linux-image-5.4.0-1097-gcp - 5.4.0-1097.106 linux-gcp-headers-5.4.0-1097 - 5.4.0-1097.106 linux-image-unsigned-5.4.0-1097-gcp - 5.4.0-1097.106 linux-tools-5.4.0-1097-gcp - 5.4.0-1097.106 No subscription required linux-tools-common - 5.4.0-136.153 linux-buildinfo-5.4.0-136-generic-lpae - 5.4.0-136.153 linux-tools-host - 5.4.0-136.153 linux-tools-5.4.0-136-generic - 5.4.0-136.153 linux-doc - 5.4.0-136.153 linux-modules-5.4.0-136-generic-lpae - 5.4.0-136.153 linux-modules-5.4.0-136-lowlatency - 5.4.0-136.153 linux-image-5.4.0-136-generic - 5.4.0-136.153 linux-source-5.4.0 - 5.4.0-136.153 linux-cloud-tools-5.4.0-136 - 5.4.0-136.153 linux-image-unsigned-5.4.0-136-lowlatency - 5.4.0-136.153 linux-tools-5.4.0-136 - 5.4.0-136.153 linux-tools-5.4.0-136-generic-lpae - 5.4.0-136.153 linux-image-5.4.0-136-generic-lpae - 5.4.0-136.153 linux-image-unsigned-5.4.0-136-generic - 5.4.0-136.153 linux-tools-5.4.0-136-lowlatency - 5.4.0-136.153 linux-cloud-tools-common - 5.4.0-136.153 linux-cloud-tools-5.4.0-136-lowlatency - 5.4.0-136.153 linux-image-5.4.0-136-lowlatency - 5.4.0-136.153 linux-headers-5.4.0-136-lowlatency - 5.4.0-136.153 linux-modules-5.4.0-136-generic - 5.4.0-136.153 linux-cloud-tools-5.4.0-136-generic - 5.4.0-136.153 linux-buildinfo-5.4.0-136-lowlatency - 5.4.0-136.153 linux-buildinfo-5.4.0-136-generic - 5.4.0-136.153 linux-modules-extra-5.4.0-136-generic - 5.4.0-136.153 linux-libc-dev - 5.4.0-136.153 linux-headers-5.4.0-136 - 5.4.0-136.153 linux-headers-5.4.0-136-generic-lpae - 5.4.0-136.153 linux-headers-5.4.0-136-generic - 5.4.0-136.153 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1041.67 linux-modules-extra-ibm - 5.4.0.1041.67 linux-image-ibm - 5.4.0.1041.67 linux-headers-ibm-lts-20.04 - 5.4.0.1041.67 linux-tools-ibm - 5.4.0.1041.67 linux-headers-ibm - 5.4.0.1041.67 linux-ibm-lts-20.04 - 5.4.0.1041.67 linux-image-ibm-lts-20.04 - 5.4.0.1041.67 linux-ibm - 5.4.0.1041.67 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1041.67 No subscription required linux-headers-gkeop - 5.4.0.1061.59 linux-cloud-tools-gkeop-5.4 - 5.4.0.1061.59 linux-image-gkeop - 5.4.0.1061.59 linux-image-gkeop-5.4 - 5.4.0.1061.59 linux-gkeop - 5.4.0.1061.59 linux-cloud-tools-gkeop - 5.4.0.1061.59 linux-tools-gkeop-5.4 - 5.4.0.1061.59 linux-modules-extra-gkeop-5.4 - 5.4.0.1061.59 linux-headers-gkeop-5.4 - 5.4.0.1061.59 linux-modules-extra-gkeop - 5.4.0.1061.59 linux-tools-gkeop - 5.4.0.1061.59 linux-gkeop-5.4 - 5.4.0.1061.59 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1078.108 linux-raspi2 - 5.4.0.1078.108 linux-headers-raspi2 - 5.4.0.1078.108 linux-image-raspi-hwe-18.04 - 5.4.0.1078.108 linux-image-raspi2-hwe-18.04 - 5.4.0.1078.108 linux-tools-raspi - 5.4.0.1078.108 linux-headers-raspi-hwe-18.04 - 5.4.0.1078.108 linux-headers-raspi2-hwe-18.04 - 5.4.0.1078.108 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1078.108 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1078.108 linux-headers-raspi - 5.4.0.1078.108 linux-raspi2-hwe-18.04-edge - 5.4.0.1078.108 linux-image-raspi-hwe-18.04-edge - 5.4.0.1078.108 linux-tools-raspi2-hwe-18.04 - 5.4.0.1078.108 linux-raspi-hwe-18.04-edge - 5.4.0.1078.108 linux-raspi2-hwe-18.04 - 5.4.0.1078.108 linux-image-raspi2 - 5.4.0.1078.108 linux-tools-raspi-hwe-18.04 - 5.4.0.1078.108 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1078.108 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1078.108 linux-raspi-hwe-18.04 - 5.4.0.1078.108 linux-image-raspi - 5.4.0.1078.108 linux-tools-raspi2 - 5.4.0.1078.108 linux-raspi - 5.4.0.1078.108 No subscription required linux-kvm - 5.4.0.1083.77 linux-headers-kvm - 5.4.0.1083.77 linux-tools-kvm - 5.4.0.1083.77 linux-image-kvm - 5.4.0.1083.77 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1091.84 linux-headers-oracle-lts-20.04 - 5.4.0.1091.84 linux-oracle-lts-20.04 - 5.4.0.1091.84 linux-image-oracle-lts-20.04 - 5.4.0.1091.84 No subscription required linux-modules-extra-gke - 5.4.0.1091.96 linux-headers-gke-5.4 - 5.4.0.1091.96 linux-modules-extra-gke-5.4 - 5.4.0.1091.96 linux-gke-5.4 - 5.4.0.1091.96 linux-tools-gke - 5.4.0.1091.96 linux-gke - 5.4.0.1091.96 linux-headers-gke - 5.4.0.1091.96 linux-image-gke - 5.4.0.1091.96 linux-image-gke-5.4 - 5.4.0.1091.96 linux-tools-gke-5.4 - 5.4.0.1091.96 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1093.90 linux-image-aws-lts-20.04 - 5.4.0.1093.90 linux-headers-aws-lts-20.04 - 5.4.0.1093.90 linux-tools-aws-lts-20.04 - 5.4.0.1093.90 linux-aws-lts-20.04 - 5.4.0.1093.90 No subscription required linux-gcp-lts-20.04 - 5.4.0.1097.99 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1097.99 linux-headers-gcp-lts-20.04 - 5.4.0.1097.99 linux-tools-gcp-lts-20.04 - 5.4.0.1097.99 linux-image-gcp-lts-20.04 - 5.4.0.1097.99 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.136.134 linux-cloud-tools-virtual - 5.4.0.136.134 linux-image-generic-hwe-18.04 - 5.4.0.136.134 linux-headers-generic-lpae - 5.4.0.136.134 linux-image-virtual - 5.4.0.136.134 linux-image-generic - 5.4.0.136.134 linux-tools-lowlatency - 5.4.0.136.134 linux-oem-osp1-tools-host - 5.4.0.136.134 linux-image-oem - 5.4.0.136.134 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.136.134 linux-headers-lowlatency-hwe-18.04 - 5.4.0.136.134 linux-image-extra-virtual-hwe-18.04 - 5.4.0.136.134 linux-image-oem-osp1 - 5.4.0.136.134 linux-image-generic-lpae-hwe-18.04 - 5.4.0.136.134 linux-crashdump - 5.4.0.136.134 linux-tools-lowlatency-hwe-18.04 - 5.4.0.136.134 linux-headers-generic-hwe-18.04 - 5.4.0.136.134 linux-headers-virtual-hwe-18.04-edge - 5.4.0.136.134 linux-source - 5.4.0.136.134 linux-lowlatency - 5.4.0.136.134 linux-tools-virtual-hwe-18.04-edge - 5.4.0.136.134 linux-tools-generic-lpae - 5.4.0.136.134 linux-cloud-tools-generic - 5.4.0.136.134 linux-virtual - 5.4.0.136.134 linux-headers-virtual-hwe-18.04 - 5.4.0.136.134 linux-virtual-hwe-18.04 - 5.4.0.136.134 linux-virtual-hwe-18.04-edge - 5.4.0.136.134 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.136.134 linux-tools-virtual - 5.4.0.136.134 linux-generic-lpae-hwe-18.04-edge - 5.4.0.136.134 linux-lowlatency-hwe-18.04-edge - 5.4.0.136.134 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.136.134 linux-generic-lpae - 5.4.0.136.134 linux-headers-oem - 5.4.0.136.134 linux-generic - 5.4.0.136.134 linux-tools-oem-osp1 - 5.4.0.136.134 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.136.134 linux-tools-generic - 5.4.0.136.134 linux-tools-generic-hwe-18.04-edge - 5.4.0.136.134 linux-image-virtual-hwe-18.04 - 5.4.0.136.134 linux-headers-lowlatency - 5.4.0.136.134 linux-image-generic-hwe-18.04-edge - 5.4.0.136.134 linux-generic-hwe-18.04-edge - 5.4.0.136.134 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.136.134 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.136.134 linux-oem - 5.4.0.136.134 linux-image-extra-virtual - 5.4.0.136.134 linux-oem-tools-host - 5.4.0.136.134 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.136.134 linux-headers-oem-osp1 - 5.4.0.136.134 linux-cloud-tools-lowlatency - 5.4.0.136.134 linux-tools-oem - 5.4.0.136.134 linux-generic-lpae-hwe-18.04 - 5.4.0.136.134 linux-tools-generic-hwe-18.04 - 5.4.0.136.134 linux-headers-generic-hwe-18.04-edge - 5.4.0.136.134 linux-headers-generic - 5.4.0.136.134 linux-oem-osp1 - 5.4.0.136.134 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.136.134 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.136.134 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.136.134 linux-image-lowlatency-hwe-18.04 - 5.4.0.136.134 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.136.134 linux-headers-virtual - 5.4.0.136.134 linux-tools-virtual-hwe-18.04 - 5.4.0.136.134 linux-lowlatency-hwe-18.04 - 5.4.0.136.134 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.136.134 linux-image-virtual-hwe-18.04-edge - 5.4.0.136.134 linux-generic-hwe-18.04 - 5.4.0.136.134 linux-image-generic-lpae - 5.4.0.136.134 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.136.134 linux-image-lowlatency - 5.4.0.136.134 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.136.134 No subscription required Medium CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3586 CVE-2022-3646 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-43750 CVE-2022-39188 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Update Instructions: Run `sudo pro fix USN-5791-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-5.4.0-1100 - 5.4.0-1100.106 linux-modules-5.4.0-1100-azure - 5.4.0-1100.106 linux-cloud-tools-5.4.0-1100-azure - 5.4.0-1100.106 linux-modules-extra-5.4.0-1100-azure - 5.4.0-1100.106 linux-azure-headers-5.4.0-1100 - 5.4.0-1100.106 linux-headers-5.4.0-1100-azure - 5.4.0-1100.106 linux-buildinfo-5.4.0-1100-azure - 5.4.0-1100.106 linux-azure-tools-5.4.0-1100 - 5.4.0-1100.106 linux-tools-5.4.0-1100-azure - 5.4.0-1100.106 linux-image-unsigned-5.4.0-1100-azure - 5.4.0-1100.106 linux-image-5.4.0-1100-azure - 5.4.0-1100.106 No subscription required linux-image-azure-lts-20.04 - 5.4.0.1100.93 linux-tools-azure-lts-20.04 - 5.4.0.1100.93 linux-modules-extra-azure-lts-20.04 - 5.4.0.1100.93 linux-azure-lts-20.04 - 5.4.0.1100.93 linux-headers-azure-lts-20.04 - 5.4.0.1100.93 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1100.93 No subscription required Medium CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3586 CVE-2022-3646 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-43750 CVE-2022-39188 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Update Instructions: Run `sudo pro fix USN-5791-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1100-azure-fde - 5.4.0-1100.106+cvm1.1 linux-image-5.4.0-1100-azure-fde - 5.4.0-1100.106+cvm1.1 No subscription required linux-azure-fde - 5.4.0.1100.106+cvm1.35 linux-modules-extra-azure-fde - 5.4.0.1100.106+cvm1.35 linux-image-azure-fde - 5.4.0.1100.106+cvm1.35 linux-cloud-tools-azure-fde - 5.4.0.1100.106+cvm1.35 linux-tools-azure-fde - 5.4.0.1100.106+cvm1.35 linux-headers-azure-fde - 5.4.0.1100.106+cvm1.35 No subscription required Medium CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3586 CVE-2022-3646 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-43750 CVE-2022-39188 Ubuntu 20.04 LTS Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization (SEV). A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-0171) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) Update Instructions: Run `sudo pro fix USN-5792-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-image-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-headers-5.15.0-57-generic-64k - 5.15.0-57.63~20.04.1 linux-image-5.15.0-57-generic-lpae - 5.15.0-57.63~20.04.1 linux-modules-5.15.0-57-generic-lpae - 5.15.0-57.63~20.04.1 linux-headers-5.15.0-57-generic-lpae - 5.15.0-57.63~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-57.63~20.04.1 linux-buildinfo-5.15.0-57-generic-64k - 5.15.0-57.63~20.04.1 linux-buildinfo-5.15.0-57-generic-lpae - 5.15.0-57.63~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-57 - 5.15.0-57.63~20.04.1 linux-image-unsigned-5.15.0-57-generic-64k - 5.15.0-57.63~20.04.1 linux-buildinfo-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-modules-iwlwifi-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-tools-5.15.0-57-generic-lpae - 5.15.0-57.63~20.04.1 linux-headers-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-57.63~20.04.1 linux-image-5.15.0-57-generic-64k - 5.15.0-57.63~20.04.1 linux-tools-5.15.0-57-generic-64k - 5.15.0-57.63~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-57.63~20.04.1 linux-hwe-5.15-headers-5.15.0-57 - 5.15.0-57.63~20.04.1 linux-modules-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-modules-5.15.0-57-generic-64k - 5.15.0-57.63~20.04.1 linux-tools-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-cloud-tools-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-modules-extra-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-hwe-5.15-tools-5.15.0-57 - 5.15.0-57.63~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-57.63~20.04.1 No subscription required linux-headers-generic-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-headers-generic-64k-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-generic-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-virtual-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-generic-64k-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-generic-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-tools-virtual-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-virtual-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-headers-virtual-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-tools-generic-64k-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-tools-virtual-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-headers-generic-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-virtual-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-generic-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-generic-lpae-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-generic-64k-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-generic-64k-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-image-generic-lpae-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-generic-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-extra-virtual-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-tools-generic-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-generic-lpae-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-tools-generic-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-virtual-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-headers-virtual-hwe-20.04 - 5.15.0.57.63~20.04.23 No subscription required Medium CVE-2022-0171 CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3586 CVE-2022-3646 CVE-2022-3649 CVE-2022-39188 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-43750 Ubuntu 20.04 LTS Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization (SEV). A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-0171) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) Update Instructions: Run `sudo pro fix USN-5792-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-headers-5.15.0-1027 - 5.15.0-1027.31~20.04.1 linux-modules-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-modules-extra-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-headers-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-image-unsigned-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1027 - 5.15.0-1027.31~20.04.1 linux-cloud-tools-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-image-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-tools-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-aws-5.15-tools-5.15.0-1027 - 5.15.0-1027.31~20.04.1 linux-buildinfo-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1030 - 5.15.0-1030.37~20.04.1 linux-image-unsigned-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-modules-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-modules-extra-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-buildinfo-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-tools-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-headers-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-image-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-azure-5.15-headers-5.15.0-1030 - 5.15.0-1030.37~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1030 - 5.15.0-1030.37~20.04.1 linux-cloud-tools-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1027.31~20.04.16 linux-modules-extra-aws-edge - 5.15.0.1027.31~20.04.16 linux-tools-aws - 5.15.0.1027.31~20.04.16 linux-image-aws-edge - 5.15.0.1027.31~20.04.16 linux-headers-aws-edge - 5.15.0.1027.31~20.04.16 linux-tools-aws-edge - 5.15.0.1027.31~20.04.16 linux-aws-edge - 5.15.0.1027.31~20.04.16 linux-headers-aws - 5.15.0.1027.31~20.04.16 linux-image-aws - 5.15.0.1027.31~20.04.16 linux-aws - 5.15.0.1027.31~20.04.16 No subscription required linux-cloud-tools-azure - 5.15.0.1030.37~20.04.20 linux-tools-azure-edge - 5.15.0.1030.37~20.04.20 linux-azure - 5.15.0.1030.37~20.04.20 linux-image-azure - 5.15.0.1030.37~20.04.20 linux-cloud-tools-azure-edge - 5.15.0.1030.37~20.04.20 linux-tools-azure - 5.15.0.1030.37~20.04.20 linux-headers-azure-edge - 5.15.0.1030.37~20.04.20 linux-image-azure-edge - 5.15.0.1030.37~20.04.20 linux-headers-azure - 5.15.0.1030.37~20.04.20 linux-modules-extra-azure - 5.15.0.1030.37~20.04.20 linux-azure-edge - 5.15.0.1030.37~20.04.20 linux-modules-extra-azure-edge - 5.15.0.1030.37~20.04.20 No subscription required Medium CVE-2022-0171 CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3586 CVE-2022-3646 CVE-2022-3649 CVE-2022-39188 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-43750 Ubuntu 20.04 LTS It was discovered that Net-SNMP incorrectly handled certain requests. A remote attacker could possibly use these issues to cause Net-SNMP to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5795-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: snmptrapd - 5.8+dfsg-2ubuntu2.6 libsnmp-dev - 5.8+dfsg-2ubuntu2.6 libsnmp-base - 5.8+dfsg-2ubuntu2.6 snmp - 5.8+dfsg-2ubuntu2.6 libsnmp-perl - 5.8+dfsg-2ubuntu2.6 tkmib - 5.8+dfsg-2ubuntu2.6 snmpd - 5.8+dfsg-2ubuntu2.6 libsnmp35 - 5.8+dfsg-2ubuntu2.6 No subscription required Medium CVE-2022-44792 CVE-2022-44793 Ubuntu 20.04 LTS It was discovered that w3m incorrectly handled certain HTML files. A remote attacker could use this issue to cause w3m to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5796-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: w3m-img - 0.5.3-37ubuntu0.1 w3m - 0.5.3-37ubuntu0.1 No subscription required Medium CVE-2022-38223 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5797-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.38.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.38.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.38.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.38.3-0ubuntu0.20.04.1 webkit2gtk-driver - 2.38.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.38.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.38.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.38.3-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.38.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.38.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-42852 CVE-2022-42856 CVE-2022-42867 CVE-2022-46692 CVE-2022-46698 CVE-2022-46699 CVE-2022-46700 Ubuntu 20.04 LTS It was discovered that Heimdal incorrectly handled certain SPNEGO tokens. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-44758) Evgeny Legerov discovered that Heimdal incorrectly handled memory when performing certain DES decryption operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-3437) Greg Hudson discovered that Kerberos PAC implementation used in Heimdal incorrectly handled certain parsing operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-42898) It was discovered that Heimdal's KDC did not properly handle certain error conditions. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-44640) Update Instructions: Run `sudo pro fix USN-5800-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhcrypto4-heimdal - 7.7.0+dfsg-1ubuntu1.3 libwind0-heimdal - 7.7.0+dfsg-1ubuntu1.3 libroken18-heimdal - 7.7.0+dfsg-1ubuntu1.3 libgssapi3-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-kcm - 7.7.0+dfsg-1ubuntu1.3 libhdb9-heimdal - 7.7.0+dfsg-1ubuntu1.3 libasn1-8-heimdal - 7.7.0+dfsg-1ubuntu1.3 libsl0-heimdal - 7.7.0+dfsg-1ubuntu1.3 libkadm5clnt7-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-kdc - 7.7.0+dfsg-1ubuntu1.3 libkdc2-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-servers - 7.7.0+dfsg-1ubuntu1.3 libheimntlm0-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-docs - 7.7.0+dfsg-1ubuntu1.3 libheimbase1-heimdal - 7.7.0+dfsg-1ubuntu1.3 libkrb5-26-heimdal - 7.7.0+dfsg-1ubuntu1.3 libotp0-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-dev - 7.7.0+dfsg-1ubuntu1.3 libkafs0-heimdal - 7.7.0+dfsg-1ubuntu1.3 libhx509-5-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-multidev - 7.7.0+dfsg-1ubuntu1.3 libkadm5srv8-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-clients - 7.7.0+dfsg-1ubuntu1.3 No subscription required Medium CVE-2021-44758 CVE-2022-3437 CVE-2022-42898 CVE-2022-44640 Ubuntu 20.04 LTS It was discovered that Vim makes illegal memory calls when pasting brackets in Ex mode. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. This issue affected only Ubuntu 20.04 and 22.04 (CVE-2022-0392) It was discovered that Vim makes illegal memory calls when making certain retab calls. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. (CVE-2022-0417) Update Instructions: Run `sudo pro fix USN-5801-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.11 vim-athena - 2:8.1.2269-1ubuntu5.11 xxd - 2:8.1.2269-1ubuntu5.11 vim-gtk - 2:8.1.2269-1ubuntu5.11 vim-gui-common - 2:8.1.2269-1ubuntu5.11 vim - 2:8.1.2269-1ubuntu5.11 vim-doc - 2:8.1.2269-1ubuntu5.11 vim-tiny - 2:8.1.2269-1ubuntu5.11 vim-runtime - 2:8.1.2269-1ubuntu5.11 vim-gtk3 - 2:8.1.2269-1ubuntu5.11 vim-nox - 2:8.1.2269-1ubuntu5.11 No subscription required Medium CVE-2022-0392 CVE-2022-0417 Ubuntu 20.04 LTS Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4378) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5803-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-headers-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-image-unsigned-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-image-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-tools-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-gcp-5.15-headers-5.15.0-1027 - 5.15.0-1027.34~20.04.1 linux-modules-iwlwifi-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-buildinfo-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-modules-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-gcp-5.15-tools-5.15.0-1027 - 5.15.0-1027.34~20.04.1 No subscription required linux-aws-5.15-headers-5.15.0-1028 - 5.15.0-1028.32~20.04.1 linux-buildinfo-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-tools-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1028 - 5.15.0-1028.32~20.04.1 linux-cloud-tools-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-headers-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-modules-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-image-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-aws-5.15-tools-5.15.0-1028 - 5.15.0-1028.32~20.04.1 linux-modules-extra-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-image-unsigned-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1031 - 5.15.0-1031.38~20.04.1 linux-modules-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-tools-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-modules-extra-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-image-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-cloud-tools-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-image-unsigned-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-azure-5.15-headers-5.15.0-1031 - 5.15.0-1031.38~20.04.1 linux-headers-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1031 - 5.15.0-1031.38~20.04.1 linux-buildinfo-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 No subscription required linux-modules-iwlwifi-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-modules-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-headers-5.15.0-58-generic-64k - 5.15.0-58.64~20.04.1 linux-modules-5.15.0-58-generic-64k - 5.15.0-58.64~20.04.1 linux-headers-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-58.64~20.04.1 linux-buildinfo-5.15.0-58-generic-64k - 5.15.0-58.64~20.04.1 linux-cloud-tools-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-tools-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-buildinfo-5.15.0-58-generic-lpae - 5.15.0-58.64~20.04.1 linux-hwe-5.15-tools-5.15.0-58 - 5.15.0-58.64~20.04.1 linux-headers-5.15.0-58-generic-lpae - 5.15.0-58.64~20.04.1 linux-tools-5.15.0-58-generic-lpae - 5.15.0-58.64~20.04.1 linux-tools-5.15.0-58-generic-64k - 5.15.0-58.64~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-58.64~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-58 - 5.15.0-58.64~20.04.1 linux-modules-extra-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-image-unsigned-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-image-5.15.0-58-generic-64k - 5.15.0-58.64~20.04.1 linux-image-5.15.0-58-generic-lpae - 5.15.0-58.64~20.04.1 linux-modules-5.15.0-58-generic-lpae - 5.15.0-58.64~20.04.1 linux-image-unsigned-5.15.0-58-generic-64k - 5.15.0-58.64~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-58.64~20.04.1 linux-hwe-5.15-headers-5.15.0-58 - 5.15.0-58.64~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-58.64~20.04.1 linux-buildinfo-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-image-5.15.0-58-generic - 5.15.0-58.64~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1027.34~20.04.1 linux-tools-gcp-edge - 5.15.0.1027.34~20.04.1 linux-headers-gcp-edge - 5.15.0.1027.34~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1027.34~20.04.1 linux-tools-gcp - 5.15.0.1027.34~20.04.1 linux-gcp - 5.15.0.1027.34~20.04.1 linux-headers-gcp - 5.15.0.1027.34~20.04.1 linux-image-gcp - 5.15.0.1027.34~20.04.1 linux-modules-extra-gcp - 5.15.0.1027.34~20.04.1 linux-gcp-edge - 5.15.0.1027.34~20.04.1 No subscription required linux-headers-aws - 5.15.0.1028.32~20.04.17 linux-image-aws - 5.15.0.1028.32~20.04.17 linux-modules-extra-aws-edge - 5.15.0.1028.32~20.04.17 linux-image-aws-edge - 5.15.0.1028.32~20.04.17 linux-aws-edge - 5.15.0.1028.32~20.04.17 linux-aws - 5.15.0.1028.32~20.04.17 linux-tools-aws - 5.15.0.1028.32~20.04.17 linux-headers-aws-edge - 5.15.0.1028.32~20.04.17 linux-modules-extra-aws - 5.15.0.1028.32~20.04.17 linux-tools-aws-edge - 5.15.0.1028.32~20.04.17 No subscription required linux-tools-azure-edge - 5.15.0.1031.38~20.04.21 linux-cloud-tools-azure - 5.15.0.1031.38~20.04.21 linux-tools-azure - 5.15.0.1031.38~20.04.21 linux-image-azure-edge - 5.15.0.1031.38~20.04.21 linux-azure - 5.15.0.1031.38~20.04.21 linux-cloud-tools-azure-edge - 5.15.0.1031.38~20.04.21 linux-modules-extra-azure - 5.15.0.1031.38~20.04.21 linux-image-azure - 5.15.0.1031.38~20.04.21 linux-headers-azure-edge - 5.15.0.1031.38~20.04.21 linux-azure-edge - 5.15.0.1031.38~20.04.21 linux-modules-extra-azure-edge - 5.15.0.1031.38~20.04.21 linux-headers-azure - 5.15.0.1031.38~20.04.21 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-image-virtual-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-headers-virtual-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-headers-generic-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-image-virtual-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-image-extra-virtual-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-virtual-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-headers-generic-64k-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-generic-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-generic-lpae-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-virtual-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-tools-generic-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-generic-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-image-generic-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-generic-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-generic-lpae-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-tools-generic-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-headers-generic-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-image-generic-lpae-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-tools-virtual-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-tools-generic-64k-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-tools-virtual-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-image-generic-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-generic-64k-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-image-generic-64k-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-headers-virtual-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.58.64~20.04.24 No subscription required High CVE-2022-3643 CVE-2022-42896 CVE-2022-4378 CVE-2022-45934 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5804-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1042-ibm - 5.4.0-1042.47 linux-headers-5.4.0-1042-ibm - 5.4.0-1042.47 linux-ibm-source-5.4.0 - 5.4.0-1042.47 linux-ibm-tools-common - 5.4.0-1042.47 linux-modules-5.4.0-1042-ibm - 5.4.0-1042.47 linux-image-unsigned-5.4.0-1042-ibm - 5.4.0-1042.47 linux-modules-extra-5.4.0-1042-ibm - 5.4.0-1042.47 linux-ibm-cloud-tools-common - 5.4.0-1042.47 linux-ibm-headers-5.4.0-1042 - 5.4.0-1042.47 linux-image-5.4.0-1042-ibm - 5.4.0-1042.47 linux-ibm-tools-5.4.0-1042 - 5.4.0-1042.47 linux-tools-5.4.0-1042-ibm - 5.4.0-1042.47 No subscription required linux-headers-5.4.0-1084-kvm - 5.4.0-1084.90 linux-kvm-headers-5.4.0-1084 - 5.4.0-1084.90 linux-buildinfo-5.4.0-1084-kvm - 5.4.0-1084.90 linux-image-unsigned-5.4.0-1084-kvm - 5.4.0-1084.90 linux-kvm-tools-5.4.0-1084 - 5.4.0-1084.90 linux-modules-5.4.0-1084-kvm - 5.4.0-1084.90 linux-tools-5.4.0-1084-kvm - 5.4.0-1084.90 linux-image-5.4.0-1084-kvm - 5.4.0-1084.90 No subscription required linux-modules-5.4.0-1092-oracle - 5.4.0-1092.101 linux-image-5.4.0-1092-oracle - 5.4.0-1092.101 linux-headers-5.4.0-1092-oracle - 5.4.0-1092.101 linux-tools-5.4.0-1092-oracle - 5.4.0-1092.101 linux-image-unsigned-5.4.0-1092-oracle - 5.4.0-1092.101 linux-oracle-tools-5.4.0-1092 - 5.4.0-1092.101 linux-oracle-headers-5.4.0-1092 - 5.4.0-1092.101 linux-buildinfo-5.4.0-1092-oracle - 5.4.0-1092.101 linux-modules-extra-5.4.0-1092-oracle - 5.4.0-1092.101 No subscription required linux-image-5.4.0-1094-aws - 5.4.0-1094.102 linux-aws-cloud-tools-5.4.0-1094 - 5.4.0-1094.102 linux-modules-extra-5.4.0-1094-aws - 5.4.0-1094.102 linux-buildinfo-5.4.0-1094-aws - 5.4.0-1094.102 linux-modules-5.4.0-1094-aws - 5.4.0-1094.102 linux-tools-5.4.0-1094-aws - 5.4.0-1094.102 linux-aws-tools-5.4.0-1094 - 5.4.0-1094.102 linux-headers-5.4.0-1094-aws - 5.4.0-1094.102 linux-cloud-tools-5.4.0-1094-aws - 5.4.0-1094.102 linux-image-unsigned-5.4.0-1094-aws - 5.4.0-1094.102 linux-aws-headers-5.4.0-1094 - 5.4.0-1094.102 No subscription required linux-tools-5.4.0-1098-gcp - 5.4.0-1098.107 linux-image-5.4.0-1098-gcp - 5.4.0-1098.107 linux-gcp-tools-5.4.0-1098 - 5.4.0-1098.107 linux-modules-5.4.0-1098-gcp - 5.4.0-1098.107 linux-gcp-headers-5.4.0-1098 - 5.4.0-1098.107 linux-headers-5.4.0-1098-gcp - 5.4.0-1098.107 linux-modules-extra-5.4.0-1098-gcp - 5.4.0-1098.107 linux-buildinfo-5.4.0-1098-gcp - 5.4.0-1098.107 linux-image-unsigned-5.4.0-1098-gcp - 5.4.0-1098.107 No subscription required linux-tools-common - 5.4.0-137.154 linux-modules-extra-5.4.0-137-generic - 5.4.0-137.154 linux-tools-host - 5.4.0-137.154 linux-headers-5.4.0-137-lowlatency - 5.4.0-137.154 linux-buildinfo-5.4.0-137-generic-lpae - 5.4.0-137.154 linux-doc - 5.4.0-137.154 linux-image-5.4.0-137-generic - 5.4.0-137.154 linux-image-5.4.0-137-lowlatency - 5.4.0-137.154 linux-buildinfo-5.4.0-137-generic - 5.4.0-137.154 linux-libc-dev - 5.4.0-137.154 linux-source-5.4.0 - 5.4.0-137.154 linux-cloud-tools-5.4.0-137 - 5.4.0-137.154 linux-image-unsigned-5.4.0-137-lowlatency - 5.4.0-137.154 linux-tools-5.4.0-137 - 5.4.0-137.154 linux-tools-5.4.0-137-generic-lpae - 5.4.0-137.154 linux-tools-5.4.0-137-lowlatency - 5.4.0-137.154 linux-cloud-tools-5.4.0-137-generic - 5.4.0-137.154 linux-buildinfo-5.4.0-137-lowlatency - 5.4.0-137.154 linux-headers-5.4.0-137-generic - 5.4.0-137.154 linux-cloud-tools-common - 5.4.0-137.154 linux-modules-5.4.0-137-generic - 5.4.0-137.154 linux-image-5.4.0-137-generic-lpae - 5.4.0-137.154 linux-tools-5.4.0-137-generic - 5.4.0-137.154 linux-headers-5.4.0-137 - 5.4.0-137.154 linux-cloud-tools-5.4.0-137-lowlatency - 5.4.0-137.154 linux-modules-5.4.0-137-generic-lpae - 5.4.0-137.154 linux-image-unsigned-5.4.0-137-generic - 5.4.0-137.154 linux-modules-5.4.0-137-lowlatency - 5.4.0-137.154 linux-headers-5.4.0-137-generic-lpae - 5.4.0-137.154 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1042.68 linux-image-ibm - 5.4.0.1042.68 linux-headers-ibm-lts-20.04 - 5.4.0.1042.68 linux-tools-ibm - 5.4.0.1042.68 linux-modules-extra-ibm - 5.4.0.1042.68 linux-ibm-lts-20.04 - 5.4.0.1042.68 linux-image-ibm-lts-20.04 - 5.4.0.1042.68 linux-ibm - 5.4.0.1042.68 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1042.68 linux-headers-ibm - 5.4.0.1042.68 No subscription required linux-headers-kvm - 5.4.0.1084.78 linux-kvm - 5.4.0.1084.78 linux-image-kvm - 5.4.0.1084.78 linux-tools-kvm - 5.4.0.1084.78 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1092.85 linux-headers-oracle-lts-20.04 - 5.4.0.1092.85 linux-oracle-lts-20.04 - 5.4.0.1092.85 linux-image-oracle-lts-20.04 - 5.4.0.1092.85 No subscription required linux-aws-lts-20.04 - 5.4.0.1094.91 linux-modules-extra-aws-lts-20.04 - 5.4.0.1094.91 linux-image-aws-lts-20.04 - 5.4.0.1094.91 linux-headers-aws-lts-20.04 - 5.4.0.1094.91 linux-tools-aws-lts-20.04 - 5.4.0.1094.91 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1098.100 linux-gcp-lts-20.04 - 5.4.0.1098.100 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1098.100 linux-headers-gcp-lts-20.04 - 5.4.0.1098.100 linux-image-gcp-lts-20.04 - 5.4.0.1098.100 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.137.135 linux-image-generic-lpae-hwe-18.04 - 5.4.0.137.135 linux-cloud-tools-virtual - 5.4.0.137.135 linux-image-generic-hwe-18.04 - 5.4.0.137.135 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.137.135 linux-headers-generic-lpae - 5.4.0.137.135 linux-headers-generic - 5.4.0.137.135 linux-image-virtual - 5.4.0.137.135 linux-oem-osp1-tools-host - 5.4.0.137.135 linux-image-generic - 5.4.0.137.135 linux-tools-lowlatency - 5.4.0.137.135 linux-image-oem - 5.4.0.137.135 linux-tools-virtual-hwe-18.04 - 5.4.0.137.135 linux-headers-lowlatency-hwe-18.04 - 5.4.0.137.135 linux-lowlatency-hwe-18.04-edge - 5.4.0.137.135 linux-image-extra-virtual-hwe-18.04 - 5.4.0.137.135 linux-image-oem-osp1 - 5.4.0.137.135 linux-crashdump - 5.4.0.137.135 linux-tools-lowlatency-hwe-18.04 - 5.4.0.137.135 linux-headers-generic-hwe-18.04 - 5.4.0.137.135 linux-headers-virtual-hwe-18.04-edge - 5.4.0.137.135 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.137.135 linux-source - 5.4.0.137.135 linux-lowlatency - 5.4.0.137.135 linux-tools-virtual-hwe-18.04-edge - 5.4.0.137.135 linux-tools-generic-lpae - 5.4.0.137.135 linux-cloud-tools-generic - 5.4.0.137.135 linux-virtual - 5.4.0.137.135 linux-headers-virtual-hwe-18.04 - 5.4.0.137.135 linux-virtual-hwe-18.04 - 5.4.0.137.135 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.137.135 linux-tools-virtual - 5.4.0.137.135 linux-generic-lpae-hwe-18.04-edge - 5.4.0.137.135 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.137.135 linux-generic-lpae - 5.4.0.137.135 linux-headers-oem - 5.4.0.137.135 linux-generic - 5.4.0.137.135 linux-tools-oem-osp1 - 5.4.0.137.135 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.137.135 linux-tools-generic-hwe-18.04-edge - 5.4.0.137.135 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.137.135 linux-image-virtual-hwe-18.04 - 5.4.0.137.135 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.137.135 linux-cloud-tools-lowlatency - 5.4.0.137.135 linux-headers-lowlatency - 5.4.0.137.135 linux-image-generic-hwe-18.04-edge - 5.4.0.137.135 linux-generic-hwe-18.04-edge - 5.4.0.137.135 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.137.135 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.137.135 linux-image-generic-lpae - 5.4.0.137.135 linux-oem - 5.4.0.137.135 linux-tools-generic - 5.4.0.137.135 linux-image-extra-virtual - 5.4.0.137.135 linux-oem-tools-host - 5.4.0.137.135 linux-tools-oem - 5.4.0.137.135 linux-headers-oem-osp1 - 5.4.0.137.135 linux-generic-lpae-hwe-18.04 - 5.4.0.137.135 linux-headers-generic-hwe-18.04-edge - 5.4.0.137.135 linux-oem-osp1 - 5.4.0.137.135 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.137.135 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.137.135 linux-image-lowlatency-hwe-18.04 - 5.4.0.137.135 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.137.135 linux-virtual-hwe-18.04-edge - 5.4.0.137.135 linux-headers-virtual - 5.4.0.137.135 linux-lowlatency-hwe-18.04 - 5.4.0.137.135 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.137.135 linux-generic-hwe-18.04 - 5.4.0.137.135 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.137.135 linux-image-lowlatency - 5.4.0.137.135 linux-tools-generic-hwe-18.04 - 5.4.0.137.135 linux-image-virtual-hwe-18.04-edge - 5.4.0.137.135 No subscription required High CVE-2022-3643 CVE-2022-42896 CVE-2022-43945 CVE-2022-45934 Ubuntu 20.04 LTS USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem for Ubuntu 20.04 LTS. Original advisory details: Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications which generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application. Update Instructions: Run `sudo pro fix USN-5806-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.8 ruby2.7-doc - 2.7.0-5ubuntu1.8 libruby2.7 - 2.7.0-5ubuntu1.8 ruby2.7-dev - 2.7.0-5ubuntu1.8 No subscription required Medium CVE-2021-33621 Ubuntu 20.04 LTS Martin Ettl discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could possibly use this issue to cause libXpm to stop responding, resulting in a denial of service. (CVE-2022-44617) Marco Ivaldi discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could possibly use this issue to cause libXpm to stop responding, resulting in a denial of service. (CVE-2022-46285) Alan Coopersmith discovered that libXpm incorrectly handled calling external helper binaries. If libXpm was being used by a setuid binary, a local attacker could possibly use this issue to escalate privileges. (CVE-2022-4883) Update Instructions: Run `sudo pro fix USN-5807-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xpmutils - 1:3.5.12-1ubuntu0.20.04.1 libxpm-dev - 1:3.5.12-1ubuntu0.20.04.1 libxpm4 - 1:3.5.12-1ubuntu0.20.04.1 No subscription required Medium CVE-2022-44617 CVE-2022-46285 CVE-2022-4883 Ubuntu 20.04 LTS Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4378) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5809-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.14.0-1056-oem - 5.14.0-1056.63 linux-oem-5.14-headers-5.14.0-1056 - 5.14.0-1056.63 linux-modules-iwlwifi-5.14.0-1056-oem - 5.14.0-1056.63 linux-oem-5.14-tools-5.14.0-1056 - 5.14.0-1056.63 linux-buildinfo-5.14.0-1056-oem - 5.14.0-1056.63 linux-image-unsigned-5.14.0-1056-oem - 5.14.0-1056.63 linux-tools-5.14.0-1056-oem - 5.14.0-1056.63 linux-modules-5.14.0-1056-oem - 5.14.0-1056.63 linux-headers-5.14.0-1056-oem - 5.14.0-1056.63 linux-oem-5.14-tools-host - 5.14.0-1056.63 No subscription required linux-image-oem-20.04c - 5.14.0.1056.54 linux-image-oem-20.04b - 5.14.0.1056.54 linux-image-oem-20.04d - 5.14.0.1056.54 linux-headers-oem-20.04 - 5.14.0.1056.54 linux-tools-oem-20.04c - 5.14.0.1056.54 linux-tools-oem-20.04b - 5.14.0.1056.54 linux-oem-20.04 - 5.14.0.1056.54 linux-image-oem-20.04 - 5.14.0.1056.54 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1056.54 linux-oem-20.04d - 5.14.0.1056.54 linux-oem-20.04c - 5.14.0.1056.54 linux-oem-20.04b - 5.14.0.1056.54 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1056.54 linux-tools-oem-20.04d - 5.14.0.1056.54 linux-headers-oem-20.04b - 5.14.0.1056.54 linux-headers-oem-20.04c - 5.14.0.1056.54 linux-headers-oem-20.04d - 5.14.0.1056.54 linux-tools-oem-20.04 - 5.14.0.1056.54 No subscription required High CVE-2022-42896 CVE-2022-4378 CVE-2022-45934 Ubuntu 20.04 LTS Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-23521) Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-41903) Update Instructions: Run `sudo pro fix USN-5810-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.7 gitweb - 1:2.25.1-1ubuntu3.7 git-gui - 1:2.25.1-1ubuntu3.7 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.7 git-el - 1:2.25.1-1ubuntu3.7 gitk - 1:2.25.1-1ubuntu3.7 git-all - 1:2.25.1-1ubuntu3.7 git-mediawiki - 1:2.25.1-1ubuntu3.7 git-daemon-run - 1:2.25.1-1ubuntu3.7 git-man - 1:2.25.1-1ubuntu3.7 git-doc - 1:2.25.1-1ubuntu3.7 git-svn - 1:2.25.1-1ubuntu3.7 git-cvs - 1:2.25.1-1ubuntu3.7 git-email - 1:2.25.1-1ubuntu3.7 No subscription required Medium CVE-2022-23521 CVE-2022-41903 Ubuntu 20.04 LTS USN-5810-1 fixed vulnerabilities in Git. This update introduced a regression as it was missing some commit lines. This update fixes the problem. Original advisory details: Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-23521) Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-41903) Update Instructions: Run `sudo pro fix USN-5810-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.8 gitweb - 1:2.25.1-1ubuntu3.8 git-all - 1:2.25.1-1ubuntu3.8 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.8 git-el - 1:2.25.1-1ubuntu3.8 gitk - 1:2.25.1-1ubuntu3.8 git-gui - 1:2.25.1-1ubuntu3.8 git-mediawiki - 1:2.25.1-1ubuntu3.8 git-daemon-run - 1:2.25.1-1ubuntu3.8 git-man - 1:2.25.1-1ubuntu3.8 git-doc - 1:2.25.1-1ubuntu3.8 git-svn - 1:2.25.1-1ubuntu3.8 git-cvs - 1:2.25.1-1ubuntu3.8 git-email - 1:2.25.1-1ubuntu3.8 No subscription required None https://launchpad.net/bugs/2003246 Ubuntu 20.04 LTS Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the sudoedit command could possibly use this issue to edit arbitrary files. (CVE-2023-22809) It was discovered that the Protobuf-c library, used by Sudo, incorrectly handled certain arithmetic shifts. An attacker could possibly use this issue to cause Sudo to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-33070) Update Instructions: Run `sudo pro fix USN-5811-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sudo-ldap - 1.8.31-1ubuntu1.4 sudo - 1.8.31-1ubuntu1.4 No subscription required Medium CVE-2022-33070 CVE-2023-22809 Ubuntu 20.04 LTS It was discovered that urllib3 incorrectly handled certain characters in URLs. A remote attacker could possibly use this issue to cause urllib3 to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-5812-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-urllib3 - 1.25.8-2ubuntu0.2 No subscription required Low CVE-2021-33503 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5813-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-modules-extra-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-gkeop-source-5.4.0 - 5.4.0-1062.66 linux-cloud-tools-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-gkeop-headers-5.4.0-1062 - 5.4.0-1062.66 linux-buildinfo-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-modules-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-image-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-image-unsigned-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-headers-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-gkeop-tools-5.4.0-1062 - 5.4.0-1062.66 linux-gkeop-cloud-tools-5.4.0-1062 - 5.4.0-1062.66 No subscription required linux-image-gkeop-5.4 - 5.4.0.1062.60 linux-headers-gkeop - 5.4.0.1062.60 linux-gkeop-5.4 - 5.4.0.1062.60 linux-cloud-tools-gkeop-5.4 - 5.4.0.1062.60 linux-image-gkeop - 5.4.0.1062.60 linux-modules-extra-gkeop-5.4 - 5.4.0.1062.60 linux-gkeop - 5.4.0.1062.60 linux-cloud-tools-gkeop - 5.4.0.1062.60 linux-modules-extra-gkeop - 5.4.0.1062.60 linux-tools-gkeop - 5.4.0.1062.60 linux-tools-gkeop-5.4 - 5.4.0.1062.60 linux-headers-gkeop-5.4 - 5.4.0.1062.60 No subscription required High CVE-2022-3643 CVE-2022-42896 CVE-2022-43945 CVE-2022-45934 Ubuntu 20.04 LTS Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4378) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5814-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 linux-oracle-5.15-headers-5.15.0-1027 - 5.15.0-1027.33~20.04.1 linux-headers-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 linux-oracle-5.15-tools-5.15.0-1027 - 5.15.0-1027.33~20.04.1 linux-image-unsigned-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 linux-buildinfo-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 linux-modules-extra-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 linux-tools-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 linux-image-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 No subscription required linux-buildinfo-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-58 - 5.15.0-58.64~20.04.1 linux-image-unsigned-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-image-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-58.64~20.04.1 linux-cloud-tools-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-image-5.15.0-58-lowlatency-64k - 5.15.0-58.64~20.04.1 linux-headers-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-tools-5.15.0-58-lowlatency-64k - 5.15.0-58.64~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-58.64~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-58.64~20.04.1 linux-buildinfo-5.15.0-58-lowlatency-64k - 5.15.0-58.64~20.04.1 linux-modules-iwlwifi-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-modules-5.15.0-58-lowlatency-64k - 5.15.0-58.64~20.04.1 linux-headers-5.15.0-58-lowlatency-64k - 5.15.0-58.64~20.04.1 linux-tools-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-58 - 5.15.0-58.64~20.04.1 linux-image-unsigned-5.15.0-58-lowlatency-64k - 5.15.0-58.64~20.04.1 linux-modules-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-58 - 5.15.0-58.64~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1027.33~20.04.1 linux-headers-oracle-edge - 5.15.0.1027.33~20.04.1 linux-image-oracle - 5.15.0.1027.33~20.04.1 linux-tools-oracle - 5.15.0.1027.33~20.04.1 linux-tools-oracle-edge - 5.15.0.1027.33~20.04.1 linux-oracle-edge - 5.15.0.1027.33~20.04.1 linux-image-oracle-edge - 5.15.0.1027.33~20.04.1 linux-oracle - 5.15.0.1027.33~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-lowlatency-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-lowlatency-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-tools-lowlatency-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-lowlatency-64k-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-headers-lowlatency-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-image-lowlatency-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.21 No subscription required High CVE-2022-3643 CVE-2022-42896 CVE-2022-4378 CVE-2022-45934 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Update Instructions: Run `sudo pro fix USN-5815-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1054-bluefield - 5.4.0-1054.60 linux-tools-5.4.0-1054-bluefield - 5.4.0-1054.60 linux-headers-5.4.0-1054-bluefield - 5.4.0-1054.60 linux-bluefield-headers-5.4.0-1054 - 5.4.0-1054.60 linux-image-5.4.0-1054-bluefield - 5.4.0-1054.60 linux-image-unsigned-5.4.0-1054-bluefield - 5.4.0-1054.60 linux-bluefield-tools-5.4.0-1054 - 5.4.0-1054.60 linux-buildinfo-5.4.0-1054-bluefield - 5.4.0-1054.60 No subscription required linux-bluefield - 5.4.0.1054.50 linux-tools-bluefield - 5.4.0.1054.50 linux-image-bluefield - 5.4.0.1054.50 linux-headers-bluefield - 5.4.0.1054.50 No subscription required Medium CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3586 CVE-2022-3646 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-43750 CVE-2022-39188 Ubuntu 20.04 LTS Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-23597) Tom Schuster discovered that Firefox was not performing a validation check on GTK drag data. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-23598) Vadim discovered that Firefox was not properly sanitizing a curl command output when copying a network request from the developer tools panel. An attacker could potentially exploits this to hide and execute arbitrary commands. (CVE-2023-23599) Luan Herrera discovered that Firefox was not stopping navigation when dragging a URL from a cross-origin iframe into the same tab. An attacker potentially exploits this to spoof the user. (CVE-2023-23601) Dave Vandyke discovered that Firefox did not properly implement CSP policy when creating a WebSocket in a WebWorker. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script. (CVE-2023-23602) Dan Veditz discovered that Firefox did not properly implement CSP policy on regular expression when using console.log. An attacker potentially exploits this to exfiltrate data from the browser. (CVE-2023-23603) Nika Layzell discovered that Firefox was not performing a validation check when parsing a non-system html document via DOMParser::ParseFromSafeString. An attacker potentially exploits this to bypass web security checks. (CVE-2023-23604) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-23605, CVE-2023-23606) Update Instructions: Run `sudo pro fix USN-5816-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 109.0+build2-0ubuntu0.20.04.1 firefox - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 109.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 109.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 109.0+build2-0ubuntu0.20.04.1 firefox-dev - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 109.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-23597 CVE-2023-23598 CVE-2023-23599 CVE-2023-23601 CVE-2023-23602 CVE-2023-23603 CVE-2023-23604 CVE-2023-23605 CVE-2023-23606 Ubuntu 20.04 LTS USN-5816-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-23597) Tom Schuster discovered that Firefox was not performing a validation check on GTK drag data. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-23598) Vadim discovered that Firefox was not properly sanitizing a curl command output when copying a network request from the developer tools panel. An attacker could potentially exploits this to hide and execute arbitrary commands. (CVE-2023-23599) Luan Herrera discovered that Firefox was not stopping navigation when dragging a URL from a cross-origin iframe into the same tab. An attacker potentially exploits this to spoof the user. (CVE-2023-23601) Dave Vandyke discovered that Firefox did not properly implement CSP policy when creating a WebSocket in a WebWorker. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script. (CVE-2023-23602) Dan Veditz discovered that Firefox did not properly implement CSP policy on regular expression when using console.log. An attacker potentially exploits this to exfiltrate data from the browser. (CVE-2023-23603) Nika Layzell discovered that Firefox was not performing a validation check when parsing a non-system html document via DOMParser::ParseFromSafeString. An attacker potentially exploits this to bypass web security checks. (CVE-2023-23604) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-23605, CVE-2023-23606) Update Instructions: Run `sudo pro fix USN-5816-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-nn - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ne - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-nb - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fa - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fi - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fr - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fy - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-or - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-kab - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-oc - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-cs - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ga - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gd - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gn - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gl - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gu - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-pa - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-pl - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-cy - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-pt - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-szl - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hi - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ms - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-he - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hy - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hr - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hu - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-it - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-as - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ar - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ia - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-az - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-id - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mai - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-af - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-is - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-vi - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-an - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-bs - 109.0.1+build1-0ubuntu0.20.04.2 firefox - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ro - 109.0.1+build1-0ubuntu0.20.04.2 firefox-geckodriver - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ja - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ru - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-br - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-zh-hant - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-zh-hans - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-bn - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-be - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-bg - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sl - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sk - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-si - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sw - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sv - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sr - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sq - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ko - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-kn - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-km - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-kk - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ka - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-xh - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ca - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ku - 109.0.1+build1-0ubuntu0.20.04.2 firefox-mozsymbols - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-lv - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-lt - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-th - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hsb - 109.0.1+build1-0ubuntu0.20.04.2 firefox-dev - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-te - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-cak - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ta - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-lg - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-tr - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-nso - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-de - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-da - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-uk - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mr - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-my - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-uz - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ml - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mn - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mk - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ur - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-eu - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-et - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-es - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-csb - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-el - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-eo - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-en - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-zu - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ast - 109.0.1+build1-0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/2006075 Ubuntu 20.04 LTS Sebastian Chnelik discovered that setuptools incorrectly handled certain regex inputs. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5817-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-setuptools - 44.0.0-2ubuntu0.1 pypy-setuptools - 44.0.0-2ubuntu0.1 pypy-pkg-resources - 44.0.0-2ubuntu0.1 python-pkg-resources - 44.0.0-2ubuntu0.1 No subscription required python-setuptools-doc - 45.2.0-1ubuntu0.1 python3-pkg-resources - 45.2.0-1ubuntu0.1 python3-setuptools - 45.2.0-1ubuntu0.1 No subscription required Medium CVE-2022-40897 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5818-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.17 php7.4-readline - 7.4.3-4ubuntu2.17 php7.4-dba - 7.4.3-4ubuntu2.17 php7.4-common - 7.4.3-4ubuntu2.17 php7.4-xmlrpc - 7.4.3-4ubuntu2.17 php7.4-intl - 7.4.3-4ubuntu2.17 php7.4-phpdbg - 7.4.3-4ubuntu2.17 php7.4-ldap - 7.4.3-4ubuntu2.17 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.17 php7.4-soap - 7.4.3-4ubuntu2.17 php7.4-xsl - 7.4.3-4ubuntu2.17 php7.4-pgsql - 7.4.3-4ubuntu2.17 php7.4-pspell - 7.4.3-4ubuntu2.17 php7.4-zip - 7.4.3-4ubuntu2.17 php7.4-curl - 7.4.3-4ubuntu2.17 php7.4-odbc - 7.4.3-4ubuntu2.17 php7.4-json - 7.4.3-4ubuntu2.17 php7.4-mbstring - 7.4.3-4ubuntu2.17 php7.4-imap - 7.4.3-4ubuntu2.17 php7.4-bz2 - 7.4.3-4ubuntu2.17 php7.4-cgi - 7.4.3-4ubuntu2.17 php7.4 - 7.4.3-4ubuntu2.17 php7.4-bcmath - 7.4.3-4ubuntu2.17 php7.4-dev - 7.4.3-4ubuntu2.17 php7.4-interbase - 7.4.3-4ubuntu2.17 php7.4-tidy - 7.4.3-4ubuntu2.17 php7.4-gmp - 7.4.3-4ubuntu2.17 php7.4-sqlite3 - 7.4.3-4ubuntu2.17 php7.4-fpm - 7.4.3-4ubuntu2.17 php7.4-sybase - 7.4.3-4ubuntu2.17 php7.4-cli - 7.4.3-4ubuntu2.17 libphp7.4-embed - 7.4.3-4ubuntu2.17 php7.4-enchant - 7.4.3-4ubuntu2.17 php7.4-mysql - 7.4.3-4ubuntu2.17 php7.4-snmp - 7.4.3-4ubuntu2.17 php7.4-xml - 7.4.3-4ubuntu2.17 php7.4-opcache - 7.4.3-4ubuntu2.17 No subscription required Medium CVE-2022-31631 Ubuntu 20.04 LTS It was discovered that HAProxy incorrectly handled certain messages. A remote attacker could possibly use this issue to cause HAProxy to stop responding, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5819-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.29-0ubuntu1.1 haproxy-doc - 2.0.29-0ubuntu1.1 vim-haproxy - 2.0.29-0ubuntu1.1 No subscription required Medium CVE-2023-0056 Ubuntu 20.04 LTS Lorenz Hipp discovered a flaw in exuberant-ctags handling of the tag filename command-line argument. A crafted tag filename specified in the command line or in the configuration file could result in arbitrary command execution. Update Instructions: Run `sudo pro fix USN-5820-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exuberant-ctags - 1:5.9~svn20110310-12ubuntu0.1 No subscription required Medium CVE-2022-4515 Ubuntu 20.04 LTS Sebastian Chnelik discovered that wheel incorrectly handled certain file names when validated against a regex expression. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5821-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-wheel-common - 0.34.2-1ubuntu0.1 python3-wheel - 0.34.2-1ubuntu0.1 No subscription required Medium CVE-2022-40898 Ubuntu 20.04 LTS USN-5821-1 fixed a vulnerability in wheel and pip. Unfortunately, it was missing a commit to fix it properly in pip. We apologize for the inconvenience. Original advisory details: Sebastian Chnelik discovered that wheel incorrectly handled certain file names when validated against a regex expression. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5821-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pip-whl - 20.0.2-5ubuntu1.8 python3-pip - 20.0.2-5ubuntu1.8 No subscription required Medium CVE-2022-40898 Ubuntu 20.04 LTS It was discovered that Samba incorrectly handled the bad password count logic. A remote attacker could possibly use this issue to bypass bad passwords lockouts. This issue was only addressed in Ubuntu 22.10. (CVE-2021-20251) Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2022-3437) Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerberos keys. A remote attacker could possibly use this issue to elevate privileges. (CVE-2022-37966, CVE-2022-37967) It was discovered that Samba supported weak RC4/HMAC-MD5 in NetLogon Secure Channel. A remote attacker could possibly use this issue to elevate privileges. (CVE-2022-38023) Greg Hudson discovered that Samba incorrectly handled PAC parsing. On 32-bit systems, a remote attacker could use this issue to escalate privileges, or possibly execute arbitrary code. (CVE-2022-42898) Joseph Sutton discovered that Samba could be forced to issue rc4-hmac encrypted Kerberos tickets. A remote attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-45141) WARNING: The fixes included in these updates introduce several important behavior changes which may cause compatibility problems interacting with systems still expecting the former behavior. Please see the following upstream advisories for more information: https://www.samba.org/samba/security/CVE-2022-37966.html https://www.samba.org/samba/security/CVE-2022-37967.html https://www.samba.org/samba/security/CVE-2022-38023.html Update Instructions: Run `sudo pro fix USN-5822-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss-winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-testsuite - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba - 2:4.13.17~dfsg-0ubuntu1.20.04.4 registry-tools - 2:4.13.17~dfsg-0ubuntu1.20.04.4 libpam-winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.4 winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.4 smbclient - 2:4.13.17~dfsg-0ubuntu1.20.04.4 libwbclient0 - 2:4.13.17~dfsg-0ubuntu1.20.04.4 libwbclient-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-common-bin - 2:4.13.17~dfsg-0ubuntu1.20.04.4 libsmbclient - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-dsdb-modules - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.4 libsmbclient-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-vfs-modules - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-common - 2:4.13.17~dfsg-0ubuntu1.20.04.4 ctdb - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-libs - 2:4.13.17~dfsg-0ubuntu1.20.04.4 python3-samba - 2:4.13.17~dfsg-0ubuntu1.20.04.4 No subscription required Medium CVE-2021-20251 CVE-2022-3437 CVE-2022-37966 CVE-2022-37967 CVE-2022-38023 CVE-2022-42898 CVE-2022-45141 Ubuntu 20.04 LTS USN-5822-1 fixed vulnerabilities in Samba. The update for Ubuntu 20.04 LTS introduced regressions in certain environments. Pending investigation of these regressions, this update temporarily reverts the security fixes. We apologize for the inconvenience. Original advisory details: It was discovered that Samba incorrectly handled the bad password count logic. A remote attacker could possibly use this issue to bypass bad passwords lockouts. This issue was only addressed in Ubuntu 22.10. (CVE-2021-20251) Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2022-3437) Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerberos keys. A remote attacker could possibly use this issue to elevate privileges. (CVE-2022-37966, CVE-2022-37967) It was discovered that Samba supported weak RC4/HMAC-MD5 in NetLogon Secure Channel. A remote attacker could possibly use this issue to elevate privileges. (CVE-2022-38023) Greg Hudson discovered that Samba incorrectly handled PAC parsing. On 32-bit systems, a remote attacker could use this issue to escalate privileges, or possibly execute arbitrary code. (CVE-2022-42898) Joseph Sutton discovered that Samba could be forced to issue rc4-hmac encrypted Kerberos tickets. A remote attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-45141) WARNING: The fixes included in these updates introduce several important behavior changes which may cause compatibility problems interacting with systems still expecting the former behavior. Please see the following upstream advisories for more information: https://www.samba.org/samba/security/CVE-2022-37966.html https://www.samba.org/samba/security/CVE-2022-37967.html https://www.samba.org/samba/security/CVE-2022-38023.html Update Instructions: Run `sudo pro fix USN-5822-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: samba-testsuite - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba - 2:4.13.17~dfsg-0ubuntu1.20.04.5 libnss-winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.5 libpam-winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.5 winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.5 smbclient - 2:4.13.17~dfsg-0ubuntu1.20.04.5 libwbclient-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.5 libsmbclient - 2:4.13.17~dfsg-0ubuntu1.20.04.5 python3-samba - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba-common-bin - 2:4.13.17~dfsg-0ubuntu1.20.04.5 libwbclient0 - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba-dsdb-modules - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.5 libsmbclient-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba-vfs-modules - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba-common - 2:4.13.17~dfsg-0ubuntu1.20.04.5 ctdb - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba-libs - 2:4.13.17~dfsg-0ubuntu1.20.04.5 registry-tools - 2:4.13.17~dfsg-0ubuntu1.20.04.5 No subscription required None https://launchpad.net/bugs/2003867 https://launchpad.net/bugs/2003891 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.32 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.41. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-41.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-32.html https://www.oracle.com/security-alerts/cpujan2023.html Update Instructions: Run `sudo pro fix USN-5823-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.32-0buntu0.20.04.1 libmysqlclient-dev - 8.0.32-0buntu0.20.04.1 mysql-testsuite-8.0 - 8.0.32-0buntu0.20.04.1 mysql-router - 8.0.32-0buntu0.20.04.1 mysql-server - 8.0.32-0buntu0.20.04.1 libmysqlclient21 - 8.0.32-0buntu0.20.04.1 mysql-client-core-8.0 - 8.0.32-0buntu0.20.04.1 mysql-server-core-8.0 - 8.0.32-0buntu0.20.04.1 mysql-server-8.0 - 8.0.32-0buntu0.20.04.1 mysql-testsuite - 8.0.32-0buntu0.20.04.1 mysql-client-8.0 - 8.0.32-0buntu0.20.04.1 mysql-source-8.0 - 8.0.32-0buntu0.20.04.1 No subscription required Medium CVE-2022-32221 CVE-2023-21836 CVE-2023-21840 CVE-2023-21863 CVE-2023-21867 CVE-2023-21868 CVE-2023-21869 CVE-2023-21870 CVE-2023-21871 CVE-2023-21873 CVE-2023-21875 CVE-2023-21876 CVE-2023-21877 CVE-2023-21878 CVE-2023-21879 CVE-2023-21880 CVE-2023-21881 CVE-2023-21882 CVE-2023-21883 CVE-2023-21887 Ubuntu 20.04 LTS USN-5823-1 fixed vulnerabilities in MySQL. Unfortunately, 8.0.32 introduced a regression in MySQL Router preventing connections from PyMySQL. This update reverts most of the changes in MySQL Router to 8.0.31 until a proper fix can be found. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.32 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.41. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-41.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-32.html https://www.oracle.com/security-alerts/cpujan2023.html Update Instructions: Run `sudo pro fix USN-5823-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.32-0ubuntu0.20.04.2 mysql-client-8.0 - 8.0.32-0ubuntu0.20.04.2 libmysqlclient-dev - 8.0.32-0ubuntu0.20.04.2 mysql-testsuite-8.0 - 8.0.32-0ubuntu0.20.04.2 mysql-router - 8.0.32-0ubuntu0.20.04.2 mysql-server - 8.0.32-0ubuntu0.20.04.2 libmysqlclient21 - 8.0.32-0ubuntu0.20.04.2 mysql-client-core-8.0 - 8.0.32-0ubuntu0.20.04.2 mysql-server-core-8.0 - 8.0.32-0ubuntu0.20.04.2 mysql-testsuite - 8.0.32-0ubuntu0.20.04.2 mysql-server-8.0 - 8.0.32-0ubuntu0.20.04.2 mysql-source-8.0 - 8.0.32-0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/2003835 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2022-45403, CVE-2022-45404, CVE-2022-45405, CVE-2022-45406, CVE-2022-45408, CVE-2022-45409, CVE-2022-45410, CVE-2022-45411, CVE-2022-45418, CVE-2022-45420, CVE-2022-45421, CVE-2022-46878, CVE-2022-46880, CVE-2022-46881, CVE-2022-46882, CVE-2023-23605) Armin Ebert discovered that Thunderbird did not properly manage memory while resolving file symlink. If a user were tricked into opening a specially crafted weblink, an attacker could potentially exploit these to cause a denial of service. (CVE-2022-45412) Sarah Jamie Lewis discovered that Thunderbird did not properly manage network request while handling HTML emails with certain tags. If a user were tricked into opening a specially HTML email, an attacker could potentially exploit these issue and load remote content regardless of a configuration to block remote content. (CVE-2022-45414) Erik Kraft, Martin Schwarzl, and Andrew McCreight discovered that Thunderbird incorrectly handled keyboard events. An attacker could possibly use this issue to perform a timing side-channel attack and possibly figure out which keys are being pressed. (CVE-2022-45416) It was discovered that Thunderbird was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Thunderbird. (CVE-2022-46871) Nika Layzell discovered that Thunderbird was not performing a check on paste received from cross-processes. An attacker could potentially exploit this to obtain sensitive information. (CVE-2022-46872) Matthias Zoellner discovered that Thunderbird was not keeping the filename ending intact when using the drag-and-drop event. An attacker could possibly use this issue to add a file with a malicious extension, leading to execute arbitrary code. (CVE-2022-46874) Hafiizh discovered that Thunderbird was not properly handling fullscreen notifications when the window goes into fullscreen mode. An attacker could possibly use this issue to spoof the user and obtain sensitive information. (CVE-2022-46877) Tom Schuster discovered that Thunderbird was not performing a validation check on GTK drag data. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-23598) Vadim discovered that Thunderbird was not properly sanitizing a curl command output when copying a network request from the developer tools panel. An attacker could potentially exploits this to hide and execute arbitrary commands. (CVE-2023-23599) Luan Herrera discovered that Thunderbird was not stopping navigation when dragging a URL from a cross-origin iframe into the same tab. An attacker potentially exploits this to spoof the user. (CVE-2023-23601) Dave Vandyke discovered that Thunderbird did not properly implement CSP policy when creating a WebSocket in a WebWorker. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script. (CVE-2023-23602) Dan Veditz discovered that Thunderbird did not properly implement CSP policy on regular expression when using console.log. An attacker potentially exploits this to exfiltrate data. (CVE-2023-23603) It was discovered that Thunderbird did not properly check the Certificate OCSP revocation status when verifying S/Mime signatures. An attacker could possibly use this issue to bypass signature validation check by sending email signed with a revoked certificate. (CVE-2023-0430) Update Instructions: Run `sudo pro fix USN-5824-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.7.1+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.7.1+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.7.1+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.7.1+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-45403 CVE-2022-45404 CVE-2022-45405 CVE-2022-45406 CVE-2022-45408 CVE-2022-45409 CVE-2022-45410 CVE-2022-45411 CVE-2022-45412 CVE-2022-45416 CVE-2022-45418 CVE-2022-45420 CVE-2022-45421 CVE-2022-45414 CVE-2022-46880 CVE-2022-46872 CVE-2022-46881 CVE-2022-46882 CVE-2022-46878 CVE-2022-46874 CVE-2022-46871 CVE-2023-23598 CVE-2023-23599 CVE-2023-23601 CVE-2023-23602 CVE-2022-46877 CVE-2023-23603 CVE-2023-23605 CVE-2023-0430 Ubuntu 20.04 LTS It was discovered that PAM did not correctly restrict login from an IP address that is not resolvable via DNS. An attacker could possibly use this issue to bypass authentication. Update Instructions: Run `sudo pro fix USN-5825-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpam-runtime - 1.3.1-5ubuntu4.4 libpam0g-dev - 1.3.1-5ubuntu4.4 libpam-modules - 1.3.1-5ubuntu4.4 libpam-modules-bin - 1.3.1-5ubuntu4.4 libpam-doc - 1.3.1-5ubuntu4.4 libpam-cracklib - 1.3.1-5ubuntu4.4 libpam0g - 1.3.1-5ubuntu4.4 No subscription required Negligible CVE-2022-28321 Ubuntu 20.04 LTS USN-5825-1 fixed vulnerabilities in PAM. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that PAM did not correctly restrict login from an IP address that is not resolvable via DNS. An attacker could possibly use this issue to bypass authentication. Update Instructions: Run `sudo pro fix USN-5825-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpam-runtime - 1.3.1-5ubuntu4.6 libpam0g-dev - 1.3.1-5ubuntu4.6 libpam-modules - 1.3.1-5ubuntu4.6 libpam-modules-bin - 1.3.1-5ubuntu4.6 libpam-doc - 1.3.1-5ubuntu4.6 libpam-cracklib - 1.3.1-5ubuntu4.6 libpam0g - 1.3.1-5ubuntu4.6 No subscription required Negligible CVE-2022-28321 https://launchpad.net/bugs/2006073 Ubuntu 20.04 LTS Joshua Rogers discovered that Privoxy incorrectly handled memory allocation. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-44540) Artem Ivanov discovered that Privoxy incorrectly handled input validations. An attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. (CVE-2021-44543) Update Instructions: Run `sudo pro fix USN-5826-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: privoxy - 3.0.28-2ubuntu0.2 No subscription required Medium CVE-2021-44540 CVE-2021-44543 Ubuntu 20.04 LTS Rob Schulhof discovered that Bind incorrectly handled a large number of UPDATE messages. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. (CVE-2022-3094) Borja Marcos discovered that Bind incorrectly handled certain RRSIG queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3736) Maksym Odinintsev discovered that Bind incorrectly handled certain answers from stale cache. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3924) Update Instructions: Run `sudo pro fix USN-5827-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.12 bind9-libs - 1:9.16.1-0ubuntu2.12 bind9utils - 1:9.16.1-0ubuntu2.12 bind9-doc - 1:9.16.1-0ubuntu2.12 bind9-utils - 1:9.16.1-0ubuntu2.12 bind9 - 1:9.16.1-0ubuntu2.12 bind9-dnsutils - 1:9.16.1-0ubuntu2.12 bind9-host - 1:9.16.1-0ubuntu2.12 No subscription required Medium CVE-2022-3094 CVE-2022-3736 CVE-2022-3924 Ubuntu 20.04 LTS It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2018-20217) Greg Hudson discovered that Kerberos PAC implementation incorrectly handled certain parsing operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-42898) Update Instructions: Run `sudo pro fix USN-5828-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libk5crypto3 - 1.17-6ubuntu4.2 krb5-kpropd - 1.17-6ubuntu4.2 krb5-user - 1.17-6ubuntu4.2 libgssrpc4 - 1.17-6ubuntu4.2 libkrb5support0 - 1.17-6ubuntu4.2 krb5-doc - 1.17-6ubuntu4.2 libkrb5-dev - 1.17-6ubuntu4.2 krb5-pkinit - 1.17-6ubuntu4.2 libkrb5-3 - 1.17-6ubuntu4.2 krb5-kdc-ldap - 1.17-6ubuntu4.2 krb5-otp - 1.17-6ubuntu4.2 krb5-gss-samples - 1.17-6ubuntu4.2 libkdb5-9 - 1.17-6ubuntu4.2 krb5-locales - 1.17-6ubuntu4.2 libgssapi-krb5-2 - 1.17-6ubuntu4.2 krb5-kdc - 1.17-6ubuntu4.2 libkrad-dev - 1.17-6ubuntu4.2 krb5-k5tls - 1.17-6ubuntu4.2 libkrad0 - 1.17-6ubuntu4.2 krb5-multidev - 1.17-6ubuntu4.2 libkadm5srv-mit11 - 1.17-6ubuntu4.2 libkadm5clnt-mit11 - 1.17-6ubuntu4.2 krb5-admin-server - 1.17-6ubuntu4.2 No subscription required Medium CVE-2018-20217 CVE-2022-42898 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5829-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-raspi-tools-5.4.0-1079 - 5.4.0-1079.90 linux-tools-5.4.0-1079-raspi - 5.4.0-1079.90 linux-image-5.4.0-1079-raspi - 5.4.0-1079.90 linux-raspi-headers-5.4.0-1079 - 5.4.0-1079.90 linux-headers-5.4.0-1079-raspi - 5.4.0-1079.90 linux-modules-5.4.0-1079-raspi - 5.4.0-1079.90 linux-buildinfo-5.4.0-1079-raspi - 5.4.0-1079.90 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1079.109 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1079.109 linux-raspi-hwe-18.04-edge - 5.4.0.1079.109 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1079.109 linux-raspi-hwe-18.04 - 5.4.0.1079.109 linux-tools-raspi - 5.4.0.1079.109 linux-image-raspi - 5.4.0.1079.109 linux-tools-raspi2-hwe-18.04 - 5.4.0.1079.109 linux-raspi2-hwe-18.04 - 5.4.0.1079.109 linux-raspi2 - 5.4.0.1079.109 linux-image-raspi2-hwe-18.04 - 5.4.0.1079.109 linux-headers-raspi2 - 5.4.0.1079.109 linux-tools-raspi2 - 5.4.0.1079.109 linux-headers-raspi2-hwe-18.04 - 5.4.0.1079.109 linux-image-raspi2 - 5.4.0.1079.109 linux-image-raspi-hwe-18.04-edge - 5.4.0.1079.109 linux-tools-raspi-hwe-18.04 - 5.4.0.1079.109 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1079.109 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1079.109 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1079.109 linux-raspi - 5.4.0.1079.109 linux-headers-raspi - 5.4.0.1079.109 linux-headers-raspi-hwe-18.04 - 5.4.0.1079.109 linux-image-raspi-hwe-18.04 - 5.4.0.1079.109 No subscription required High CVE-2022-3643 CVE-2022-42896 CVE-2022-43945 CVE-2022-45934 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5830-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.4.0-1101-azure - 5.4.0-1101.107 linux-image-5.4.0-1101-azure - 5.4.0-1101.107 linux-modules-extra-5.4.0-1101-azure - 5.4.0-1101.107 linux-azure-headers-5.4.0-1101 - 5.4.0-1101.107 linux-modules-5.4.0-1101-azure - 5.4.0-1101.107 linux-azure-tools-5.4.0-1101 - 5.4.0-1101.107 linux-azure-cloud-tools-5.4.0-1101 - 5.4.0-1101.107 linux-headers-5.4.0-1101-azure - 5.4.0-1101.107 linux-tools-5.4.0-1101-azure - 5.4.0-1101.107 linux-buildinfo-5.4.0-1101-azure - 5.4.0-1101.107 linux-image-unsigned-5.4.0-1101-azure - 5.4.0-1101.107 No subscription required linux-image-azure-lts-20.04 - 5.4.0.1101.94 linux-modules-extra-azure-lts-20.04 - 5.4.0.1101.94 linux-tools-azure-lts-20.04 - 5.4.0.1101.94 linux-azure-lts-20.04 - 5.4.0.1101.94 linux-headers-azure-lts-20.04 - 5.4.0.1101.94 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1101.94 No subscription required High CVE-2022-3643 CVE-2022-42896 CVE-2022-43945 CVE-2022-45934 Ubuntu 20.04 LTS Sebastian Chnelik discovered that python-future incorrectly handled certain HTTP header field. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5833-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-future-doc - 0.18.2-2ubuntu0.1 python3-future - 0.18.2-2ubuntu0.1 No subscription required Medium CVE-2022-40899 Ubuntu 20.04 LTS Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information. Update Instructions: Run `sudo pro fix USN-5835-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cinder-backup - 2:16.4.2-0ubuntu2.1 cinder-api - 2:16.4.2-0ubuntu2.1 cinder-volume - 2:16.4.2-0ubuntu2.1 cinder-common - 2:16.4.2-0ubuntu2.1 python3-cinder - 2:16.4.2-0ubuntu2.1 cinder-scheduler - 2:16.4.2-0ubuntu2.1 No subscription required Medium CVE-2022-47951 Ubuntu 20.04 LTS Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that OpenStack Glance incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information. Update Instructions: Run `sudo pro fix USN-5835-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-glance - 2:20.2.0-0ubuntu1.1 glance-api - 2:20.2.0-0ubuntu1.1 glance - 2:20.2.0-0ubuntu1.1 glance-common - 2:20.2.0-0ubuntu1.1 python-glance-doc - 2:20.2.0-0ubuntu1.1 No subscription required Medium CVE-2022-47951 Ubuntu 20.04 LTS Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Nova incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information. Update Instructions: Run `sudo pro fix USN-5835-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nova-api - 2:21.2.4-0ubuntu2.1 nova-common - 2:21.2.4-0ubuntu2.1 nova-compute-xen - 2:21.2.4-0ubuntu2.1 nova-api-os-compute - 2:21.2.4-0ubuntu2.1 nova-novncproxy - 2:21.2.4-0ubuntu2.1 nova-serialproxy - 2:21.2.4-0ubuntu2.1 nova-api-os-volume - 2:21.2.4-0ubuntu2.1 nova-compute-lxc - 2:21.2.4-0ubuntu2.1 nova-api-metadata - 2:21.2.4-0ubuntu2.1 nova-ajax-console-proxy - 2:21.2.4-0ubuntu2.1 nova-compute-kvm - 2:21.2.4-0ubuntu2.1 nova-doc - 2:21.2.4-0ubuntu2.1 nova-conductor - 2:21.2.4-0ubuntu2.1 nova-volume - 2:21.2.4-0ubuntu2.1 nova-compute-vmware - 2:21.2.4-0ubuntu2.1 python3-nova - 2:21.2.4-0ubuntu2.1 nova-spiceproxy - 2:21.2.4-0ubuntu2.1 nova-scheduler - 2:21.2.4-0ubuntu2.1 nova-compute-libvirt - 2:21.2.4-0ubuntu2.1 nova-compute - 2:21.2.4-0ubuntu2.1 nova-compute-qemu - 2:21.2.4-0ubuntu2.1 nova-cells - 2:21.2.4-0ubuntu2.1 No subscription required Medium CVE-2022-47951 Ubuntu 20.04 LTS USN-5835-1 fixed vulnerabilities in Cinder. This update provides the corresponding updates for Ubuntu 18.04 LTS. In addition, a regression was fixed for Ubuntu 20.04 LTS. Original advisory details: Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information. Update Instructions: Run `sudo pro fix USN-5835-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cinder-backup - 2:16.4.2-0ubuntu2.2 cinder-api - 2:16.4.2-0ubuntu2.2 cinder-volume - 2:16.4.2-0ubuntu2.2 cinder-common - 2:16.4.2-0ubuntu2.2 python3-cinder - 2:16.4.2-0ubuntu2.2 cinder-scheduler - 2:16.4.2-0ubuntu2.2 No subscription required Medium CVE-2022-47951 Ubuntu 20.04 LTS Nick Pope discovered that Django incorrectly handled certain Accept-Language headers. A remote attacker could possibly use this issue to cause Django to consume memory, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-5837-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.15 python-django-doc - 2:2.2.12-1ubuntu0.15 No subscription required Medium CVE-2023-23969 Ubuntu 20.04 LTS It was discovered that AdvanceCOMP did not properly manage memory while performing read operations on MNG file. If a user were tricked into opening a specially crafted MNG file, a remote attacker could possibly use this issue to cause AdvanceCOMP to crash, resulting in a denial of service. (CVE-2022-35014, CVE-2022-35017, CVE-2022-35018, CVE-2022-35019, CVE-2022-35020) It was discovered that AdvanceCOMP did not properly manage memory while performing read operations on ZIP file. If a user were tricked into opening a specially crafted ZIP file, a remote attacker could possibly use this issue to cause AdvanceCOMP to crash, resulting in a denial of service. (CVE-2022-35015, CVE-2022-35016) Update Instructions: Run `sudo pro fix USN-5838-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: advancecomp - 2.1-2.1ubuntu0.20.04.1 No subscription required Medium CVE-2022-35014 CVE-2022-35015 CVE-2022-35016 CVE-2022-35017 CVE-2022-35018 CVE-2022-35019 CVE-2022-35020 Ubuntu 20.04 LTS It was discovered that the Apache HTTP Server mod_dav module incorrectly handled certain If: request headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2006-20001) ZeddYu_Lu discovered that the Apache HTTP Server mod_proxy_ajp module incorrectly interpreted certain HTTP Requests. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-36760) Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server mod_proxy module incorrectly truncated certain response headers. This may result in later headers not being interpreted by the client. (CVE-2022-37436) Update Instructions: Run `sudo pro fix USN-5839-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.13 libapache2-mod-md - 2.4.41-4ubuntu3.13 apache2-utils - 2.4.41-4ubuntu3.13 apache2-dev - 2.4.41-4ubuntu3.13 apache2-suexec-pristine - 2.4.41-4ubuntu3.13 apache2-suexec-custom - 2.4.41-4ubuntu3.13 apache2 - 2.4.41-4ubuntu3.13 apache2-doc - 2.4.41-4ubuntu3.13 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.13 apache2-ssl-dev - 2.4.41-4ubuntu3.13 apache2-bin - 2.4.41-4ubuntu3.13 No subscription required Medium CVE-2006-20001 CVE-2022-36760 CVE-2022-37436 Ubuntu 20.04 LTS It was discovered that Long Range ZIP incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted ZIP file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-25467) It was discovered that Long Range ZIP incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted ZIP file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-27345, CVE-2021-27347) It was discovered that Long Range ZIP incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted ZIP file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2022-26291) It was discovered that Long Range ZIP incorrectly handled memory allocation, which could lead to a heap memory corruption. An attacker could possibly use this issue to cause denial of service. This issue affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-28044) Update Instructions: Run `sudo pro fix USN-5840-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lrzip - 0.631+git180528-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2018-5786 CVE-2020-25467 CVE-2021-27345 CVE-2021-27347 CVE-2022-26291 CVE-2022-28044 Ubuntu 20.04 LTS Mark Esler and David Fernandez Gonzalez discovered that EditorConfig Core C incorrectly handled memory when handling certain inputs. An attacker could possibly use this issue to cause applications using EditorConfig Core C to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5842-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: editorconfig-doc - 0.12.1-1.1ubuntu0.20.04.1~esm1 libeditorconfig0 - 0.12.1-1.1ubuntu0.20.04.1~esm1 editorconfig - 0.12.1-1.1ubuntu0.20.04.1~esm1 libeditorconfig-dev - 0.12.1-1.1ubuntu0.20.04.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-0341 Ubuntu 20.04 LTS It was discovered that tmux incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5843-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tmux - 3.0a-2ubuntu0.4 No subscription required Medium CVE-2022-47016 Ubuntu 20.04 LTS David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. (CVE-2023-0286) Corey Bonnell discovered that OpenSSL incorrectly handled X.509 certificate verification. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-4203) Hubert Kario discovered that OpenSSL had a timing based side channel in the OpenSSL RSA Decryption implementation. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2022-4304) Dawei Wang discovered that OpenSSL incorrectly handled parsing certain PEM data. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2022-4450) Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly handled streaming ASN.1 data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0215) Marc Schönefeld discovered that OpenSSL incorrectly handled malformed PKCS7 data. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0216) Kurt Roeckx discovered that OpenSSL incorrectly handled validating certain DSA public keys. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0217) Hubert Kario and Dmitry Belyavsky discovered that OpenSSL incorrectly validated certain signatures. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0401) Update Instructions: Run `sudo pro fix USN-5844-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.17 libssl-dev - 1.1.1f-1ubuntu2.17 openssl - 1.1.1f-1ubuntu2.17 libssl-doc - 1.1.1f-1ubuntu2.17 No subscription required High CVE-2022-4203 CVE-2022-4304 CVE-2022-4450 CVE-2023-0215 CVE-2023-0216 CVE-2023-0217 CVE-2023-0286 CVE-2023-0401 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges. Update Instructions: Run `sudo pro fix USN-5846-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.6 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.6 xwayland - 2:1.20.13-1ubuntu1~20.04.6 xdmx - 2:1.20.13-1ubuntu1~20.04.6 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.6 xvfb - 2:1.20.13-1ubuntu1~20.04.6 xnest - 2:1.20.13-1ubuntu1~20.04.6 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.6 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.6 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.6 xserver-common - 2:1.20.13-1ubuntu1~20.04.6 No subscription required Medium CVE-2023-0494 Ubuntu 20.04 LTS It was discovered that Grunt was not properly loading YAML files before parsing them. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-7729) It was discovered that Grunt was not properly handling symbolic links when performing file copy operations. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. (CVE-2022-0436) It was discovered that there was a race condition in the Grunt file copy function, which could lead to an arbitrary file write. An attacker could possibly use this issue to perform a local privilege escalation attack or to execute arbitrary code. (CVE-2022-1537) Update Instructions: Run `sudo pro fix USN-5847-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: grunt - 1.0.4-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2020-7729 CVE-2022-0436 CVE-2022-1537 Ubuntu 20.04 LTS Helmut Grohne discovered that Heimdal GSSAPI incorrectly handled logical conditions that are related to memory management operations. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5849-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhcrypto4-heimdal - 7.7.0+dfsg-1ubuntu1.4 libwind0-heimdal - 7.7.0+dfsg-1ubuntu1.4 libroken18-heimdal - 7.7.0+dfsg-1ubuntu1.4 libgssapi3-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-kcm - 7.7.0+dfsg-1ubuntu1.4 libhdb9-heimdal - 7.7.0+dfsg-1ubuntu1.4 libasn1-8-heimdal - 7.7.0+dfsg-1ubuntu1.4 libsl0-heimdal - 7.7.0+dfsg-1ubuntu1.4 libkadm5clnt7-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-kdc - 7.7.0+dfsg-1ubuntu1.4 libkdc2-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-servers - 7.7.0+dfsg-1ubuntu1.4 libheimntlm0-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-docs - 7.7.0+dfsg-1ubuntu1.4 libheimbase1-heimdal - 7.7.0+dfsg-1ubuntu1.4 libkrb5-26-heimdal - 7.7.0+dfsg-1ubuntu1.4 libotp0-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-dev - 7.7.0+dfsg-1ubuntu1.4 libkafs0-heimdal - 7.7.0+dfsg-1ubuntu1.4 libhx509-5-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-multidev - 7.7.0+dfsg-1ubuntu1.4 libkadm5srv8-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-clients - 7.7.0+dfsg-1ubuntu1.4 No subscription required Medium CVE-2022-45142 Ubuntu 20.04 LTS It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3543) It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service (memory exhaustion). (CVE-2022-3619) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) Arnaud Gatignol, Quentin Minster, Florent Saudel and Guillaume Teissier discovered that the KSMBD implementation in the Linux kernel did not properly validate user-supplied data in some situations. An authenticated attacker could use this to cause a denial of service (system crash), expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2022-47940) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) Update Instructions: Run `sudo pro fix USN-5851-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oracle-5.15-headers-5.15.0-1029 - 5.15.0-1029.35~20.04.1 linux-buildinfo-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 linux-modules-extra-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 linux-image-unsigned-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 linux-modules-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 linux-headers-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 linux-oracle-5.15-tools-5.15.0-1029 - 5.15.0-1029.35~20.04.1 linux-image-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 linux-tools-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1033 - 5.15.0-1033.40~20.04.1 linux-image-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-modules-extra-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-buildinfo-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-azure-5.15-headers-5.15.0-1033 - 5.15.0-1033.40~20.04.1 linux-tools-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-headers-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-image-unsigned-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-modules-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-cloud-tools-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1033 - 5.15.0-1033.40~20.04.1 No subscription required linux-modules-extra-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-image-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-buildinfo-5.15.0-60-generic-lpae - 5.15.0-60.66~20.04.1 linux-image-5.15.0-60-generic-64k - 5.15.0-60.66~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-60 - 5.15.0-60.66~20.04.1 linux-cloud-tools-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-buildinfo-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-tools-5.15.0-60-generic-64k - 5.15.0-60.66~20.04.1 linux-modules-iwlwifi-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-modules-5.15.0-60-generic-64k - 5.15.0-60.66~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-60.66~20.04.1 linux-headers-5.15.0-60-lowlatency-64k - 5.15.0-60.66~20.04.1 linux-headers-5.15.0-60-generic-lpae - 5.15.0-60.66~20.04.1 linux-modules-5.15.0-60-generic-lpae - 5.15.0-60.66~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-60 - 5.15.0-60.66~20.04.1 linux-tools-5.15.0-60-generic-lpae - 5.15.0-60.66~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-60.66~20.04.1 linux-buildinfo-5.15.0-60-lowlatency-64k - 5.15.0-60.66~20.04.1 linux-image-5.15.0-60-lowlatency-64k - 5.15.0-60.66~20.04.1 linux-image-unsigned-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-image-unsigned-5.15.0-60-generic-64k - 5.15.0-60.66~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-60.66~20.04.1 linux-headers-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-60 - 5.15.0-60.66~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-60 - 5.15.0-60.66~20.04.1 linux-buildinfo-5.15.0-60-generic-64k - 5.15.0-60.66~20.04.1 linux-tools-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-modules-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-cloud-tools-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-tools-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-60.66~20.04.1 linux-hwe-5.15-headers-5.15.0-60 - 5.15.0-60.66~20.04.1 linux-image-unsigned-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-60.66~20.04.1 linux-modules-5.15.0-60-lowlatency-64k - 5.15.0-60.66~20.04.1 linux-hwe-5.15-tools-5.15.0-60 - 5.15.0-60.66~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-60.66~20.04.1 linux-headers-5.15.0-60-generic-64k - 5.15.0-60.66~20.04.1 linux-modules-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-image-unsigned-5.15.0-60-lowlatency-64k - 5.15.0-60.66~20.04.1 linux-tools-5.15.0-60-lowlatency-64k - 5.15.0-60.66~20.04.1 linux-image-5.15.0-60-generic-lpae - 5.15.0-60.66~20.04.1 linux-modules-iwlwifi-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-buildinfo-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-headers-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-image-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-60.66~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1029.35~20.04.1 linux-tools-oracle - 5.15.0.1029.35~20.04.1 linux-tools-oracle-edge - 5.15.0.1029.35~20.04.1 linux-oracle-edge - 5.15.0.1029.35~20.04.1 linux-image-oracle-edge - 5.15.0.1029.35~20.04.1 linux-headers-oracle-edge - 5.15.0.1029.35~20.04.1 linux-image-oracle - 5.15.0.1029.35~20.04.1 linux-oracle - 5.15.0.1029.35~20.04.1 No subscription required linux-tools-azure-edge - 5.15.0.1033.40~20.04.23 linux-cloud-tools-azure - 5.15.0.1033.40~20.04.23 linux-tools-azure - 5.15.0.1033.40~20.04.23 linux-image-azure-edge - 5.15.0.1033.40~20.04.23 linux-azure - 5.15.0.1033.40~20.04.23 linux-cloud-tools-azure-edge - 5.15.0.1033.40~20.04.23 linux-modules-extra-azure - 5.15.0.1033.40~20.04.23 linux-image-azure - 5.15.0.1033.40~20.04.23 linux-headers-azure-edge - 5.15.0.1033.40~20.04.23 linux-azure-edge - 5.15.0.1033.40~20.04.23 linux-modules-extra-azure-edge - 5.15.0.1033.40~20.04.23 linux-headers-azure - 5.15.0.1033.40~20.04.23 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-headers-lowlatency-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-image-lowlatency-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-lowlatency-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-lowlatency-64k-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-tools-lowlatency-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-lowlatency-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.23 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-image-virtual-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-headers-virtual-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-headers-generic-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-image-virtual-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-image-extra-virtual-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-virtual-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-headers-generic-64k-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-generic-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-generic-lpae-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-virtual-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-tools-generic-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-generic-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-image-generic-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-generic-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-generic-lpae-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-tools-generic-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-headers-generic-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-image-generic-lpae-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-tools-virtual-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-tools-generic-64k-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-tools-virtual-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-image-generic-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-generic-64k-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-image-generic-64k-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-headers-virtual-hwe-20.04 - 5.15.0.60.66~20.04.26 No subscription required Medium CVE-2022-3543 CVE-2022-3619 CVE-2022-3623 CVE-2022-3628 CVE-2022-3640 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2022-47940 CVE-2023-0590 Ubuntu 20.04 LTS It was discovered that OpenStack Swift incorrectly handled certain XML files. A remote authenticated user could possibly use this issue to obtain arbitrary file contents containing sensitive information from the server. Update Instructions: Run `sudo pro fix USN-5852-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: swift-account - 2.25.2-0ubuntu1.1 swift-doc - 2.25.2-0ubuntu1.1 swift-proxy - 2.25.2-0ubuntu1.1 python3-swift - 2.25.2-0ubuntu1.1 swift-container - 2.25.2-0ubuntu1.1 swift - 2.25.2-0ubuntu1.1 swift-object-expirer - 2.25.2-0ubuntu1.1 swift-object - 2.25.2-0ubuntu1.1 No subscription required Medium CVE-2022-47950 Ubuntu 20.04 LTS It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20928) Update Instructions: Run `sudo pro fix USN-5853-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-image-unsigned-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-headers-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-image-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-gkeop-source-5.4.0 - 5.4.0-1064.68 linux-gkeop-headers-5.4.0-1064 - 5.4.0-1064.68 linux-buildinfo-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-gkeop-tools-5.4.0-1064 - 5.4.0-1064.68 linux-modules-extra-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-cloud-tools-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-gkeop-cloud-tools-5.4.0-1064 - 5.4.0-1064.68 linux-tools-5.4.0-1064-gkeop - 5.4.0-1064.68 No subscription required linux-buildinfo-5.4.0-1080-raspi - 5.4.0-1080.91 linux-raspi-headers-5.4.0-1080 - 5.4.0-1080.91 linux-tools-5.4.0-1080-raspi - 5.4.0-1080.91 linux-image-5.4.0-1080-raspi - 5.4.0-1080.91 linux-headers-5.4.0-1080-raspi - 5.4.0-1080.91 linux-modules-5.4.0-1080-raspi - 5.4.0-1080.91 linux-raspi-tools-5.4.0-1080 - 5.4.0-1080.91 No subscription required linux-kvm-tools-5.4.0-1086 - 5.4.0-1086.92 linux-kvm-headers-5.4.0-1086 - 5.4.0-1086.92 linux-buildinfo-5.4.0-1086-kvm - 5.4.0-1086.92 linux-tools-5.4.0-1086-kvm - 5.4.0-1086.92 linux-image-unsigned-5.4.0-1086-kvm - 5.4.0-1086.92 linux-image-5.4.0-1086-kvm - 5.4.0-1086.92 linux-modules-5.4.0-1086-kvm - 5.4.0-1086.92 linux-headers-5.4.0-1086-kvm - 5.4.0-1086.92 No subscription required linux-oracle-tools-5.4.0-1093 - 5.4.0-1093.102 linux-image-unsigned-5.4.0-1093-oracle - 5.4.0-1093.102 linux-headers-5.4.0-1093-oracle - 5.4.0-1093.102 linux-tools-5.4.0-1093-oracle - 5.4.0-1093.102 linux-modules-5.4.0-1093-oracle - 5.4.0-1093.102 linux-buildinfo-5.4.0-1093-oracle - 5.4.0-1093.102 linux-image-5.4.0-1093-oracle - 5.4.0-1093.102 linux-modules-extra-5.4.0-1093-oracle - 5.4.0-1093.102 linux-oracle-headers-5.4.0-1093 - 5.4.0-1093.102 No subscription required linux-headers-5.4.0-1096-aws - 5.4.0-1096.104 linux-aws-cloud-tools-5.4.0-1096 - 5.4.0-1096.104 linux-buildinfo-5.4.0-1096-aws - 5.4.0-1096.104 linux-modules-extra-5.4.0-1096-aws - 5.4.0-1096.104 linux-cloud-tools-5.4.0-1096-aws - 5.4.0-1096.104 linux-image-5.4.0-1096-aws - 5.4.0-1096.104 linux-aws-tools-5.4.0-1096 - 5.4.0-1096.104 linux-image-unsigned-5.4.0-1096-aws - 5.4.0-1096.104 linux-modules-5.4.0-1096-aws - 5.4.0-1096.104 linux-tools-5.4.0-1096-aws - 5.4.0-1096.104 linux-aws-headers-5.4.0-1096 - 5.4.0-1096.104 No subscription required linux-buildinfo-5.4.0-1103-azure - 5.4.0-1103.109 linux-azure-tools-5.4.0-1103 - 5.4.0-1103.109 linux-cloud-tools-5.4.0-1103-azure - 5.4.0-1103.109 linux-image-5.4.0-1103-azure - 5.4.0-1103.109 linux-modules-extra-5.4.0-1103-azure - 5.4.0-1103.109 linux-azure-headers-5.4.0-1103 - 5.4.0-1103.109 linux-azure-cloud-tools-5.4.0-1103 - 5.4.0-1103.109 linux-tools-5.4.0-1103-azure - 5.4.0-1103.109 linux-modules-5.4.0-1103-azure - 5.4.0-1103.109 linux-headers-5.4.0-1103-azure - 5.4.0-1103.109 linux-image-unsigned-5.4.0-1103-azure - 5.4.0-1103.109 No subscription required linux-image-unsigned-5.4.0-139-generic - 5.4.0-139.156 linux-buildinfo-5.4.0-139-lowlatency - 5.4.0-139.156 linux-tools-common - 5.4.0-139.156 linux-tools-5.4.0-139 - 5.4.0-139.156 linux-modules-5.4.0-139-generic - 5.4.0-139.156 linux-headers-5.4.0-139-generic - 5.4.0-139.156 linux-doc - 5.4.0-139.156 linux-buildinfo-5.4.0-139-generic - 5.4.0-139.156 linux-buildinfo-5.4.0-139-generic-lpae - 5.4.0-139.156 linux-tools-5.4.0-139-generic-lpae - 5.4.0-139.156 linux-tools-5.4.0-139-lowlatency - 5.4.0-139.156 linux-libc-dev - 5.4.0-139.156 linux-source-5.4.0 - 5.4.0-139.156 linux-cloud-tools-5.4.0-139-generic - 5.4.0-139.156 linux-cloud-tools-5.4.0-139 - 5.4.0-139.156 linux-cloud-tools-5.4.0-139-lowlatency - 5.4.0-139.156 linux-headers-5.4.0-139-lowlatency - 5.4.0-139.156 linux-modules-5.4.0-139-generic-lpae - 5.4.0-139.156 linux-image-5.4.0-139-lowlatency - 5.4.0-139.156 linux-tools-host - 5.4.0-139.156 linux-tools-5.4.0-139-generic - 5.4.0-139.156 linux-headers-5.4.0-139 - 5.4.0-139.156 linux-image-5.4.0-139-generic-lpae - 5.4.0-139.156 linux-image-5.4.0-139-generic - 5.4.0-139.156 linux-cloud-tools-common - 5.4.0-139.156 linux-headers-5.4.0-139-generic-lpae - 5.4.0-139.156 linux-image-unsigned-5.4.0-139-lowlatency - 5.4.0-139.156 linux-modules-extra-5.4.0-139-generic - 5.4.0-139.156 linux-modules-5.4.0-139-lowlatency - 5.4.0-139.156 No subscription required linux-headers-gkeop - 5.4.0.1064.62 linux-cloud-tools-gkeop-5.4 - 5.4.0.1064.62 linux-image-gkeop - 5.4.0.1064.62 linux-modules-extra-gkeop-5.4 - 5.4.0.1064.62 linux-gkeop-5.4 - 5.4.0.1064.62 linux-image-gkeop-5.4 - 5.4.0.1064.62 linux-gkeop - 5.4.0.1064.62 linux-modules-extra-gkeop - 5.4.0.1064.62 linux-cloud-tools-gkeop - 5.4.0.1064.62 linux-headers-gkeop-5.4 - 5.4.0.1064.62 linux-tools-gkeop - 5.4.0.1064.62 linux-tools-gkeop-5.4 - 5.4.0.1064.62 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1080.110 linux-image-raspi2 - 5.4.0.1080.110 linux-headers-raspi2 - 5.4.0.1080.110 linux-image-raspi-hwe-18.04 - 5.4.0.1080.110 linux-image-raspi2-hwe-18.04 - 5.4.0.1080.110 linux-tools-raspi - 5.4.0.1080.110 linux-headers-raspi-hwe-18.04 - 5.4.0.1080.110 linux-headers-raspi2-hwe-18.04 - 5.4.0.1080.110 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1080.110 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1080.110 linux-headers-raspi - 5.4.0.1080.110 linux-raspi2-hwe-18.04-edge - 5.4.0.1080.110 linux-raspi-hwe-18.04 - 5.4.0.1080.110 linux-tools-raspi2-hwe-18.04 - 5.4.0.1080.110 linux-raspi2-hwe-18.04 - 5.4.0.1080.110 linux-image-raspi-hwe-18.04-edge - 5.4.0.1080.110 linux-tools-raspi-hwe-18.04 - 5.4.0.1080.110 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1080.110 linux-raspi-hwe-18.04-edge - 5.4.0.1080.110 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1080.110 linux-image-raspi - 5.4.0.1080.110 linux-raspi2 - 5.4.0.1080.110 linux-tools-raspi2 - 5.4.0.1080.110 linux-raspi - 5.4.0.1080.110 No subscription required linux-kvm - 5.4.0.1086.80 linux-headers-kvm - 5.4.0.1086.80 linux-image-kvm - 5.4.0.1086.80 linux-tools-kvm - 5.4.0.1086.80 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1093.86 linux-headers-oracle-lts-20.04 - 5.4.0.1093.86 linux-oracle-lts-20.04 - 5.4.0.1093.86 linux-image-oracle-lts-20.04 - 5.4.0.1093.86 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1096.93 linux-image-aws-lts-20.04 - 5.4.0.1096.93 linux-headers-aws-lts-20.04 - 5.4.0.1096.93 linux-tools-aws-lts-20.04 - 5.4.0.1096.93 linux-aws-lts-20.04 - 5.4.0.1096.93 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1103.96 linux-azure-lts-20.04 - 5.4.0.1103.96 linux-image-azure-lts-20.04 - 5.4.0.1103.96 linux-headers-azure-lts-20.04 - 5.4.0.1103.96 linux-modules-extra-azure-lts-20.04 - 5.4.0.1103.96 linux-tools-azure-lts-20.04 - 5.4.0.1103.96 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.139.137 linux-cloud-tools-virtual - 5.4.0.139.137 linux-image-generic-hwe-18.04 - 5.4.0.139.137 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.139.137 linux-image-virtual - 5.4.0.139.137 linux-oem-osp1-tools-host - 5.4.0.139.137 linux-image-generic - 5.4.0.139.137 linux-tools-lowlatency - 5.4.0.139.137 linux-image-oem - 5.4.0.139.137 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.139.137 linux-headers-generic-hwe-18.04 - 5.4.0.139.137 linux-headers-lowlatency-hwe-18.04 - 5.4.0.139.137 linux-headers-virtual-hwe-18.04-edge - 5.4.0.139.137 linux-image-extra-virtual-hwe-18.04 - 5.4.0.139.137 linux-image-oem-osp1 - 5.4.0.139.137 linux-image-generic-lpae-hwe-18.04 - 5.4.0.139.137 linux-crashdump - 5.4.0.139.137 linux-tools-lowlatency-hwe-18.04 - 5.4.0.139.137 linux-headers-generic-lpae - 5.4.0.139.137 linux-source - 5.4.0.139.137 linux-lowlatency - 5.4.0.139.137 linux-tools-virtual-hwe-18.04-edge - 5.4.0.139.137 linux-tools-generic-lpae - 5.4.0.139.137 linux-cloud-tools-generic - 5.4.0.139.137 linux-headers-virtual-hwe-18.04 - 5.4.0.139.137 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.139.137 linux-headers-virtual - 5.4.0.139.137 linux-tools-virtual - 5.4.0.139.137 linux-image-extra-virtual - 5.4.0.139.137 linux-generic-lpae-hwe-18.04-edge - 5.4.0.139.137 linux-lowlatency-hwe-18.04-edge - 5.4.0.139.137 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.139.137 linux-generic-lpae - 5.4.0.139.137 linux-headers-oem - 5.4.0.139.137 linux-generic - 5.4.0.139.137 linux-tools-oem-osp1 - 5.4.0.139.137 linux-virtual - 5.4.0.139.137 linux-tools-generic-hwe-18.04-edge - 5.4.0.139.137 linux-image-virtual-hwe-18.04 - 5.4.0.139.137 linux-cloud-tools-lowlatency - 5.4.0.139.137 linux-headers-lowlatency - 5.4.0.139.137 linux-image-generic-hwe-18.04-edge - 5.4.0.139.137 linux-generic-hwe-18.04-edge - 5.4.0.139.137 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.139.137 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.139.137 linux-oem - 5.4.0.139.137 linux-tools-generic - 5.4.0.139.137 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.139.137 linux-oem-tools-host - 5.4.0.139.137 linux-tools-oem - 5.4.0.139.137 linux-headers-oem-osp1 - 5.4.0.139.137 linux-virtual-hwe-18.04 - 5.4.0.139.137 linux-generic-lpae-hwe-18.04 - 5.4.0.139.137 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.139.137 linux-headers-generic-hwe-18.04-edge - 5.4.0.139.137 linux-headers-generic - 5.4.0.139.137 linux-oem-osp1 - 5.4.0.139.137 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.139.137 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.139.137 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.139.137 linux-image-lowlatency-hwe-18.04 - 5.4.0.139.137 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.139.137 linux-virtual-hwe-18.04-edge - 5.4.0.139.137 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.139.137 linux-lowlatency-hwe-18.04 - 5.4.0.139.137 linux-generic-hwe-18.04 - 5.4.0.139.137 linux-image-generic-lpae - 5.4.0.139.137 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.139.137 linux-image-lowlatency - 5.4.0.139.137 linux-tools-generic-hwe-18.04 - 5.4.0.139.137 linux-tools-virtual-hwe-18.04 - 5.4.0.139.137 linux-image-virtual-hwe-18.04-edge - 5.4.0.139.137 No subscription required Medium CVE-2022-3628 CVE-2022-3640 CVE-2022-3649 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2023-20928 Ubuntu 20.04 LTS USN-5855-1 fixed a vulnerability in ImageMagick. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Original advisory details: It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the contents of arbitrary files by including them into images. Update Instructions: Run `sudo pro fix USN-5855-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 No subscription required Medium CVE-2022-44267 CVE-2022-44268 Ubuntu 20.04 LTS USN-5855-2 fixed vulnerabilities in ImageMagick. Unfortunately an additional mitigation caused a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the contents of arbitrary files by including them into images. Update Instructions: Run `sudo pro fix USN-5855-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 No subscription required None https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/2004580 Ubuntu 20.04 LTS Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0179) It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3545) It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-4139) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) Update Instructions: Run `sudo pro fix USN-5859-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.14.0-1057-oem - 5.14.0-1057.64 linux-modules-iwlwifi-5.14.0-1057-oem - 5.14.0-1057.64 linux-oem-5.14-headers-5.14.0-1057 - 5.14.0-1057.64 linux-image-5.14.0-1057-oem - 5.14.0-1057.64 linux-modules-5.14.0-1057-oem - 5.14.0-1057.64 linux-oem-5.14-tools-5.14.0-1057 - 5.14.0-1057.64 linux-tools-5.14.0-1057-oem - 5.14.0-1057.64 linux-buildinfo-5.14.0-1057-oem - 5.14.0-1057.64 linux-image-unsigned-5.14.0-1057-oem - 5.14.0-1057.64 linux-oem-5.14-tools-host - 5.14.0-1057.64 No subscription required linux-image-oem-20.04c - 5.14.0.1057.55 linux-image-oem-20.04b - 5.14.0.1057.55 linux-image-oem-20.04d - 5.14.0.1057.55 linux-headers-oem-20.04 - 5.14.0.1057.55 linux-tools-oem-20.04c - 5.14.0.1057.55 linux-tools-oem-20.04b - 5.14.0.1057.55 linux-oem-20.04 - 5.14.0.1057.55 linux-image-oem-20.04 - 5.14.0.1057.55 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1057.55 linux-oem-20.04d - 5.14.0.1057.55 linux-oem-20.04c - 5.14.0.1057.55 linux-oem-20.04b - 5.14.0.1057.55 linux-tools-oem-20.04d - 5.14.0.1057.55 linux-headers-oem-20.04b - 5.14.0.1057.55 linux-headers-oem-20.04c - 5.14.0.1057.55 linux-headers-oem-20.04d - 5.14.0.1057.55 linux-tools-oem-20.04 - 5.14.0.1057.55 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1057.55 No subscription required High CVE-2022-3545 CVE-2022-4139 CVE-2022-42895 CVE-2023-0179 Ubuntu 20.04 LTS Frederic Cambus discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-14275) It was discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2019-19555, CVE-2019-19797, CVE-2020-21529, CVE-2020-21530, CVE-2020-21531, CVE-2020-21532, CVE-2020-21533, CVE-2020-21534, CVE-2020-21535, CVE-2020-21675, CVE-2020-21676, CVE-2021-3561) It was discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-32280) Update Instructions: Run `sudo pro fix USN-5864-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: fig2dev - 1:3.2.7a-7ubuntu0.1 No subscription required Medium CVE-2019-14275 CVE-2019-19555 CVE-2019-19797 CVE-2020-21529 CVE-2020-21530 CVE-2020-21531 CVE-2020-21532 CVE-2020-21533 CVE-2020-21534 CVE-2020-21535 CVE-2020-21675 CVE-2020-21676 CVE-2021-32280 CVE-2021-3561 Ubuntu 20.04 LTS It was discovered that Nova did not properly manage data logged into the log file. An attacker with read access to the service's logs could exploit this issue and may obtain sensitive information. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2015-9543) It was discovered that Nova did not properly handle attaching and reattaching the encrypted volume. An attacker could possibly use this issue to perform a denial of service attack. This issue only affected Ubuntu 16.04 ESM. (CVE-2017-18191) It was discovered that Nova did not properly handle the updation of domain XML after live migration. An attacker could possibly use this issue to corrupt the volume or perform a denial of service attack. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-17376) It was discovered that Nova was not properly validating the URL passed to noVNC. An attacker could possibly use this issue by providing malicious URL to the noVNC proxy to redirect to any desired URL. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2021-3654) It was discovered that Nova did not properly handle changes in the neutron port of vnic_type type. An authenticated user could possibly use this issue to perform a denial of service attack. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-37394) Update Instructions: Run `sudo pro fix USN-5866-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nova-api - 2:21.2.4-0ubuntu2.2 nova-common - 2:21.2.4-0ubuntu2.2 nova-compute-xen - 2:21.2.4-0ubuntu2.2 nova-api-os-compute - 2:21.2.4-0ubuntu2.2 nova-novncproxy - 2:21.2.4-0ubuntu2.2 nova-serialproxy - 2:21.2.4-0ubuntu2.2 nova-api-os-volume - 2:21.2.4-0ubuntu2.2 nova-compute-lxc - 2:21.2.4-0ubuntu2.2 nova-api-metadata - 2:21.2.4-0ubuntu2.2 nova-compute-libvirt - 2:21.2.4-0ubuntu2.2 nova-compute-kvm - 2:21.2.4-0ubuntu2.2 nova-doc - 2:21.2.4-0ubuntu2.2 nova-conductor - 2:21.2.4-0ubuntu2.2 nova-volume - 2:21.2.4-0ubuntu2.2 nova-compute-vmware - 2:21.2.4-0ubuntu2.2 python3-nova - 2:21.2.4-0ubuntu2.2 nova-spiceproxy - 2:21.2.4-0ubuntu2.2 nova-scheduler - 2:21.2.4-0ubuntu2.2 nova-ajax-console-proxy - 2:21.2.4-0ubuntu2.2 nova-compute - 2:21.2.4-0ubuntu2.2 nova-compute-qemu - 2:21.2.4-0ubuntu2.2 nova-cells - 2:21.2.4-0ubuntu2.2 No subscription required Medium CVE-2015-9543 CVE-2017-18191 CVE-2020-17376 CVE-2021-3654 CVE-2022-37394 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5867-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.38.4-0ubuntu0.20.04.2 libwebkit2gtk-4.0-37-gtk2 - 2.38.4-0ubuntu0.20.04.2 libjavascriptcoregtk-4.0-dev - 2.38.4-0ubuntu0.20.04.2 libwebkit2gtk-4.0-37 - 2.38.4-0ubuntu0.20.04.2 webkit2gtk-driver - 2.38.4-0ubuntu0.20.04.2 libjavascriptcoregtk-4.0-18 - 2.38.4-0ubuntu0.20.04.2 libwebkit2gtk-4.0-doc - 2.38.4-0ubuntu0.20.04.2 libjavascriptcoregtk-4.0-bin - 2.38.4-0ubuntu0.20.04.2 gir1.2-webkit2-4.0 - 2.38.4-0ubuntu0.20.04.2 libwebkit2gtk-4.0-dev - 2.38.4-0ubuntu0.20.04.2 No subscription required Medium CVE-2022-42826 CVE-2023-23517 CVE-2023-23518 Ubuntu 20.04 LTS Jakob Ackermann discovered that Django incorrectly handled certain file uploads. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-5868-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.16 python-django-doc - 2:2.2.12-1ubuntu0.16 No subscription required Medium CVE-2023-24580 Ubuntu 20.04 LTS Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy incorrectly handled empty header names. A remote attacker could possibly use this issue to manipulate headers and bypass certain authentication checks and restrictions. Update Instructions: Run `sudo pro fix USN-5869-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.29-0ubuntu1.3 haproxy-doc - 2.0.29-0ubuntu1.3 vim-haproxy - 2.0.29-0ubuntu1.3 No subscription required Medium CVE-2023-25725 Ubuntu 20.04 LTS Ronald Crane discovered that APR-util did not properly handled memory when encoding or decoding certain input data. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5870-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libaprutil1-dbd-odbc - 1.6.1-4ubuntu2.1 libaprutil1 - 1.6.1-4ubuntu2.1 libaprutil1-dbd-mysql - 1.6.1-4ubuntu2.1 libaprutil1-ldap - 1.6.1-4ubuntu2.1 libaprutil1-dbd-sqlite3 - 1.6.1-4ubuntu2.1 libaprutil1-dbd-pgsql - 1.6.1-4ubuntu2.1 libaprutil1-dev - 1.6.1-4ubuntu2.1 No subscription required Medium CVE-2022-25147 Ubuntu 20.04 LTS It was discovered that Git incorrectly handled certain repositories. An attacker could use this issue to make Git uses its local clone optimization even when using a non-local transport. (CVE-2023-22490) Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwrite a patch outside the working tree. (CVE-2023-23946) Update Instructions: Run `sudo pro fix USN-5871-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.10 gitweb - 1:2.25.1-1ubuntu3.10 git-gui - 1:2.25.1-1ubuntu3.10 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.10 git-el - 1:2.25.1-1ubuntu3.10 gitk - 1:2.25.1-1ubuntu3.10 git-all - 1:2.25.1-1ubuntu3.10 git-mediawiki - 1:2.25.1-1ubuntu3.10 git-daemon-run - 1:2.25.1-1ubuntu3.10 git-man - 1:2.25.1-1ubuntu3.10 git-doc - 1:2.25.1-1ubuntu3.10 git-svn - 1:2.25.1-1ubuntu3.10 git-cvs - 1:2.25.1-1ubuntu3.10 git-email - 1:2.25.1-1ubuntu3.10 No subscription required Medium CVE-2023-22490 CVE-2023-23946 Ubuntu 20.04 LTS It was discovered that Go Text incorrectly handled certain encodings. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14040) It was discovered that Go Text incorrectly handled certain BCP 47 language tags. An attacker could possibly use this issue to cause a denial of service. CVE-2020-28851, CVE-2020-28852 and CVE-2021-38561 affected only Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-28851, CVE-2020-28852, CVE-2021-38561, CVE-2022-32149) Update Instructions: Run `sudo pro fix USN-5873-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-golang-x-text-dev - 0.3.2-4ubuntu0.1 No subscription required Medium CVE-2020-14040 CVE-2020-28851 CVE-2020-28852 CVE-2021-38561 CVE-2022-32149 Ubuntu 20.04 LTS It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20928) Update Instructions: Run `sudo pro fix USN-5874-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1044 - 5.4.0-1044.49 linux-headers-5.4.0-1044-ibm - 5.4.0-1044.49 linux-buildinfo-5.4.0-1044-ibm - 5.4.0-1044.49 linux-modules-extra-5.4.0-1044-ibm - 5.4.0-1044.49 linux-ibm-cloud-tools-common - 5.4.0-1044.49 linux-image-unsigned-5.4.0-1044-ibm - 5.4.0-1044.49 linux-ibm-tools-5.4.0-1044 - 5.4.0-1044.49 linux-ibm-source-5.4.0 - 5.4.0-1044.49 linux-ibm-tools-common - 5.4.0-1044.49 linux-modules-5.4.0-1044-ibm - 5.4.0-1044.49 linux-image-5.4.0-1044-ibm - 5.4.0-1044.49 linux-tools-5.4.0-1044-ibm - 5.4.0-1044.49 No subscription required linux-buildinfo-5.4.0-1100-gcp - 5.4.0-1100.109 linux-image-5.4.0-1100-gcp - 5.4.0-1100.109 linux-modules-extra-5.4.0-1100-gcp - 5.4.0-1100.109 linux-tools-5.4.0-1100-gcp - 5.4.0-1100.109 linux-image-unsigned-5.4.0-1100-gcp - 5.4.0-1100.109 linux-gcp-headers-5.4.0-1100 - 5.4.0-1100.109 linux-modules-5.4.0-1100-gcp - 5.4.0-1100.109 linux-gcp-tools-5.4.0-1100 - 5.4.0-1100.109 linux-headers-5.4.0-1100-gcp - 5.4.0-1100.109 No subscription required linux-image-ibm - 5.4.0.1044.70 linux-headers-ibm-lts-20.04 - 5.4.0.1044.70 linux-tools-ibm - 5.4.0.1044.70 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1044.70 linux-ibm-lts-20.04 - 5.4.0.1044.70 linux-tools-ibm-lts-20.04 - 5.4.0.1044.70 linux-headers-ibm - 5.4.0.1044.70 linux-image-ibm-lts-20.04 - 5.4.0.1044.70 linux-modules-extra-ibm - 5.4.0.1044.70 linux-ibm - 5.4.0.1044.70 No subscription required linux-headers-gcp-lts-20.04 - 5.4.0.1100.102 linux-image-gcp-lts-20.04 - 5.4.0.1100.102 linux-tools-gcp-lts-20.04 - 5.4.0.1100.102 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1100.102 linux-gcp-lts-20.04 - 5.4.0.1100.102 No subscription required Medium CVE-2022-3628 CVE-2022-3640 CVE-2022-3649 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2023-20928 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) It was discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20928) Update Instructions: Run `sudo pro fix USN-5875-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gke-headers-5.4.0-1094 - 5.4.0-1094.101 linux-modules-5.4.0-1094-gke - 5.4.0-1094.101 linux-image-5.4.0-1094-gke - 5.4.0-1094.101 linux-gke-tools-5.4.0-1094 - 5.4.0-1094.101 linux-tools-5.4.0-1094-gke - 5.4.0-1094.101 linux-headers-5.4.0-1094-gke - 5.4.0-1094.101 linux-buildinfo-5.4.0-1094-gke - 5.4.0-1094.101 linux-modules-extra-5.4.0-1094-gke - 5.4.0-1094.101 linux-image-unsigned-5.4.0-1094-gke - 5.4.0-1094.101 No subscription required linux-modules-extra-gke - 5.4.0.1094.99 linux-image-gke - 5.4.0.1094.99 linux-gke-5.4 - 5.4.0.1094.99 linux-headers-gke-5.4 - 5.4.0.1094.99 linux-image-gke-5.4 - 5.4.0.1094.99 linux-tools-gke-5.4 - 5.4.0.1094.99 linux-modules-extra-gke-5.4 - 5.4.0.1094.99 linux-headers-gke - 5.4.0.1094.99 linux-gke - 5.4.0.1094.99 linux-tools-gke - 5.4.0.1094.99 No subscription required High CVE-2022-3628 CVE-2022-3640 CVE-2022-3643 CVE-2022-3649 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2022-42896 CVE-2022-43945 CVE-2022-45934 CVE-2023-20928 Ubuntu 20.04 LTS It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3543) It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service (memory exhaustion). (CVE-2022-3619) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) Arnaud Gatignol, Quentin Minster, Florent Saudel and Guillaume Teissier discovered that the KSMBD implementation in the Linux kernel did not properly validate user-supplied data in some situations. An authenticated attacker could use this to cause a denial of service (system crash), expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2022-47940) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) Update Instructions: Run `sudo pro fix USN-5876-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-modules-extra-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-modules-iwlwifi-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-modules-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-image-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-gcp-5.15-tools-5.15.0-1029 - 5.15.0-1029.36~20.04.1 linux-tools-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-gcp-5.15-headers-5.15.0-1029 - 5.15.0-1029.36~20.04.1 linux-buildinfo-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-image-unsigned-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 No subscription required linux-aws-5.15-headers-5.15.0-1030 - 5.15.0-1030.34~20.04.1 linux-aws-5.15-tools-5.15.0-1030 - 5.15.0-1030.34~20.04.1 linux-headers-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-image-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-cloud-tools-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-tools-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-modules-extra-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-modules-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1030 - 5.15.0-1030.34~20.04.1 linux-buildinfo-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-image-unsigned-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 No subscription required linux-tools-gcp-edge - 5.15.0.1029.36~20.04.1 linux-tools-gcp - 5.15.0.1029.36~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1029.36~20.04.1 linux-gcp - 5.15.0.1029.36~20.04.1 linux-headers-gcp-edge - 5.15.0.1029.36~20.04.1 linux-headers-gcp - 5.15.0.1029.36~20.04.1 linux-image-gcp-edge - 5.15.0.1029.36~20.04.1 linux-image-gcp - 5.15.0.1029.36~20.04.1 linux-modules-extra-gcp - 5.15.0.1029.36~20.04.1 linux-gcp-edge - 5.15.0.1029.36~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1030.34~20.04.19 linux-modules-extra-aws-edge - 5.15.0.1030.34~20.04.19 linux-tools-aws - 5.15.0.1030.34~20.04.19 linux-image-aws-edge - 5.15.0.1030.34~20.04.19 linux-headers-aws-edge - 5.15.0.1030.34~20.04.19 linux-aws-edge - 5.15.0.1030.34~20.04.19 linux-tools-aws-edge - 5.15.0.1030.34~20.04.19 linux-aws - 5.15.0.1030.34~20.04.19 linux-headers-aws - 5.15.0.1030.34~20.04.19 linux-image-aws - 5.15.0.1030.34~20.04.19 No subscription required Medium CVE-2022-3543 CVE-2022-3619 CVE-2022-3623 CVE-2022-3628 CVE-2022-3640 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2022-47940 CVE-2023-0590 Ubuntu 20.04 LTS Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4378) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization (SEV). A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-0171) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3543) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service (memory exhaustion). (CVE-2022-3619) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) It was discovered that the USB core subsystem in the Linux kernel did not properly handle nested reset events. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (kernel deadlock). (CVE-2022-4662) Arnaud Gatignol, Quentin Minster, Florent Saudel and Guillaume Teissier discovered that the KSMBD implementation in the Linux kernel did not properly validate user-supplied data in some situations. An authenticated attacker could use this to cause a denial of service (system crash), expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2022-47940) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) Update Instructions: Run `sudo pro fix USN-5877-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-tools-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-buildinfo-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-gke-5.15-headers-5.15.0-1027 - 5.15.0-1027.32~20.04.1 linux-headers-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-modules-iwlwifi-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-image-unsigned-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-modules-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-gke-5.15-tools-5.15.0-1027 - 5.15.0-1027.32~20.04.1 linux-modules-extra-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 No subscription required linux-image-gke-edge - 5.15.0.1027.32~20.04.1 linux-gke-edge - 5.15.0.1027.32~20.04.1 linux-headers-gke-5.15 - 5.15.0.1027.32~20.04.1 linux-tools-gke-edge - 5.15.0.1027.32~20.04.1 linux-image-gke-5.15 - 5.15.0.1027.32~20.04.1 linux-tools-gke-5.15 - 5.15.0.1027.32~20.04.1 linux-headers-gke-edge - 5.15.0.1027.32~20.04.1 linux-gke-5.15 - 5.15.0.1027.32~20.04.1 No subscription required High CVE-2022-0171 CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3543 CVE-2022-3586 CVE-2022-3619 CVE-2022-3623 CVE-2022-3628 CVE-2022-3640 CVE-2022-3643 CVE-2022-3646 CVE-2022-3649 CVE-2022-39188 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2022-42896 CVE-2022-43750 CVE-2022-4378 CVE-2022-45934 CVE-2022-4662 CVE-2022-47940 CVE-2023-0590 Ubuntu 20.04 LTS Christian Holler discovered that Firefox did not properly manage memory when using PKCS 12 Safe Bag attributes. An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes. (CVE-2023-0767) Johan Carlsson discovered that Firefox did not properly manage child iframe's unredacted URI when using Content-Security-Policy-Report-Only header. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-25728) Vitor Torres discovered that Firefox did not properly manage permissions of extensions interaction via ExpandedPrincipals. An attacker could potentially exploits this issue to download malicious files or execute arbitrary code. (CVE-2023-25729) Irvan Kurniawan discovered that Firefox did not properly validate background script invoking requestFullscreen. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-25730) Ronald Crane discovered that Firefox did not properly manage memory when using EncodeInputStream in xpcom. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25732) Samuel Grob discovered that Firefox did not properly manage memory when using wrappers wrapping a scripted proxy. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25735) Holger Fuhrmannek discovered that Firefox did not properly manage memory when using Module load requests. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25739) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-25731, CVE-2023-25733, CVE-2023-25736, CVE-2023-25737, CVE-2023-25741, CVE-2023-25742, CVE-2023-25744, CVE-2023-25745) Update Instructions: Run `sudo pro fix USN-5880-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-szl - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 110.0+build3-0ubuntu0.20.04.1 firefox - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 110.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 110.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 110.0+build3-0ubuntu0.20.04.1 firefox-dev - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 110.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-25728 CVE-2023-25730 CVE-2023-0767 CVE-2023-25735 CVE-2023-25737 CVE-2023-25739 CVE-2023-25729 CVE-2023-25732 CVE-2023-25731 CVE-2023-25733 CVE-2023-25736 CVE-2023-25741 CVE-2023-25742 CVE-2023-25744 CVE-2023-25745 Ubuntu 20.04 LTS USN-5880-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christian Holler discovered that Firefox did not properly manage memory when using PKCS 12 Safe Bag attributes. An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes. (CVE-2023-0767) Johan Carlsson discovered that Firefox did not properly manage child iframe's unredacted URI when using Content-Security-Policy-Report-Only header. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-25728) Vitor Torres discovered that Firefox did not properly manage permissions of extensions interaction via ExpandedPrincipals. An attacker could potentially exploits this issue to download malicious files or execute arbitrary code. (CVE-2023-25729) Irvan Kurniawan discovered that Firefox did not properly validate background script invoking requestFullscreen. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-25730) Ronald Crane discovered that Firefox did not properly manage memory when using EncodeInputStream in xpcom. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25732) Samuel Grob discovered that Firefox did not properly manage memory when using wrappers wrapping a scripted proxy. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25735) Holger Fuhrmannek discovered that Firefox did not properly manage memory when using Module load requests. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25739) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-25731, CVE-2023-25733, CVE-2023-25736, CVE-2023-25737, CVE-2023-25741, CVE-2023-25742, CVE-2023-25744, CVE-2023-25745) Update Instructions: Run `sudo pro fix USN-5880-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nn - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ne - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nb - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fa - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fi - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fr - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fy - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-or - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kab - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-oc - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cs - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ga - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gd - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gn - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gl - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gu - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pa - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pl - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cy - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pt - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-szl - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hi - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ms - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-he - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hy - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hr - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hu - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-it - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-as - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ar - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ia - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-az - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-id - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mai - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-af - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-is - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-vi - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-an - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bs - 110.0.1+build2-0ubuntu0.20.04.1 firefox - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ro - 110.0.1+build2-0ubuntu0.20.04.1 firefox-geckodriver - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ja - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ru - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-br - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bn - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-be - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bg - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sl - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sk - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-si - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sw - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sv - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sr - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sq - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ko - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kn - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-km - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kk - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ka - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-xh - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ca - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ku - 110.0.1+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lv - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lt - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-th - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 110.0.1+build2-0ubuntu0.20.04.1 firefox-dev - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-te - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cak - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ta - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lg - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-tr - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nso - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-de - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-da - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uk - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mr - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-my - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uz - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ml - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mn - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mk - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ur - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eu - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-et - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-es - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-csb - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-el - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eo - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-en - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zu - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ast - 110.0.1+build2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2008861 Ubuntu 20.04 LTS Gjoko Krstic discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-8979) Omar Ganiev discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-1010228) Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2021-41687, CVE-2021-41688, CVE-2021-41689, and CVE-2021-41690) Sharon Brizinov and Noam Moshe discovered that DCMTK incorrectly handled certain inputs. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-2119 and CVE-2022-2120) Sharon Brizinov and Noam Moshe discovered that DCMTK incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-2121) It was discovered that DCMTK incorrectly handled certain inputs. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-43272) Update Instructions: Run `sudo pro fix USN-5882-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libdcmtk14 - 3.6.4-2.1ubuntu0.1~esm1 dcmtk - 3.6.4-2.1ubuntu0.1~esm1 dcmtk-doc - 3.6.4-2.1ubuntu0.1~esm1 libdcmtk-dev - 3.6.4-2.1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2015-8979 CVE-2019-1010228 CVE-2021-41687 CVE-2021-41688 CVE-2021-41689 CVE-2021-41690 CVE-2022-2119 CVE-2022-2120 CVE-2022-2121 CVE-2022-43272 Ubuntu 20.04 LTS Erik C. Bjorge discovered that some Intel(R) Atom and Intel Xeon Scalable Processors did not properly implement access controls for out-of-band management. This may allow a privileged network-adjacent user to potentially escalate privileges. (CVE-2022-21216) Cfir Cohen, Erdem Aktas, Felix Wilhelm, James Forshaw, Josh Eads, Nagaraju Kodalapura Nagabhushana Rao, Przemyslaw Duda, Liron Shacham and Ron Anderson discovered that some Intel(R) Xeon(R) Processors used incorrect default permissions in some memory controller configurations when using Intel(R) Software Guard Extensions. This may allow a privileged local user to potentially escalate privileges. (CVE-2022-33196) It was discovered that some 3rd Generation Intel(R) Xeon(R) Scalable Processors did not properly calculate microkey keying. This may allow a privileged local user to potentially disclose information. (CVE-2022-33972) Joseph Nuzman discovered that some Intel(R) Processors when using Intel(R) Software Guard Extensions did not properly isolate shared resources. This may allow a privileged local user to potentially disclose information. (CVE-2022-38090) Update Instructions: Run `sudo pro fix USN-5886-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20230214.0ubuntu0.20.04.1 No subscription required Medium CVE-2022-21216 CVE-2022-33196 CVE-2022-33972 CVE-2022-38090 Ubuntu 20.04 LTS Simon Scannell discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2023-20032) Simon Scannell discovered that ClamAV incorrectly handled parsing DMG files. A remote attacker could possibly use this issue to expose sensitive information. (CVE-2023-20052) Update Instructions: Run `sudo pro fix USN-5887-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav-base - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.103.8+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.103.8+dfsg-0ubuntu0.20.04.1 clamdscan - 0.103.8+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-20032 CVE-2023-20052 Ubuntu 20.04 LTS It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2015-20107) Hamza Avvan discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-28861) It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2022-37454, CVE-2022-42919) It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-45061, CVE-2023-24329) Update Instructions: Run `sudo pro fix USN-5888-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.9-dev - 3.9.5-3ubuntu0~20.04.1+esm1 python3.9-examples - 3.9.5-3ubuntu0~20.04.1+esm1 libpython3.9-minimal - 3.9.5-3ubuntu0~20.04.1+esm1 python3.9-full - 3.9.5-3ubuntu0~20.04.1+esm1 python3.9-venv - 3.9.5-3ubuntu0~20.04.1+esm1 python3.9-doc - 3.9.5-3ubuntu0~20.04.1+esm1 libpython3.9-dev - 3.9.5-3ubuntu0~20.04.1+esm1 libpython3.9 - 3.9.5-3ubuntu0~20.04.1+esm1 python3.9-minimal - 3.9.5-3ubuntu0~20.04.1+esm1 idle-python3.9 - 3.9.5-3ubuntu0~20.04.1+esm1 libpython3.9-testsuite - 3.9.5-3ubuntu0~20.04.1+esm1 libpython3.9-stdlib - 3.9.5-3ubuntu0~20.04.1+esm1 python3.9 - 3.9.5-3ubuntu0~20.04.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2015-20107 CVE-2021-28861 CVE-2022-37454 CVE-2022-42919 CVE-2022-45061 CVE-2023-24329 Ubuntu 20.04 LTS It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting (XSS) attack. This issue was only fixed in Ubuntu 16.04 ESM. (CVE-2019-6777) It was discovered that ZoneMinder was not properly sanitizing stored user input later printed to the user in certain views. An attacker could possibly use this issue to perform a cross-site scripting (XSS) attack. This issue was only fixed in Ubuntu 16.04 ESM. (CVE-2019-6990, CVE-2019-6992) It was discovered that ZoneMinder was not properly limiting data size and not properly performing bound checks when processing username and password data, which could lead to a stack buffer overflow. An attacker could possibly use this issue to bypass authentication, cause a denial of service or execute arbitrary code. This issue was only fixed in Ubuntu 16.04 ESM. (CVE-2019-6991) It was discovered that ZoneMinder was not properly defining and filtering data that was appended to the webroot URL of a view. An attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. (CVE-2019-7325, CVE-2019-7329) It was discovered that ZoneMinder was not properly sanitizing stored user input later printed to the user in certain views. An attacker could possibly use this issue to perform a cross-site scripting (XSS) attack. This issue was only fixed in Ubuntu 20.04 ESM. (CVE-2019-7326) It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting (XSS) attack. This issue was only fixed in Ubuntu 20.04 ESM. (CVE-2019-7327, CVE-2019-7328, CVE-2019-7330, CVE-2019-7332) It was discovered that ZoneMinder was not properly sanitizing user input in the monitor editing view. An attacker could possibly use this issue to perform a cross-site scripting (XSS) attack. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. (CVE-2019-7331) It was discovered that ZoneMinder was not properly sanitizing data related to file paths in a system. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-29806) Update Instructions: Run `sudo pro fix USN-5889-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: zoneminder-doc - 1.32.3-2ubuntu2+esm1 zoneminder - 1.32.3-2ubuntu2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2019-6777 CVE-2019-6990 CVE-2019-6991 CVE-2019-6992 CVE-2019-7325 CVE-2019-7326 CVE-2019-7327 CVE-2019-7328 CVE-2019-7329 CVE-2019-7330 CVE-2019-7331 CVE-2019-7332 CVE-2022-29806 Ubuntu 20.04 LTS Qian Chen discovered that Open vSwitch incorrectly handled certain Organization Specific TLVs. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5890-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-doc - 2.13.8-0ubuntu1.1 openvswitch-switch - 2.13.8-0ubuntu1.1 openvswitch-pki - 2.13.8-0ubuntu1.1 openvswitch-common - 2.13.8-0ubuntu1.1 openvswitch-testcontroller - 2.13.8-0ubuntu1.1 openvswitch-vtep - 2.13.8-0ubuntu1.1 openvswitch-source - 2.13.8-0ubuntu1.1 python3-openvswitch - 2.13.8-0ubuntu1.1 openvswitch-switch-dpdk - 2.13.8-0ubuntu1.1 openvswitch-test - 2.13.8-0ubuntu1.1 No subscription required Medium CVE-2022-4337 CVE-2022-4338 Ubuntu 20.04 LTS Harry Sintonen discovered that curl incorrectly handled HSTS support when multiple URLs are requested serially. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2023-23914) Harry Sintonen discovered that curl incorrectly handled HSTS support when multiple URLs are requested in parallel. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2023-23915) Patrick Monnerat discovered that curl incorrectly handled memory when processing requests with multi-header compression. A remote attacker could possibly use this issue to cause curl to consume resources, leading to a denial of service. (CVE-2023-23916) Update Instructions: Run `sudo pro fix USN-5891-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.16 libcurl4-openssl-dev - 7.68.0-1ubuntu2.16 libcurl3-gnutls - 7.68.0-1ubuntu2.16 libcurl4-doc - 7.68.0-1ubuntu2.16 libcurl3-nss - 7.68.0-1ubuntu2.16 libcurl4-nss-dev - 7.68.0-1ubuntu2.16 libcurl4 - 7.68.0-1ubuntu2.16 curl - 7.68.0-1ubuntu2.16 No subscription required Medium CVE-2023-23914 CVE-2023-23915 CVE-2023-23916 Ubuntu 20.04 LTS It was discovered that NSS incorrectly handled client authentication without a user certificate in the database. A remote attacker could possibly use this issue to cause a NSS client to crash, resulting in a denial of service. This issue only affected Ubuntu 22.10. (CVE-2022-3479) Christian Holler discovered that NSS incorrectly handled certain PKCS 12 certificated bundles. A remote attacker could use this issue to cause NSS to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2023-0767) Update Instructions: Run `sudo pro fix USN-5892-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.9 libnss3 - 2:3.49.1-1ubuntu1.9 libnss3-tools - 2:3.49.1-1ubuntu1.9 No subscription required Medium CVE-2022-3479 CVE-2023-0767 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5893-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.38.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.38.5-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.38.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.38.5-0ubuntu0.20.04.1 webkit2gtk-driver - 2.38.5-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.38.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.38.5-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.38.5-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.38.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.38.5-0ubuntu0.20.04.1 No subscription required High CVE-2023-23529 Ubuntu 20.04 LTS It was discovered that MPlayer could be made to divide by zero when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service. (CVE-2022-38850, CVE-2022-38860, CVE-2022-38865) It was discovered that MPlayer could be made to read out of bounds when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service. (CVE-2022-38851) It was discovered that MPlayer could be made to write out of bounds when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-38855, CVE-2022-38858, CVE-2022-38863, CVE-2022-38864, CVE-2022-38866) It was discovered that MPlayer did not properly managed memory when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-38861) Update Instructions: Run `sudo pro fix USN-5895-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mplayer-doc - 2:1.3.0-8+deb10u1build0.20.04.1 mplayer-gui - 2:1.3.0-8+deb10u1build0.20.04.1 mplayer - 2:1.3.0-8+deb10u1build0.20.04.1 mencoder - 2:1.3.0-8+deb10u1build0.20.04.1 No subscription required Medium CVE-2022-38850 CVE-2022-38851 CVE-2022-38855 CVE-2022-38858 CVE-2022-38860 CVE-2022-38861 CVE-2022-38863 CVE-2022-38864 CVE-2022-38865 CVE-2022-38866 Ubuntu 20.04 LTS It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an application using Rack, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-30122) It was discovered that Rack was not properly escaping untrusted data when performing logging operations, which could cause shell escaped sequences to be written to a terminal. If a user or automated system were tricked into sending a specially crafted request to an application using Rack, a remote attacker could possibly use this issue to execute arbitrary code in the machine running the application. (CVE-2022-30123) Update Instructions: Run `sudo pro fix USN-5896-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rack - 2.0.7-2ubuntu0.1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-30122 CVE-2022-30123 Ubuntu 20.04 LTS Juraj Somorovsky, Marcel Maehren, Nurullah Erinola, and Robert Merget discovered that the DTLS implementation in the JSSE subsystem of OpenJDK did not properly restrict handshake initiation requests from clients. A remote attacker could possibly use this to cause a denial of service. (CVE-2023-21835) Markus Loewe discovered that the Java Sound subsystem in OpenJDK did not properly validate the origin of a Soundbank. An attacker could use this to specially craft an untrusted Java application or applet that could load a Soundbank from an attacker controlled remote URL. (CVE-2023-21843) Update Instructions: Run `sudo pro fix USN-5897-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-doc - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-jre-zero - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-source - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-jre-headless - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-jdk - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-jdk-headless - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-jre - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-demo - 11.0.18+10-0ubuntu1~20.04.1 No subscription required openjdk-17-demo - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-jdk - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-jre-zero - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-jdk-headless - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-source - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-jre-headless - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-jre - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-doc - 17.0.6+10-0ubuntu1~20.04.1 No subscription required Medium CVE-2023-21835 CVE-2023-21843 Ubuntu 20.04 LTS It was discovered that the Serialization component of OpenJDK did not properly handle the deserialization of some CORBA objects. An attacker could possibly use this to bypass Java sandbox restrictions. (CVE-2023-21830) Markus Loewe discovered that the Java Sound subsystem in OpenJDK did not properly validate the origin of a Soundbank. An attacker could use this to specially craft an untrusted Java application or applet that could load a Soundbank from an attacker controlled remote URL. (CVE-2023-21843) Update Instructions: Run `sudo pro fix USN-5898-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-doc - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-jdk - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-jre-headless - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-jre - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-jdk-headless - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-source - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-jre-zero - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-demo - 8u362-ga-0ubuntu1~20.04.1 No subscription required Medium CVE-2023-21830 CVE-2023-21843 Ubuntu 20.04 LTS It was discovered that AWStats did not properly sanitize the content of whois responses in the hostinfo plugin. An attacker could possibly use this issue to conduct cross-site scripting (XSS) attacks. Update Instructions: Run `sudo pro fix USN-5899-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: awstats - 7.6+dfsg-2ubuntu0.20.04.2 No subscription required Low CVE-2022-46391 Ubuntu 20.04 LTS It was discovered that tar incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or cause a crash. Update Instructions: Run `sudo pro fix USN-5900-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tar-scripts - 1.30+dfsg-7ubuntu0.20.04.3 tar - 1.30+dfsg-7ubuntu0.20.04.3 No subscription required Medium CVE-2022-48303 Ubuntu 20.04 LTS Hubert Kario discovered that GnuTLS had a timing side-channel when handling certain RSA messages. A remote attacker could possibly use this issue to recover sensitive information. Update Instructions: Run `sudo pro fix USN-5901-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-doc - 3.6.13-2ubuntu1.8 libgnutls28-dev - 3.6.13-2ubuntu1.8 libgnutls-openssl27 - 3.6.13-2ubuntu1.8 libgnutls30 - 3.6.13-2ubuntu1.8 libgnutls-dane0 - 3.6.13-2ubuntu1.8 gnutls-bin - 3.6.13-2ubuntu1.8 guile-gnutls - 3.6.13-2ubuntu1.8 libgnutlsxx28 - 3.6.13-2ubuntu1.8 No subscription required Medium CVE-2023-0361 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain invalid Blowfish password hashes. An invalid password hash could possibly allow applications to accept any password as valid, contrary to expectations. (CVE-2023-0567) It was discovered that PHP incorrectly handled resolving long paths. A remote attacker could possibly use this issue to obtain or modify sensitive information. (CVE-2023-0568) It was discovered that PHP incorrectly handled a large number of parts in HTTP form uploads. A remote attacker could possibly use this issue to cause PHP to consume resources, leading to a denial of service. (CVE-2023-0662) Update Instructions: Run `sudo pro fix USN-5902-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.18 php7.4-readline - 7.4.3-4ubuntu2.18 php7.4-dba - 7.4.3-4ubuntu2.18 php7.4-common - 7.4.3-4ubuntu2.18 php7.4-xmlrpc - 7.4.3-4ubuntu2.18 php7.4-intl - 7.4.3-4ubuntu2.18 php7.4-phpdbg - 7.4.3-4ubuntu2.18 php7.4-ldap - 7.4.3-4ubuntu2.18 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.18 php7.4-soap - 7.4.3-4ubuntu2.18 php7.4-xsl - 7.4.3-4ubuntu2.18 php7.4-pgsql - 7.4.3-4ubuntu2.18 php7.4-pspell - 7.4.3-4ubuntu2.18 php7.4-zip - 7.4.3-4ubuntu2.18 php7.4-curl - 7.4.3-4ubuntu2.18 php7.4-odbc - 7.4.3-4ubuntu2.18 php7.4-json - 7.4.3-4ubuntu2.18 php7.4-mbstring - 7.4.3-4ubuntu2.18 php7.4-imap - 7.4.3-4ubuntu2.18 php7.4-bz2 - 7.4.3-4ubuntu2.18 php7.4-cgi - 7.4.3-4ubuntu2.18 php7.4 - 7.4.3-4ubuntu2.18 php7.4-bcmath - 7.4.3-4ubuntu2.18 php7.4-dev - 7.4.3-4ubuntu2.18 php7.4-interbase - 7.4.3-4ubuntu2.18 php7.4-tidy - 7.4.3-4ubuntu2.18 php7.4-gmp - 7.4.3-4ubuntu2.18 php7.4-sqlite3 - 7.4.3-4ubuntu2.18 php7.4-fpm - 7.4.3-4ubuntu2.18 php7.4-sybase - 7.4.3-4ubuntu2.18 php7.4-cli - 7.4.3-4ubuntu2.18 libphp7.4-embed - 7.4.3-4ubuntu2.18 php7.4-enchant - 7.4.3-4ubuntu2.18 php7.4-mysql - 7.4.3-4ubuntu2.18 php7.4-snmp - 7.4.3-4ubuntu2.18 php7.4-xml - 7.4.3-4ubuntu2.18 php7.4-opcache - 7.4.3-4ubuntu2.18 No subscription required Medium CVE-2023-0567 CVE-2023-0568 CVE-2023-0662 Ubuntu 20.04 LTS It was discovered that lighttpd incorrectly handled certain inputs, which could result in a stack buffer overflow. A remote attacker could possibly use this issue to cause a denial of service (DoS). (CVE-2022-22707, CVE-2022-41556) Update Instructions: Run `sudo pro fix USN-5903-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lighttpd-doc - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-authn-sasl - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-magnet - 1.4.55-1ubuntu1.20.04.2 lighttpd-dev - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-authn-pam - 1.4.55-1ubuntu1.20.04.2 lighttpd - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-maxminddb - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-vhostdb-dbi - 1.4.55-1ubuntu1.20.04.2 lighttpd-modules-ldap - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-cml - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-vhostdb-pgsql - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-geoip - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-authn-gssapi - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-webdav - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-trigger-b4-dl - 1.4.55-1ubuntu1.20.04.2 lighttpd-modules-mysql - 1.4.55-1ubuntu1.20.04.2 No subscription required Medium CVE-2022-22707 CVE-2022-41556 Ubuntu 20.04 LTS Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2019-13590) Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-23159, CVE-2021-23172, CVE-2021-23210, CVE-2021-33844, CVE-2021-3643, CVE-2021-40426, CVE-2022-31650, and CVE-2022-31651) Update Instructions: Run `sudo pro fix USN-5904-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsox-fmt-mp3 - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-fmt-pulse - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-fmt-ao - 14.4.2+git20190427-2+deb11u1build0.20.04.1 sox - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox3 - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-fmt-base - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-fmt-all - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-dev - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-fmt-alsa - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-fmt-oss - 14.4.2+git20190427-2+deb11u1build0.20.04.1 No subscription required Medium CVE-2019-13590 CVE-2021-23159 CVE-2021-23172 CVE-2021-23210 CVE-2021-33844 CVE-2021-3643 CVE-2021-40426 CVE-2022-31650 CVE-2022-31651 Ubuntu 20.04 LTS USN-5904-1 fixed vulnerabilities in SoX. It was discovered that the fix for CVE-2021-33844 was incomplete. This update fixes the problem. Original advisory details: Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2019-13590) Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-23159, CVE-2021-23172, CVE-2021-23210, CVE-2021-33844, CVE-2021-3643, CVE-2021-40426, CVE-2022-31650, and CVE-2022-31651) Update Instructions: Run `sudo pro fix USN-5904-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsox-fmt-mp3 - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-fmt-pulse - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-fmt-ao - 14.4.2+git20190427-2+deb11u2build0.20.04.1 sox - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox3 - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-fmt-base - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-fmt-all - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-dev - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-fmt-alsa - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-fmt-oss - 14.4.2+git20190427-2+deb11u2build0.20.04.1 No subscription required Medium CVE-2021-33844 Ubuntu 20.04 LTS Jacob Champion discovered that the PostgreSQL client incorrectly handled Kerberos authentication. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5906-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.14-0ubuntu0.20.04.1 libecpg-dev - 12.14-0ubuntu0.20.04.1 libpq-dev - 12.14-0ubuntu0.20.04.1 libecpg6 - 12.14-0ubuntu0.20.04.1 libpq5 - 12.14-0ubuntu0.20.04.1 libpgtypes3 - 12.14-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.14-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.14-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.14-0ubuntu0.20.04.1 postgresql-doc-12 - 12.14-0ubuntu0.20.04.1 postgresql-12 - 12.14-0ubuntu0.20.04.1 postgresql-client-12 - 12.14-0ubuntu0.20.04.1 libecpg-compat3 - 12.14-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-41862 Ubuntu 20.04 LTS It was discovered that c-ares incorrectly handled certain sortlist strings. A remote attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5907-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc-ares2 - 1.15.0-1ubuntu0.2 libc-ares-dev - 1.15.0-1ubuntu0.2 No subscription required Medium CVE-2022-4904 Ubuntu 20.04 LTS It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20928) Update Instructions: Run `sudo pro fix USN-5909-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1103-azure-fde - 5.4.0-1103.109+cvm1.1 linux-image-5.4.0-1103-azure-fde - 5.4.0-1103.109+cvm1.1 No subscription required linux-azure-fde - 5.4.0.1103.109+cvm1.36 linux-modules-extra-azure-fde - 5.4.0.1103.109+cvm1.36 linux-image-azure-fde - 5.4.0.1103.109+cvm1.36 linux-cloud-tools-azure-fde - 5.4.0.1103.109+cvm1.36 linux-tools-azure-fde - 5.4.0.1103.109+cvm1.36 linux-headers-azure-fde - 5.4.0.1103.109+cvm1.36 No subscription required Medium CVE-2022-3628 CVE-2022-3640 CVE-2022-3649 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2023-20928 Ubuntu 20.04 LTS It was discovered that Rack did not properly structure regular expressions in some of its parsing components, which could result in uncontrolled resource consumption if an application using Rack received specially crafted input. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-44570, CVE-2022-44571) It was discovered that Rack did not properly structure regular expressions in its multipart parsing component, which could result in uncontrolled resource consumption if an application using Rack to parse multipart posts received specially crafted input. A remote attacker could possibly use this issue to cause a denial of service. This issue was only fixed in Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. (CVE-2022-44572) Update Instructions: Run `sudo pro fix USN-5910-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rack - 2.0.7-2ubuntu0.1+esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-44570 CVE-2022-44571 CVE-2022-44572 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0179) It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3169) Maxim Levitsky discovered that the KVM nested virtualization (SVM) implementation for AMD processors in the Linux kernel did not properly handle nested shutdown execution. An attacker in a guest vm could use this to cause a denial of service (host kernel crash) (CVE-2022-3344) Gwangun Jung discovered a race condition in the IPv4 implementation in the Linux kernel when deleting multipath routes, resulting in an out-of-bounds read. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3435) It was discovered that a race condition existed in the Kernel Connection Multiplexor (KCM) socket implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3521) It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3545) It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-4139) It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-42328, CVE-2022-42329) It was discovered that the NFSD implementation in the Linux kernel contained a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4379) It was discovered that a race condition existed in the x86 KVM subsystem implementation in the Linux kernel when nested virtualization and the TDP MMU are enabled. An attacker in a guest vm could use this to cause a denial of service (host OS crash). (CVE-2022-45869) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate the number of channels, leading to an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-47518) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate specific attributes, leading to an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-47519) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate offsets, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2022-47520) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate specific attributes, leading to a heap-based buffer overflow. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-47521) Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0468) It was discovered that the file system writeback functionality in the Linux kernel contained a user-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-26605) Update Instructions: Run `sudo pro fix USN-5912-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-image-unsigned-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-tools-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-gke-5.15-tools-5.15.0-1028 - 5.15.0-1028.33~20.04.1 linux-image-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-gke-5.15-headers-5.15.0-1028 - 5.15.0-1028.33~20.04.1 linux-modules-extra-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-headers-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-buildinfo-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-modules-iwlwifi-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 No subscription required linux-buildinfo-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 linux-modules-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 linux-oracle-5.15-tools-5.15.0-1030 - 5.15.0-1030.36~20.04.1 linux-image-unsigned-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 linux-tools-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 linux-oracle-5.15-headers-5.15.0-1030 - 5.15.0-1030.36~20.04.1 linux-headers-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 linux-image-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 linux-modules-extra-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 No subscription required linux-tools-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-image-unsigned-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-image-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-buildinfo-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-headers-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-modules-iwlwifi-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-modules-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-gcp-5.15-tools-5.15.0-1030 - 5.15.0-1030.37~20.04.1 linux-gcp-5.15-headers-5.15.0-1030 - 5.15.0-1030.37~20.04.1 linux-modules-extra-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 No subscription required linux-cloud-tools-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1031 - 5.15.0-1031.35~20.04.1 linux-image-unsigned-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-headers-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-image-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-modules-extra-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-aws-5.15-tools-5.15.0-1031 - 5.15.0-1031.35~20.04.1 linux-buildinfo-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-tools-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-aws-5.15-headers-5.15.0-1031 - 5.15.0-1031.35~20.04.1 linux-modules-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1034 - 5.15.0-1034.41~20.04.1 linux-image-unsigned-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-modules-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-cloud-tools-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-buildinfo-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-azure-5.15-headers-5.15.0-1034 - 5.15.0-1034.41~20.04.1 linux-image-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-tools-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-modules-extra-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-headers-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1034 - 5.15.0-1034.41~20.04.1 No subscription required linux-cloud-tools-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-tools-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-buildinfo-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-modules-iwlwifi-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-tools-5.15.0-67-generic-64k - 5.15.0-67.74~20.04.1 linux-headers-5.15.0-67-lowlatency-64k - 5.15.0-67.74~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-67 - 5.15.0-67.74~20.04.1 linux-image-5.15.0-67-lowlatency-64k - 5.15.0-67.74~20.04.1 linux-modules-extra-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-67.74~20.04.1 linux-buildinfo-5.15.0-67-lowlatency-64k - 5.15.0-67.74~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-67.74~20.04.1 linux-modules-iwlwifi-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-67 - 5.15.0-67.74~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-67.74~20.04.1 linux-modules-5.15.0-67-lowlatency-64k - 5.15.0-67.74~20.04.1 linux-image-unsigned-5.15.0-67-lowlatency-64k - 5.15.0-67.74~20.04.1 linux-modules-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-headers-5.15.0-67-generic-64k - 5.15.0-67.74~20.04.1 linux-image-5.15.0-67-generic-lpae - 5.15.0-67.74~20.04.1 linux-image-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-67.74~20.04.1 linux-headers-5.15.0-67-generic-lpae - 5.15.0-67.74~20.04.1 linux-image-unsigned-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-67 - 5.15.0-67.74~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-67 - 5.15.0-67.74~20.04.1 linux-tools-5.15.0-67-generic-lpae - 5.15.0-67.74~20.04.1 linux-modules-5.15.0-67-generic-lpae - 5.15.0-67.74~20.04.1 linux-headers-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-image-unsigned-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-67.74~20.04.1 linux-image-unsigned-5.15.0-67-generic-64k - 5.15.0-67.74~20.04.1 linux-hwe-5.15-headers-5.15.0-67 - 5.15.0-67.74~20.04.1 linux-headers-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-tools-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-image-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-modules-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-67.74~20.04.1 linux-hwe-5.15-tools-5.15.0-67 - 5.15.0-67.74~20.04.1 linux-modules-5.15.0-67-generic-64k - 5.15.0-67.74~20.04.1 linux-buildinfo-5.15.0-67-generic-64k - 5.15.0-67.74~20.04.1 linux-cloud-tools-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-buildinfo-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-67.74~20.04.1 linux-image-5.15.0-67-generic-64k - 5.15.0-67.74~20.04.1 linux-tools-5.15.0-67-lowlatency-64k - 5.15.0-67.74~20.04.1 linux-buildinfo-5.15.0-67-generic-lpae - 5.15.0-67.74~20.04.1 No subscription required linux-gke-5.15 - 5.15.0.1028.33~20.04.1 linux-tools-gke-5.15 - 5.15.0.1028.33~20.04.1 linux-image-gke-5.15 - 5.15.0.1028.33~20.04.1 linux-tools-gke-edge - 5.15.0.1028.33~20.04.1 linux-headers-gke-edge - 5.15.0.1028.33~20.04.1 linux-image-gke-edge - 5.15.0.1028.33~20.04.1 linux-gke-edge - 5.15.0.1028.33~20.04.1 linux-headers-gke-5.15 - 5.15.0.1028.33~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1030.36~20.04.1 linux-tools-oracle - 5.15.0.1030.36~20.04.1 linux-tools-oracle-edge - 5.15.0.1030.36~20.04.1 linux-oracle-edge - 5.15.0.1030.36~20.04.1 linux-image-oracle-edge - 5.15.0.1030.36~20.04.1 linux-headers-oracle-edge - 5.15.0.1030.36~20.04.1 linux-image-oracle - 5.15.0.1030.36~20.04.1 linux-oracle - 5.15.0.1030.36~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1030.37~20.04.1 linux-headers-gcp-edge - 5.15.0.1030.37~20.04.1 linux-tools-gcp - 5.15.0.1030.37~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1030.37~20.04.1 linux-gcp - 5.15.0.1030.37~20.04.1 linux-tools-gcp-edge - 5.15.0.1030.37~20.04.1 linux-headers-gcp - 5.15.0.1030.37~20.04.1 linux-image-gcp - 5.15.0.1030.37~20.04.1 linux-modules-extra-gcp - 5.15.0.1030.37~20.04.1 linux-gcp-edge - 5.15.0.1030.37~20.04.1 No subscription required linux-headers-aws-edge - 5.15.0.1031.35~20.04.20 linux-headers-aws - 5.15.0.1031.35~20.04.20 linux-image-aws - 5.15.0.1031.35~20.04.20 linux-modules-extra-aws-edge - 5.15.0.1031.35~20.04.20 linux-tools-aws-edge - 5.15.0.1031.35~20.04.20 linux-image-aws-edge - 5.15.0.1031.35~20.04.20 linux-aws-edge - 5.15.0.1031.35~20.04.20 linux-aws - 5.15.0.1031.35~20.04.20 linux-tools-aws - 5.15.0.1031.35~20.04.20 linux-modules-extra-aws - 5.15.0.1031.35~20.04.20 No subscription required linux-tools-azure-edge - 5.15.0.1034.41~20.04.24 linux-cloud-tools-azure - 5.15.0.1034.41~20.04.24 linux-image-azure-edge - 5.15.0.1034.41~20.04.24 linux-cloud-tools-azure-edge - 5.15.0.1034.41~20.04.24 linux-modules-extra-azure - 5.15.0.1034.41~20.04.24 linux-azure - 5.15.0.1034.41~20.04.24 linux-image-azure - 5.15.0.1034.41~20.04.24 linux-headers-azure-edge - 5.15.0.1034.41~20.04.24 linux-azure-edge - 5.15.0.1034.41~20.04.24 linux-tools-azure - 5.15.0.1034.41~20.04.24 linux-modules-extra-azure-edge - 5.15.0.1034.41~20.04.24 linux-headers-azure - 5.15.0.1034.41~20.04.24 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-lowlatency-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-headers-lowlatency-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-image-lowlatency-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-lowlatency-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-tools-lowlatency-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-lowlatency-64k-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.67.74~20.04.25 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-image-virtual-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-headers-virtual-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-headers-generic-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-image-virtual-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-image-extra-virtual-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-virtual-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-image-generic-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-headers-generic-64k-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-generic-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-generic-lpae-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-virtual-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-tools-generic-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-generic-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-generic-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-generic-lpae-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-tools-generic-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-headers-generic-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-image-generic-lpae-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-tools-virtual-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-tools-generic-64k-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-tools-virtual-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-image-generic-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-generic-64k-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-image-generic-64k-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-headers-virtual-hwe-20.04 - 5.15.0.67.74~20.04.28 No subscription required High CVE-2022-3169 CVE-2022-3344 CVE-2022-3435 CVE-2022-3521 CVE-2022-3545 CVE-2022-4139 CVE-2022-42328 CVE-2022-42329 CVE-2022-4379 CVE-2022-45869 CVE-2022-47518 CVE-2022-47519 CVE-2022-47520 CVE-2022-47521 CVE-2023-0179 CVE-2023-0461 CVE-2023-0468 CVE-2023-26605 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) Lee Jones discovered that a use-after-free vulnerability existed in the Bluetooth implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20566) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36879) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) It was discovered that the NFSD implementation in the Linux kernel contained a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4379) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate offsets, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2022-47520) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) Update Instructions: Run `sudo pro fix USN-5913-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-headers-5.14.0-1058 - 5.14.0-1058.66 linux-headers-5.14.0-1058-oem - 5.14.0-1058.66 linux-buildinfo-5.14.0-1058-oem - 5.14.0-1058.66 linux-oem-5.14-tools-5.14.0-1058 - 5.14.0-1058.66 linux-modules-5.14.0-1058-oem - 5.14.0-1058.66 linux-image-unsigned-5.14.0-1058-oem - 5.14.0-1058.66 linux-image-5.14.0-1058-oem - 5.14.0-1058.66 linux-modules-iwlwifi-5.14.0-1058-oem - 5.14.0-1058.66 linux-tools-5.14.0-1058-oem - 5.14.0-1058.66 linux-oem-5.14-tools-host - 5.14.0-1058.66 No subscription required linux-image-oem-20.04c - 5.14.0.1058.56 linux-image-oem-20.04b - 5.14.0.1058.56 linux-image-oem-20.04d - 5.14.0.1058.56 linux-headers-oem-20.04 - 5.14.0.1058.56 linux-tools-oem-20.04c - 5.14.0.1058.56 linux-tools-oem-20.04b - 5.14.0.1058.56 linux-oem-20.04 - 5.14.0.1058.56 linux-image-oem-20.04 - 5.14.0.1058.56 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1058.56 linux-oem-20.04d - 5.14.0.1058.56 linux-oem-20.04c - 5.14.0.1058.56 linux-oem-20.04b - 5.14.0.1058.56 linux-tools-oem-20.04d - 5.14.0.1058.56 linux-headers-oem-20.04b - 5.14.0.1058.56 linux-headers-oem-20.04c - 5.14.0.1058.56 linux-headers-oem-20.04d - 5.14.0.1058.56 linux-tools-oem-20.04 - 5.14.0.1058.56 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1058.56 No subscription required High CVE-2022-20566 CVE-2022-3565 CVE-2022-36879 CVE-2022-43750 CVE-2022-4379 CVE-2022-47520 CVE-2023-0045 CVE-2023-0461 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3169) It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3424) Gwangun Jung discovered a race condition in the IPv4 implementation in the Linux kernel when deleting multipath routes, resulting in an out-of-bounds read. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3435) It was discovered that a race condition existed in the Kernel Connection Multiplexor (KCM) socket implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3521) It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3545) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41218) It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-4139) It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-42328, CVE-2022-42329) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate offsets, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2022-47520) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) It was discovered that a use-after-free vulnerability existed in the Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0266) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) Kyle Zeng discovered that the class-based queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23454) Kyle Zeng discovered that the ATM VC queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23455) Update Instructions: Run `sudo pro fix USN-5917-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-headers-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-gkeop-source-5.4.0 - 5.4.0-1065.69 linux-tools-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-gkeop-headers-5.4.0-1065 - 5.4.0-1065.69 linux-image-unsigned-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-modules-extra-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-modules-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-gkeop-tools-5.4.0-1065 - 5.4.0-1065.69 linux-gkeop-cloud-tools-5.4.0-1065 - 5.4.0-1065.69 linux-buildinfo-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-image-5.4.0-1065-gkeop - 5.4.0-1065.69 No subscription required linux-kvm-tools-5.4.0-1087 - 5.4.0-1087.93 linux-image-5.4.0-1087-kvm - 5.4.0-1087.93 linux-kvm-headers-5.4.0-1087 - 5.4.0-1087.93 linux-headers-5.4.0-1087-kvm - 5.4.0-1087.93 linux-image-unsigned-5.4.0-1087-kvm - 5.4.0-1087.93 linux-tools-5.4.0-1087-kvm - 5.4.0-1087.93 linux-buildinfo-5.4.0-1087-kvm - 5.4.0-1087.93 linux-modules-5.4.0-1087-kvm - 5.4.0-1087.93 No subscription required linux-tools-5.4.0-1094-oracle - 5.4.0-1094.103 linux-modules-extra-5.4.0-1094-oracle - 5.4.0-1094.103 linux-image-unsigned-5.4.0-1094-oracle - 5.4.0-1094.103 linux-headers-5.4.0-1094-oracle - 5.4.0-1094.103 linux-modules-5.4.0-1094-oracle - 5.4.0-1094.103 linux-image-5.4.0-1094-oracle - 5.4.0-1094.103 linux-buildinfo-5.4.0-1094-oracle - 5.4.0-1094.103 linux-oracle-headers-5.4.0-1094 - 5.4.0-1094.103 linux-oracle-tools-5.4.0-1094 - 5.4.0-1094.103 No subscription required linux-gke-tools-5.4.0-1095 - 5.4.0-1095.102 linux-headers-5.4.0-1095-gke - 5.4.0-1095.102 linux-tools-5.4.0-1095-gke - 5.4.0-1095.102 linux-buildinfo-5.4.0-1095-gke - 5.4.0-1095.102 linux-modules-extra-5.4.0-1095-gke - 5.4.0-1095.102 linux-modules-5.4.0-1095-gke - 5.4.0-1095.102 linux-gke-headers-5.4.0-1095 - 5.4.0-1095.102 linux-image-unsigned-5.4.0-1095-gke - 5.4.0-1095.102 linux-image-5.4.0-1095-gke - 5.4.0-1095.102 No subscription required linux-tools-5.4.0-1097-aws - 5.4.0-1097.105 linux-aws-cloud-tools-5.4.0-1097 - 5.4.0-1097.105 linux-cloud-tools-5.4.0-1097-aws - 5.4.0-1097.105 linux-headers-5.4.0-1097-aws - 5.4.0-1097.105 linux-modules-extra-5.4.0-1097-aws - 5.4.0-1097.105 linux-aws-tools-5.4.0-1097 - 5.4.0-1097.105 linux-buildinfo-5.4.0-1097-aws - 5.4.0-1097.105 linux-image-5.4.0-1097-aws - 5.4.0-1097.105 linux-modules-5.4.0-1097-aws - 5.4.0-1097.105 linux-image-unsigned-5.4.0-1097-aws - 5.4.0-1097.105 linux-aws-headers-5.4.0-1097 - 5.4.0-1097.105 No subscription required linux-modules-extra-5.4.0-1101-gcp - 5.4.0-1101.110 linux-buildinfo-5.4.0-1101-gcp - 5.4.0-1101.110 linux-modules-5.4.0-1101-gcp - 5.4.0-1101.110 linux-gcp-headers-5.4.0-1101 - 5.4.0-1101.110 linux-tools-5.4.0-1101-gcp - 5.4.0-1101.110 linux-image-unsigned-5.4.0-1101-gcp - 5.4.0-1101.110 linux-gcp-tools-5.4.0-1101 - 5.4.0-1101.110 linux-image-5.4.0-1101-gcp - 5.4.0-1101.110 linux-headers-5.4.0-1101-gcp - 5.4.0-1101.110 No subscription required linux-tools-5.4.0-1104-azure - 5.4.0-1104.110 linux-azure-tools-5.4.0-1104 - 5.4.0-1104.110 linux-modules-extra-5.4.0-1104-azure - 5.4.0-1104.110 linux-cloud-tools-5.4.0-1104-azure - 5.4.0-1104.110 linux-image-5.4.0-1104-azure - 5.4.0-1104.110 linux-modules-5.4.0-1104-azure - 5.4.0-1104.110 linux-buildinfo-5.4.0-1104-azure - 5.4.0-1104.110 linux-headers-5.4.0-1104-azure - 5.4.0-1104.110 linux-azure-headers-5.4.0-1104 - 5.4.0-1104.110 linux-image-unsigned-5.4.0-1104-azure - 5.4.0-1104.110 linux-azure-cloud-tools-5.4.0-1104 - 5.4.0-1104.110 No subscription required linux-tools-common - 5.4.0-144.161 linux-tools-5.4.0-144-generic - 5.4.0-144.161 linux-modules-5.4.0-144-generic - 5.4.0-144.161 linux-tools-host - 5.4.0-144.161 linux-buildinfo-5.4.0-144-generic-lpae - 5.4.0-144.161 linux-doc - 5.4.0-144.161 linux-buildinfo-5.4.0-144-lowlatency - 5.4.0-144.161 linux-image-5.4.0-144-generic-lpae - 5.4.0-144.161 linux-modules-5.4.0-144-generic-lpae - 5.4.0-144.161 linux-image-5.4.0-144-generic - 5.4.0-144.161 linux-headers-5.4.0-144 - 5.4.0-144.161 linux-libc-dev - 5.4.0-144.161 linux-source-5.4.0 - 5.4.0-144.161 linux-modules-5.4.0-144-lowlatency - 5.4.0-144.161 linux-tools-5.4.0-144-generic-lpae - 5.4.0-144.161 linux-buildinfo-5.4.0-144-generic - 5.4.0-144.161 linux-cloud-tools-5.4.0-144 - 5.4.0-144.161 linux-tools-5.4.0-144 - 5.4.0-144.161 linux-tools-5.4.0-144-lowlatency - 5.4.0-144.161 linux-headers-5.4.0-144-generic - 5.4.0-144.161 linux-image-unsigned-5.4.0-144-generic - 5.4.0-144.161 linux-cloud-tools-common - 5.4.0-144.161 linux-headers-5.4.0-144-lowlatency - 5.4.0-144.161 linux-image-unsigned-5.4.0-144-lowlatency - 5.4.0-144.161 linux-modules-extra-5.4.0-144-generic - 5.4.0-144.161 linux-cloud-tools-5.4.0-144-generic - 5.4.0-144.161 linux-image-5.4.0-144-lowlatency - 5.4.0-144.161 linux-headers-5.4.0-144-generic-lpae - 5.4.0-144.161 linux-cloud-tools-5.4.0-144-lowlatency - 5.4.0-144.161 No subscription required linux-headers-gkeop - 5.4.0.1065.63 linux-cloud-tools-gkeop-5.4 - 5.4.0.1065.63 linux-image-gkeop - 5.4.0.1065.63 linux-modules-extra-gkeop-5.4 - 5.4.0.1065.63 linux-gkeop-5.4 - 5.4.0.1065.63 linux-image-gkeop-5.4 - 5.4.0.1065.63 linux-gkeop - 5.4.0.1065.63 linux-cloud-tools-gkeop - 5.4.0.1065.63 linux-tools-gkeop - 5.4.0.1065.63 linux-headers-gkeop-5.4 - 5.4.0.1065.63 linux-modules-extra-gkeop - 5.4.0.1065.63 linux-tools-gkeop-5.4 - 5.4.0.1065.63 No subscription required linux-kvm - 5.4.0.1087.81 linux-headers-kvm - 5.4.0.1087.81 linux-tools-kvm - 5.4.0.1087.81 linux-image-kvm - 5.4.0.1087.81 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1094.87 linux-oracle-lts-20.04 - 5.4.0.1094.87 linux-headers-oracle-lts-20.04 - 5.4.0.1094.87 linux-image-oracle-lts-20.04 - 5.4.0.1094.87 No subscription required linux-modules-extra-gke - 5.4.0.1095.100 linux-headers-gke-5.4 - 5.4.0.1095.100 linux-tools-gke-5.4 - 5.4.0.1095.100 linux-modules-extra-gke-5.4 - 5.4.0.1095.100 linux-tools-gke - 5.4.0.1095.100 linux-gke - 5.4.0.1095.100 linux-headers-gke - 5.4.0.1095.100 linux-image-gke - 5.4.0.1095.100 linux-gke-5.4 - 5.4.0.1095.100 linux-image-gke-5.4 - 5.4.0.1095.100 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1097.94 linux-headers-aws-lts-20.04 - 5.4.0.1097.94 linux-tools-aws-lts-20.04 - 5.4.0.1097.94 linux-aws-lts-20.04 - 5.4.0.1097.94 linux-image-aws-lts-20.04 - 5.4.0.1097.94 No subscription required linux-gcp-lts-20.04 - 5.4.0.1101.103 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1101.103 linux-headers-gcp-lts-20.04 - 5.4.0.1101.103 linux-image-gcp-lts-20.04 - 5.4.0.1101.103 linux-tools-gcp-lts-20.04 - 5.4.0.1101.103 No subscription required linux-azure-lts-20.04 - 5.4.0.1104.97 linux-image-azure-lts-20.04 - 5.4.0.1104.97 linux-modules-extra-azure-lts-20.04 - 5.4.0.1104.97 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1104.97 linux-tools-azure-lts-20.04 - 5.4.0.1104.97 linux-headers-azure-lts-20.04 - 5.4.0.1104.97 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.144.142 linux-cloud-tools-virtual - 5.4.0.144.142 linux-image-generic-hwe-18.04 - 5.4.0.144.142 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.144.142 linux-headers-generic-lpae - 5.4.0.144.142 linux-image-virtual - 5.4.0.144.142 linux-oem-osp1-tools-host - 5.4.0.144.142 linux-image-generic - 5.4.0.144.142 linux-image-oem - 5.4.0.144.142 linux-headers-lowlatency-hwe-18.04 - 5.4.0.144.142 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.144.142 linux-lowlatency-hwe-18.04-edge - 5.4.0.144.142 linux-image-extra-virtual-hwe-18.04 - 5.4.0.144.142 linux-image-oem-osp1 - 5.4.0.144.142 linux-image-generic-lpae-hwe-18.04 - 5.4.0.144.142 linux-crashdump - 5.4.0.144.142 linux-tools-lowlatency-hwe-18.04 - 5.4.0.144.142 linux-headers-generic-hwe-18.04 - 5.4.0.144.142 linux-headers-virtual-hwe-18.04-edge - 5.4.0.144.142 linux-lowlatency - 5.4.0.144.142 linux-source - 5.4.0.144.142 linux-tools-generic-lpae - 5.4.0.144.142 linux-cloud-tools-generic - 5.4.0.144.142 linux-oem - 5.4.0.144.142 linux-tools-virtual-hwe-18.04-edge - 5.4.0.144.142 linux-virtual - 5.4.0.144.142 linux-headers-virtual-hwe-18.04 - 5.4.0.144.142 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.144.142 linux-tools-virtual - 5.4.0.144.142 linux-generic-lpae-hwe-18.04-edge - 5.4.0.144.142 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.144.142 linux-tools-oem-osp1 - 5.4.0.144.142 linux-generic-lpae - 5.4.0.144.142 linux-headers-oem - 5.4.0.144.142 linux-generic - 5.4.0.144.142 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.144.142 linux-tools-generic-hwe-18.04-edge - 5.4.0.144.142 linux-image-virtual-hwe-18.04 - 5.4.0.144.142 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.144.142 linux-oem-tools-host - 5.4.0.144.142 linux-headers-lowlatency - 5.4.0.144.142 linux-image-generic-hwe-18.04-edge - 5.4.0.144.142 linux-generic-hwe-18.04-edge - 5.4.0.144.142 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.144.142 linux-tools-generic - 5.4.0.144.142 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.144.142 linux-image-extra-virtual - 5.4.0.144.142 linux-cloud-tools-lowlatency - 5.4.0.144.142 linux-tools-oem - 5.4.0.144.142 linux-headers-oem-osp1 - 5.4.0.144.142 linux-virtual-hwe-18.04 - 5.4.0.144.142 linux-generic-lpae-hwe-18.04 - 5.4.0.144.142 linux-tools-generic-hwe-18.04 - 5.4.0.144.142 linux-headers-generic-hwe-18.04-edge - 5.4.0.144.142 linux-headers-generic - 5.4.0.144.142 linux-oem-osp1 - 5.4.0.144.142 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.144.142 linux-tools-lowlatency - 5.4.0.144.142 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.144.142 linux-image-lowlatency-hwe-18.04 - 5.4.0.144.142 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.144.142 linux-virtual-hwe-18.04-edge - 5.4.0.144.142 linux-headers-virtual - 5.4.0.144.142 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.144.142 linux-tools-virtual-hwe-18.04 - 5.4.0.144.142 linux-lowlatency-hwe-18.04 - 5.4.0.144.142 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.144.142 linux-generic-hwe-18.04 - 5.4.0.144.142 linux-image-generic-lpae - 5.4.0.144.142 linux-image-virtual-hwe-18.04-edge - 5.4.0.144.142 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.144.142 linux-image-lowlatency - 5.4.0.144.142 No subscription required High CVE-2022-3169 CVE-2022-3424 CVE-2022-3435 CVE-2022-3521 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-41218 CVE-2022-4139 CVE-2022-42328 CVE-2022-42329 CVE-2022-47520 CVE-2022-47929 CVE-2023-0045 CVE-2023-0266 CVE-2023-0394 CVE-2023-0461 CVE-2023-20938 CVE-2023-23454 CVE-2023-23455 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) It was discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20928) Update Instructions: Run `sudo pro fix USN-5918-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-headers-5.4.0-1058 - 5.4.0-1058.64 linux-image-unsigned-5.4.0-1058-bluefield - 5.4.0-1058.64 linux-image-5.4.0-1058-bluefield - 5.4.0-1058.64 linux-buildinfo-5.4.0-1058-bluefield - 5.4.0-1058.64 linux-modules-5.4.0-1058-bluefield - 5.4.0-1058.64 linux-bluefield-tools-5.4.0-1058 - 5.4.0-1058.64 linux-headers-5.4.0-1058-bluefield - 5.4.0-1058.64 linux-tools-5.4.0-1058-bluefield - 5.4.0-1058.64 No subscription required linux-bluefield - 5.4.0.1058.53 linux-tools-bluefield - 5.4.0.1058.53 linux-image-bluefield - 5.4.0.1058.53 linux-headers-bluefield - 5.4.0.1058.53 No subscription required High CVE-2022-3628 CVE-2022-3640 CVE-2022-3643 CVE-2022-3649 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2022-42896 CVE-2022-43945 CVE-2022-45934 CVE-2023-20928 Ubuntu 20.04 LTS Koen van Hove discovered that the rsync client incorrectly validated filenames returned by servers. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could use this issue to write arbitrary files, and possibly escalate privileges. Update Instructions: Run `sudo pro fix USN-5921-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rsync - 3.1.3-8ubuntu0.5 No subscription required Medium CVE-2022-29154 Ubuntu 20.04 LTS It was discovered that LibTIFF could be made to read out of bounds when processing certain malformed image files with the tiffcrop tool. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service. (CVE-2023-0795, CVE-2023-0796, CVE-2023-0797, CVE-2023-0798, CVE-2023-0799) It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files with the tiffcrop tool. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804) Update Instructions: Run `sudo pro fix USN-5923-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.8 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.8 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.8 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.8 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.8 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.8 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.8 No subscription required Medium CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2023-0798 CVE-2023-0799 CVE-2023-0800 CVE-2023-0801 CVE-2023-0802 CVE-2023-0803 CVE-2023-0804 Ubuntu 20.04 LTS It was discovered that systemd did not properly validate the time and accuracy values provided to the format_timespan() function. An attacker could possibly use this issue to cause a buffer overrun, leading to a denial of service attack. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3821) It was discovered that systemd did not properly manage the fs.suid_dumpable kernel configurations. A local attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-4415) It was discovered that systemd did not properly manage a crash with long backtrace data. A local attacker could possibly use this issue to cause a deadlock, leading to a denial of service attack. This issue only affected Ubuntu 22.10. (CVE-2022-45873) Update Instructions: Run `sudo pro fix USN-5928-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: systemd-tests - 245.4-4ubuntu3.20 systemd-coredump - 245.4-4ubuntu3.20 systemd - 245.4-4ubuntu3.20 libsystemd0 - 245.4-4ubuntu3.20 systemd-container - 245.4-4ubuntu3.20 libnss-myhostname - 245.4-4ubuntu3.20 libudev1 - 245.4-4ubuntu3.20 systemd-timesyncd - 245.4-4ubuntu3.20 libsystemd-dev - 245.4-4ubuntu3.20 libnss-systemd - 245.4-4ubuntu3.20 systemd-journal-remote - 245.4-4ubuntu3.20 libpam-systemd - 245.4-4ubuntu3.20 libnss-mymachines - 245.4-4ubuntu3.20 libnss-resolve - 245.4-4ubuntu3.20 systemd-sysv - 245.4-4ubuntu3.20 udev - 245.4-4ubuntu3.20 libudev-dev - 245.4-4ubuntu3.20 No subscription required Medium CVE-2022-3821 CVE-2022-4415 CVE-2022-45873 Ubuntu 20.04 LTS It was discovered that Sofia-SIP incorrectly handled specially crafted SDP packets. A remote attacker could use this issue to cause applications using Sofia-SIP to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-31001, CVE-2022-31002, CVE-2022-31003) It was discovered that Sofia-SIP incorrectly handled specially crafted UDP packets. A remote attacker could use this issue to cause applications using Sofia-SIP to crash, leading to a denial of service. (CVE-2022-47516) Qiuhao Li discovered that Sofia-SIP incorrectly handled specially crafted STUN packets. A remote attacker could use this issue to cause applications using Sofia-SIP to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2023-22741) Update Instructions: Run `sudo pro fix USN-5932-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sofia-sip-doc - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 libsofia-sip-ua-glib3 - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 libsofia-sip-ua0 - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 sofia-sip-bin - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 libsofia-sip-ua-glib-dev - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 libsofia-sip-ua-dev - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 No subscription required Medium CVE-2022-31001 CVE-2022-31002 CVE-2022-31003 CVE-2022-47516 CVE-2023-22741 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3169) It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3424) Gwangun Jung discovered a race condition in the IPv4 implementation in the Linux kernel when deleting multipath routes, resulting in an out-of-bounds read. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3435) It was discovered that a race condition existed in the Kernel Connection Multiplexor (KCM) socket implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3521) It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3545) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41218) It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-4139) It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-42328, CVE-2022-42329) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate offsets, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2022-47520) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) It was discovered that a use-after-free vulnerability existed in the Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0266) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) Kyle Zeng discovered that the class-based queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23454) Kyle Zeng discovered that the ATM VC queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23455) Update Instructions: Run `sudo pro fix USN-5934-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-raspi-tools-5.4.0-1081 - 5.4.0-1081.92 linux-image-5.4.0-1081-raspi - 5.4.0-1081.92 linux-raspi-headers-5.4.0-1081 - 5.4.0-1081.92 linux-tools-5.4.0-1081-raspi - 5.4.0-1081.92 linux-buildinfo-5.4.0-1081-raspi - 5.4.0-1081.92 linux-headers-5.4.0-1081-raspi - 5.4.0-1081.92 linux-modules-5.4.0-1081-raspi - 5.4.0-1081.92 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1081.111 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1081.111 linux-raspi-hwe-18.04-edge - 5.4.0.1081.111 linux-raspi - 5.4.0.1081.111 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1081.111 linux-raspi-hwe-18.04 - 5.4.0.1081.111 linux-tools-raspi - 5.4.0.1081.111 linux-image-raspi - 5.4.0.1081.111 linux-tools-raspi2-hwe-18.04 - 5.4.0.1081.111 linux-raspi2-hwe-18.04 - 5.4.0.1081.111 linux-raspi2 - 5.4.0.1081.111 linux-headers-raspi2 - 5.4.0.1081.111 linux-headers-raspi2-hwe-18.04 - 5.4.0.1081.111 linux-image-raspi2 - 5.4.0.1081.111 linux-image-raspi-hwe-18.04-edge - 5.4.0.1081.111 linux-tools-raspi-hwe-18.04 - 5.4.0.1081.111 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1081.111 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1081.111 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1081.111 linux-tools-raspi2 - 5.4.0.1081.111 linux-headers-raspi - 5.4.0.1081.111 linux-headers-raspi-hwe-18.04 - 5.4.0.1081.111 linux-image-raspi-hwe-18.04 - 5.4.0.1081.111 linux-image-raspi2-hwe-18.04 - 5.4.0.1081.111 No subscription required High CVE-2022-3169 CVE-2022-3424 CVE-2022-3435 CVE-2022-3521 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-41218 CVE-2022-4139 CVE-2022-42328 CVE-2022-42329 CVE-2022-47520 CVE-2022-47929 CVE-2023-0045 CVE-2023-0266 CVE-2023-0394 CVE-2023-0461 CVE-2023-20938 CVE-2023-23454 CVE-2023-23455 Ubuntu 20.04 LTS Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2022-3437) Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerberos keys. A remote attacker could possibly use this issue to elevate privileges. (CVE-2022-37966, CVE-2022-37967) It was discovered that Samba supported weak RC4/HMAC-MD5 in NetLogon Secure Channel. A remote attacker could possibly use this issue to elevate privileges. (CVE-2022-38023) Greg Hudson discovered that Samba incorrectly handled PAC parsing. On 32-bit systems, a remote attacker could use this issue to escalate privileges, or possibly execute arbitrary code. (CVE-2022-42898) Joseph Sutton discovered that Samba could be forced to issue rc4-hmac encrypted Kerberos tickets. A remote attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-45141) WARNING: This update upgrades the version of Samba to 4.15.13. Please see the upstream release notes for important changes in the new version: https://www.samba.org/samba/history/samba-4.15.0.html In addition, the security fixes included in this new version introduce several important behavior changes which may cause compatibility problems interacting with systems still expecting the former behavior. Please see the following upstream advisories for more information: https://www.samba.org/samba/security/CVE-2022-37966.html https://www.samba.org/samba/security/CVE-2022-37967.html https://www.samba.org/samba/security/CVE-2022-38023.html Update Instructions: Run `sudo pro fix USN-5936-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-testsuite - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba - 2:4.15.13+dfsg-0ubuntu0.20.04.1 registry-tools - 2:4.15.13+dfsg-0ubuntu0.20.04.1 libpam-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.1 winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.1 smbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.1 libwbclient0 - 2:4.15.13+dfsg-0ubuntu0.20.04.1 libwbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-common-bin - 2:4.15.13+dfsg-0ubuntu0.20.04.1 libsmbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-dsdb-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.1 libsmbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-vfs-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-common - 2:4.15.13+dfsg-0ubuntu0.20.04.1 ctdb - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-libs - 2:4.15.13+dfsg-0ubuntu0.20.04.1 python3-samba - 2:4.15.13+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-3437 CVE-2022-37966 CVE-2022-37967 CVE-2022-38023 CVE-2022-42898 CVE-2022-45141 Ubuntu 20.04 LTS It was discovered that Opusfile was not properly validating pointer arguments in some of its functions, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service or have other unspecified impacts. Update Instructions: Run `sudo pro fix USN-5937-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopusfile-doc - 0.9+20170913-1ubuntu0.20.04.1~esm1 libopusfile-dev - 0.9+20170913-1ubuntu0.20.04.1~esm1 libopusfile0 - 0.9+20170913-1ubuntu0.20.04.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-47021 Ubuntu 20.04 LTS Lars Krapf discovered that the Apache HTTP Server mod_proxy module incorrectly handled certain configurations. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2023-25690) Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server mod_proxy_uwsgi module incorrectly handled certain special characters. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2023-27522) Update Instructions: Run `sudo pro fix USN-5942-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.14 libapache2-mod-md - 2.4.41-4ubuntu3.14 apache2-utils - 2.4.41-4ubuntu3.14 apache2-dev - 2.4.41-4ubuntu3.14 apache2-suexec-pristine - 2.4.41-4ubuntu3.14 apache2-suexec-custom - 2.4.41-4ubuntu3.14 apache2 - 2.4.41-4ubuntu3.14 apache2-doc - 2.4.41-4ubuntu3.14 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.14 apache2-ssl-dev - 2.4.41-4ubuntu3.14 apache2-bin - 2.4.41-4ubuntu3.14 No subscription required Medium CVE-2023-25690 CVE-2023-27522 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-0616, CVE-2023-25735, CVE-2023-25737, CVE-2023-25739, CVE-2023-25729, CVE-2023-25742, CVE-2023-25746) Johan Carlsson discovered that Thunderbird did not properly implement CSP policy on a header when using iframes. An attacker could potentially exploits this to exfiltrate data. (CVE-2023-25728) Irvan Kurniawan discovered that Thunderbird was not properly handling background fullscreen scripts when the window goes into fullscreen mode. An attacker could possibly use this issue to spoof the user and obtain sensitive information. (CVE-2023-25730) Christian Holler discovered that Thunderbird did not properly check the Safe Bag attributes in PKCS 12 certificate bundle. An attacker could possibly use this issue to write to arbitrary memory by sending malicious PKCS 12 certificate. (CVE-2023-0767) Ronald Crane discovered that Thunderbird did not properly check the size of the input being encoded in xpcom. An attacker could possibly use this issue to perform out of bound memory write operations. (CVE-2023-25732) Update Instructions: Run `sudo pro fix USN-5943-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.8.0+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.8.0+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.8.0+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.8.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-0616 CVE-2023-25728 CVE-2023-25730 CVE-2023-0767 CVE-2023-25735 CVE-2023-25737 CVE-2023-25729 CVE-2023-25739 CVE-2023-25732 CVE-2023-25742 CVE-2023-25746 Ubuntu 20.04 LTS It was discovered that SnakeYAML did not limit the maximal nested depth for collections when parsing YAML data. If a user or automated system were tricked into opening a specially crafted YAML file, an attacker could possibly use this issue to cause applications using SnakeYAML to crash, resulting in a denial of service. (CVE-2022-25857, CVE-2022-38749, CVE-2022-38750) It was discovered that SnakeYAML did not limit the maximal data matched with regular expressions when parsing YAML data. If a user or automated system were tricked into opening a specially crafted YAML file, an attacker could possibly use this issue to cause applications using SnakeYAML to crash, resulting in a denial of service. (CVE-2022-38751) Update Instructions: Run `sudo pro fix USN-5944-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libyaml-snake-java - 1.25+ds-2ubuntu0.1 libyaml-snake-java-doc - 1.25+ds-2ubuntu0.1 No subscription required Medium CVE-2022-25857 CVE-2022-38749 CVE-2022-38750 CVE-2022-38751 Ubuntu 20.04 LTS It was discovered that Protocol Buffers did not properly validate field com.google.protobuf.UnknownFieldSet in protobuf-java. An attacker could possibly use this issue to perform a denial of service attack. This issue only affected protobuf Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2021-22569) It was discovered that Protocol Buffers did not properly parse certain symbols. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. (CVE-2021-22570) It was discovered that Protocol Buffers did not properly manage memory when parsing specifically crafted messages. An attacker could possibly use this issue to cause applications using protobuf to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-1941) Update Instructions: Run `sudo pro fix USN-5945-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libprotobuf17 - 3.6.1.3-2ubuntu5.2 libprotoc17 - 3.6.1.3-2ubuntu5.2 libprotoc-dev - 3.6.1.3-2ubuntu5.2 python-protobuf - 3.6.1.3-2ubuntu5.2 libprotobuf-lite17 - 3.6.1.3-2ubuntu5.2 ruby-google-protobuf - 3.6.1.3-2ubuntu5.2 libprotobuf-dev - 3.6.1.3-2ubuntu5.2 python3-protobuf - 3.6.1.3-2ubuntu5.2 libprotobuf-java - 3.6.1.3-2ubuntu5.2 protobuf-compiler - 3.6.1.3-2ubuntu5.2 No subscription required Low CVE-2021-22569 CVE-2021-22570 CVE-2022-1941 Ubuntu 20.04 LTS Lai Han discovered that XStream incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-39140) It was discovered that XStream incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-39139, CVE-2021-39141, CVE-2021-39144, CVE-2021-39145, CVE-2021-39146, CVE-2021-39147, CVE-2021-39148, CVE-2021-39149, CVE-2021-39151, CVE-2021-39153, CVE-2021-39154) It was discovered that XStream incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-39150, CVE-2021-39152) Lai Han discovered that XStream incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-41966) Update Instructions: Run `sudo pro fix USN-5946-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxstream-java - 1.4.11.1-1ubuntu0.3 No subscription required Medium CVE-2021-39139 CVE-2021-39140 CVE-2021-39141 CVE-2021-39144 CVE-2021-39145 CVE-2021-39146 CVE-2021-39147 CVE-2021-39148 CVE-2021-39149 CVE-2021-39150 CVE-2021-39151 CVE-2021-39152 CVE-2021-39153 CVE-2021-39154 CVE-2022-41966 Ubuntu 20.04 LTS Fabien Potencier discovered that Twig was not properly enforcing sandbox policies when dealing with objects automatically cast to strings by PHP. An attacker could possibly use this issue to expose sensitive information. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-9942) Marlon Starkloff discovered that Twig was not properly enforcing closure constraints in some of its array filtering functions. An attacker could possibly use this issue to execute arbitrary code. This issue was only fixed in Ubuntu 20.04 ESM. (CVE-2022-23614) Dariusz Tytko discovered that Twig was not properly verifying input data utilized when defining pathnames used to access files in a system. An attacker could possibly use this issue to access unauthorized resources and expose sensitive information. (CVE-2022-39261) Update Instructions: Run `sudo pro fix USN-5947-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-twig-inky-extra - 2.12.5-1ubuntu0.1~esm1 php-twig-cssinliner-extra - 2.12.5-1ubuntu0.1~esm1 php-twig-intl-extra - 2.12.5-1ubuntu0.1~esm1 php-twig-extra-bundle - 2.12.5-1ubuntu0.1~esm1 php-twig-html-extra - 2.12.5-1ubuntu0.1~esm1 php-twig-doc - 2.12.5-1ubuntu0.1~esm1 php-twig-markdown-extra - 2.12.5-1ubuntu0.1~esm1 php-twig - 2.12.5-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-9942 CVE-2022-23614 CVE-2022-39261 Ubuntu 20.04 LTS It was discovered that Werkzeug did not properly handle the parsing of nameless cookies. A remote attacker could possibly use this issue to shadow other cookies. (CVE-2023-23934) It was discovered that Werkzeug could be made to process unlimited number of multipart form data parts. A remote attacker could possibly use this issue to cause Werkzeug to consume resources, leading to a denial of service. (CVE-2023-25577) Update Instructions: Run `sudo pro fix USN-5948-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-werkzeug - 0.16.1+dfsg1-2ubuntu0.1 python-werkzeug-doc - 0.16.1+dfsg1-2ubuntu0.1 No subscription required Medium CVE-2023-23934 CVE-2023-25577 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3169) It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3424) Gwangun Jung discovered a race condition in the IPv4 implementation in the Linux kernel when deleting multipath routes, resulting in an out-of-bounds read. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3435) It was discovered that a race condition existed in the Kernel Connection Multiplexor (KCM) socket implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3521) It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3545) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41218) It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-4139) It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-42328, CVE-2022-42329) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate offsets, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2022-47520) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) It was discovered that a use-after-free vulnerability existed in the Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0266) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) Kyle Zeng discovered that the class-based queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23454) Kyle Zeng discovered that the ATM VC queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23455) Update Instructions: Run `sudo pro fix USN-5951-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1045 - 5.4.0-1045.50 linux-image-5.4.0-1045-ibm - 5.4.0-1045.50 linux-buildinfo-5.4.0-1045-ibm - 5.4.0-1045.50 linux-tools-5.4.0-1045-ibm - 5.4.0-1045.50 linux-headers-5.4.0-1045-ibm - 5.4.0-1045.50 linux-image-unsigned-5.4.0-1045-ibm - 5.4.0-1045.50 linux-ibm-tools-5.4.0-1045 - 5.4.0-1045.50 linux-modules-5.4.0-1045-ibm - 5.4.0-1045.50 linux-ibm-tools-common - 5.4.0-1045.50 linux-ibm-source-5.4.0 - 5.4.0-1045.50 linux-ibm-cloud-tools-common - 5.4.0-1045.50 linux-modules-extra-5.4.0-1045-ibm - 5.4.0-1045.50 No subscription required linux-image-ibm - 5.4.0.1045.71 linux-headers-ibm-lts-20.04 - 5.4.0.1045.71 linux-tools-ibm - 5.4.0.1045.71 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1045.71 linux-ibm-lts-20.04 - 5.4.0.1045.71 linux-tools-ibm-lts-20.04 - 5.4.0.1045.71 linux-headers-ibm - 5.4.0.1045.71 linux-image-ibm-lts-20.04 - 5.4.0.1045.71 linux-modules-extra-ibm - 5.4.0.1045.71 linux-ibm - 5.4.0.1045.71 No subscription required High CVE-2022-3169 CVE-2022-3424 CVE-2022-3435 CVE-2022-3521 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-41218 CVE-2022-4139 CVE-2022-42328 CVE-2022-42329 CVE-2022-47520 CVE-2022-47929 CVE-2023-0045 CVE-2023-0266 CVE-2023-0394 CVE-2023-0461 CVE-2023-20938 CVE-2023-23454 CVE-2023-23455 Ubuntu 20.04 LTS It was discovered that IPython incorrectly processed REST API POST requests. An attacker could possibly use this issue to launch a cross-site request forgery (CSRF) attack and leak user's sensitive information. This issue only affected Ubuntu 14.04 ESM. (CVE-2015-5607) It was discovered that IPython did not properly manage cross user temporary files. A local attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2022-21699) Update Instructions: Run `sudo pro fix USN-5953-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-ipython-doc - 7.13.0-1ubuntu0.1~esm1 python3-ipython - 7.13.0-1ubuntu0.1~esm1 ipython3 - 7.13.0-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2015-5607 CVE-2022-21699 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-25750, CVE-2023-25752, CVE-2023-28162, CVE-2023-28176, CVE-2023-28177) Lukas Bernhard discovered that Firefox did not properly manage memory when invalidating JIT code while following an iterator. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25751) Rob Wu discovered that Firefox did not properly manage the URLs when following a redirect to a publicly accessible web extension file. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-28160) Luan Herrera discovered that Firefox did not properly manage cross-origin iframe when dragging a URL. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-28164) Khiem Tran discovered that Firefox did not properly manage one-time permissions granted to a document loaded using a file: URL. An attacker could potentially exploit this issue to use granted one-time permissions on the local files came from different sources. (CVE-2023-28161) Update Instructions: Run `sudo pro fix USN-5954-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 111.0+build2-0ubuntu0.20.04.1 firefox - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 111.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 111.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 111.0+build2-0ubuntu0.20.04.1 firefox-dev - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 111.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-25750 CVE-2023-25751 CVE-2023-28160 CVE-2023-28164 CVE-2023-28161 CVE-2023-28162 CVE-2023-25752 CVE-2023-28176 CVE-2023-28177 Ubuntu 20.04 LTS USN-5954-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-25750, CVE-2023-25752, CVE-2023-28162, CVE-2023-28176, CVE-2023-28177) Lukas Bernhard discovered that Firefox did not properly manage memory when invalidating JIT code while following an iterator. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25751) Rob Wu discovered that Firefox did not properly manage the URLs when following a redirect to a publicly accessible web extension file. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-28160) Luan Herrera discovered that Firefox did not properly manage cross-origin iframe when dragging a URL. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-28164) Khiem Tran discovered that Firefox did not properly manage one-time permissions granted to a document loaded using a file: URL. An attacker could potentially exploit this issue to use granted one-time permissions on the local files came from different sources. (CVE-2023-28161) Update Instructions: Run `sudo pro fix USN-5954-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nn - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ne - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nb - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fa - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fi - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fr - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fy - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-or - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kab - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-oc - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cs - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ga - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gd - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gn - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gl - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gu - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pa - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pl - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cy - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pt - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-szl - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hi - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ms - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-he - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hy - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hr - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hu - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-it - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-as - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ar - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ia - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-az - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-id - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mai - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-af - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-is - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-vi - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-an - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bs - 111.0.1+build2-0ubuntu0.20.04.1 firefox - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ro - 111.0.1+build2-0ubuntu0.20.04.1 firefox-geckodriver - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ja - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ru - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-br - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bn - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-be - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bg - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sl - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sk - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-si - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sw - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sv - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sr - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sq - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ko - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kn - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-km - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kk - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ka - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-xh - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ca - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ku - 111.0.1+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lv - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lt - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-th - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 111.0.1+build2-0ubuntu0.20.04.1 firefox-dev - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-te - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cak - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ta - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lg - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-tr - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nso - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-de - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-da - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uk - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mr - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-my - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uz - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ml - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mn - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mk - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ur - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eu - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-et - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-es - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-csb - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-el - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eo - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-en - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zu - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ast - 111.0.1+build2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2012696 Ubuntu 20.04 LTS Dawid Golunski discovered that PHPMailer was not properly escaping user input data used as arguments to functions executed by the system shell. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. (CVE-2016-10033, CVE-2016-10045) It was discovered that PHPMailer was not properly escaping characters in certain fields of the code_generator.php example code. An attacker could possibly use this issue to conduct cross-site scripting (XSS) attacks. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2017-11503) Yongxiang Li discovered that PHPMailer was not properly converting relative paths provided as user input when adding attachments to messages, which could lead to relative image URLs being treated as absolute local file paths and added as attachments. An attacker could possibly use this issue to access unauthorized resources and expose sensitive information. This issue only affected Ubuntu 16.04 ESM. (CVE-2017-5223) Sehun Oh discovered that PHPMailer was not properly processing untrusted non-local file attachments, which could lead to an object injection. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. (CVE-2018-19296) Elar Lang discovered that PHPMailer was not properly escaping file attachment names, which could lead to a misinterpretation of file types by entities processing the message. An attacker could possibly use this issue to bypass attachment filters. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-13625) It was discovered that PHPMailer was not properly handling callables in its validateAddress function, which could result in untrusted code being called should the global namespace contain a function called 'php'. An attacker could possibly use this issue to execute arbitrary code. This issue was only fixed in Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. (CVE-2021-3603) Update Instructions: Run `sudo pro fix USN-5956-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libphp-phpmailer - 6.0.6-0.1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2016-10033 CVE-2016-10045 CVE-2017-11503 CVE-2017-5223 CVE-2018-19296 CVE-2020-13625 CVE-2021-3603 Ubuntu 20.04 LTS Cody Sixteen discovered that LibreCAD incorrectly handled memory when parsing DXF files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-19105) Lilith of Cisco Talos discovered that LibreCAD incorrectly handled memory when parsing DWG files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2021-21898, CVE-2021-21899) Lilith of Cisco Talos discovered that LibreCAD incorrectly handled memory when parsing DRW files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2021-21900) Albin Eldstål-Ahrens discovered that LibreCAD incorrectly handled memory when parsing JWW files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2021-45341, CVE-2021-45342) Albin Eldstål-Ahrens discovered that LibreCAD incorrectly handled memory when parsing DXF files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service. (CVE-2021-45343) Update Instructions: Run `sudo pro fix USN-5957-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librecad-data - 2.1.3-1.2+deb10u1build0.20.04.1 librecad - 2.1.3-1.2+deb10u1build0.20.04.1 No subscription required Medium CVE-2018-19105 CVE-2021-21898 CVE-2021-21899 CVE-2021-21900 CVE-2021-45341 CVE-2021-45342 CVE-2021-45343 Ubuntu 20.04 LTS It was discovered that FFmpeg could be made to dereference a null pointer. An attacker could possibly use this to cause a denial of service via application crash. These issues only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-3109, CVE-2022-3341) It was discovered that FFmpeg could be made to access an out-of-bounds frame by the Apple RPZA encoder. An attacker could possibly use this to cause a denial of service via application crash or access sensitive information. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3964) It was discovered that FFmpeg could be made to access an out-of-bounds frame by the QuickTime encoder. An attacker could possibly use this to cause a denial of service via application crash or access sensitive information. This issue only affected Ubuntu 22.10. (CVE-2022-3965) Update Instructions: Run `sudo pro fix USN-5958-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ffmpeg - 7:4.2.7-0ubuntu0.1+esm1 ffmpeg-doc - 7:4.2.7-0ubuntu0.1+esm1 libavcodec-dev - 7:4.2.7-0ubuntu0.1+esm1 libavcodec-extra - 7:4.2.7-0ubuntu0.1+esm1 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1+esm1 libavcodec58 - 7:4.2.7-0ubuntu0.1+esm1 libavdevice-dev - 7:4.2.7-0ubuntu0.1+esm1 libavdevice58 - 7:4.2.7-0ubuntu0.1+esm1 libavfilter-dev - 7:4.2.7-0ubuntu0.1+esm1 libavfilter-extra - 7:4.2.7-0ubuntu0.1+esm1 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1+esm1 libavfilter7 - 7:4.2.7-0ubuntu0.1+esm1 libavformat-dev - 7:4.2.7-0ubuntu0.1+esm1 libavformat58 - 7:4.2.7-0ubuntu0.1+esm1 libavresample-dev - 7:4.2.7-0ubuntu0.1+esm1 libavresample4 - 7:4.2.7-0ubuntu0.1+esm1 libavutil-dev - 7:4.2.7-0ubuntu0.1+esm1 libavutil56 - 7:4.2.7-0ubuntu0.1+esm1 libpostproc-dev - 7:4.2.7-0ubuntu0.1+esm1 libpostproc55 - 7:4.2.7-0ubuntu0.1+esm1 libswresample-dev - 7:4.2.7-0ubuntu0.1+esm1 libswresample3 - 7:4.2.7-0ubuntu0.1+esm1 libswscale-dev - 7:4.2.7-0ubuntu0.1+esm1 libswscale5 - 7:4.2.7-0ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-3109 CVE-2022-3341 CVE-2022-3964 CVE-2022-3965 https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/2007269 Ubuntu 20.04 LTS It was discovered that Kerberos incorrectly handled memory when processing KDC data, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service or have other unspecified impacts. (CVE-2021-36222, CVE-2021-37750) Update Instructions: Run `sudo pro fix USN-5959-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libk5crypto3 - 1.17-6ubuntu4.3 krb5-kpropd - 1.17-6ubuntu4.3 krb5-user - 1.17-6ubuntu4.3 libgssrpc4 - 1.17-6ubuntu4.3 libkrb5support0 - 1.17-6ubuntu4.3 krb5-doc - 1.17-6ubuntu4.3 libkrb5-dev - 1.17-6ubuntu4.3 krb5-pkinit - 1.17-6ubuntu4.3 libkrb5-3 - 1.17-6ubuntu4.3 krb5-kdc-ldap - 1.17-6ubuntu4.3 krb5-otp - 1.17-6ubuntu4.3 krb5-gss-samples - 1.17-6ubuntu4.3 libkdb5-9 - 1.17-6ubuntu4.3 krb5-locales - 1.17-6ubuntu4.3 libgssapi-krb5-2 - 1.17-6ubuntu4.3 krb5-kdc - 1.17-6ubuntu4.3 libkrad-dev - 1.17-6ubuntu4.3 krb5-k5tls - 1.17-6ubuntu4.3 libkrad0 - 1.17-6ubuntu4.3 krb5-multidev - 1.17-6ubuntu4.3 libkadm5srv-mit11 - 1.17-6ubuntu4.3 libkadm5clnt-mit11 - 1.17-6ubuntu4.3 krb5-admin-server - 1.17-6ubuntu4.3 No subscription required Medium CVE-2021-36222 CVE-2021-37750 Ubuntu 20.04 LTS Yebo Cao discovered that Python incorrectly handled certain URLs. An attacker could possibly use this issue to bypass blocklisting methods by supplying a URL that starts with blank characters. Update Instructions: Run `sudo pro fix USN-5960-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.10-0ubuntu1~20.04.7 python3.8-full - 3.8.10-0ubuntu1~20.04.7 python3.8-examples - 3.8.10-0ubuntu1~20.04.7 python3.8-dev - 3.8.10-0ubuntu1~20.04.7 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.7 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.7 python3.8-venv - 3.8.10-0ubuntu1~20.04.7 libpython3.8 - 3.8.10-0ubuntu1~20.04.7 idle-python3.8 - 3.8.10-0ubuntu1~20.04.7 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.7 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.7 python3.8 - 3.8.10-0ubuntu1~20.04.7 python3.8-doc - 3.8.10-0ubuntu1~20.04.7 No subscription required Medium CVE-2023-24329 Ubuntu 20.04 LTS It was discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could use this issue to cause abcm2ps to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2018-10753, CVE-2018-10771, CVE-2019-1010069) Chiba of Topsec Alpha Lab discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could use this issue to cause abcm2ps to crash, leading to a denial of service. (CVE-2021-32434, CVE-2021-32435, CVE-2021-32436) Update Instructions: Run `sudo pro fix USN-5961-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: abcm2ps - 8.14.6-0.1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2018-10753 CVE-2018-10771 CVE-2019-1010069 CVE-2021-32434 CVE-2021-32435 CVE-2021-32436 Ubuntu 20.04 LTS It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-47024, CVE-2023-0049, CVE-2023-0054, CVE-2023-0288, CVE-2023-0433) It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2023-0051) It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-1170, CVE-2023-1175) It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2023-1264) Update Instructions: Run `sudo pro fix USN-5963-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.12 vim-athena - 2:8.1.2269-1ubuntu5.12 xxd - 2:8.1.2269-1ubuntu5.12 vim-gtk - 2:8.1.2269-1ubuntu5.12 vim-gui-common - 2:8.1.2269-1ubuntu5.12 vim - 2:8.1.2269-1ubuntu5.12 vim-doc - 2:8.1.2269-1ubuntu5.12 vim-tiny - 2:8.1.2269-1ubuntu5.12 vim-runtime - 2:8.1.2269-1ubuntu5.12 vim-gtk3 - 2:8.1.2269-1ubuntu5.12 vim-nox - 2:8.1.2269-1ubuntu5.12 No subscription required Medium CVE-2022-47024 CVE-2023-0049 CVE-2023-0051 CVE-2023-0054 CVE-2023-0288 CVE-2023-0433 CVE-2023-1170 CVE-2023-1175 CVE-2023-1264 Ubuntu 20.04 LTS Harry Sintonen discovered that curl incorrectly handled certain TELNET connection options. Due to lack of proper input scrubbing, curl could pass on user name and telnet options to the server as provided, contrary to expectations. (CVE-2023-27533) Harry Sintonen discovered that curl incorrectly handled special tilde characters when used with SFTP paths. A remote attacker could possibly use this issue to circumvent filtering. (CVE-2023-27534) Harry Sintonen discovered that curl incorrectly reused certain FTP connections. This could lead to the wrong credentials being reused, contrary to expectations. (CVE-2023-27535) Harry Sintonen discovered that curl incorrectly reused connections when the GSS delegation option had been changed. This could lead to the option being reused, contrary to expectations. (CVE-2023-27536) Harry Sintonen discovered that curl incorrectly reused certain SSH connections. This could lead to the wrong credentials being reused, contrary to expectations. (CVE-2023-27538) Update Instructions: Run `sudo pro fix USN-5964-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.18 libcurl4-openssl-dev - 7.68.0-1ubuntu2.18 libcurl3-gnutls - 7.68.0-1ubuntu2.18 libcurl4-doc - 7.68.0-1ubuntu2.18 libcurl3-nss - 7.68.0-1ubuntu2.18 libcurl4-nss-dev - 7.68.0-1ubuntu2.18 libcurl4 - 7.68.0-1ubuntu2.18 curl - 7.68.0-1ubuntu2.18 No subscription required Medium CVE-2023-27533 CVE-2023-27534 CVE-2023-27535 CVE-2023-27536 CVE-2023-27538 Ubuntu 20.04 LTS It was discovered that TigerVNC mishandled TLS certificate exceptions. An attacker could use this vulnerability to impersonate any server after a client had added an exception and obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5965-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tigervnc-xorg-extension - 1.10.1+dfsg-3ubuntu0.1+esm2 tigervnc-common - 1.10.1+dfsg-3ubuntu0.1+esm2 tigervnc-standalone-server - 1.10.1+dfsg-3ubuntu0.1+esm2 tigervnc-scraping-server - 1.10.1+dfsg-3ubuntu0.1+esm2 tigervnc-viewer - 1.10.1+dfsg-3ubuntu0.1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-26117 Ubuntu 20.04 LTS Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within amanda. calcsize is a suid binary owned by root that could possibly be used by a malicious local attacker to expose sensitive file system information. (CVE-2022-37703) Maher Azzouzi discovered a privilege escalation vulnerability in the rundump binary within amanda. rundump is a suid binary owned by root that did not perform adequate sanitization of environment variables or commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37704) Maher Azzouzi discovered a privilege escalation vulnerability in the runtar binary within amanda. runtar is a suid binary owned by root that did not perform adequate sanitization of commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37705) Update Instructions: Run `sudo pro fix USN-5966-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amanda-client - 1:3.5.1-2ubuntu0.1 amanda-common - 1:3.5.1-2ubuntu0.1 amanda-server - 1:3.5.1-2ubuntu0.1 No subscription required High CVE-2022-37703 CVE-2022-37704 CVE-2022-37705 Ubuntu 20.04 LTS USN-5966-1 fixed vulnerabilities in amanda. Unfortunately it introduced a regression in GNUTAR-based backups. This update reverts all of the changes in amanda until a better fix is provided. We apologize for the inconvenience. Original advisory details: Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within amanda. calcsize is a suid binary owned by root that could possibly be used by a malicious local attacker to expose sensitive file system information. (CVE-2022-37703) Maher Azzouzi discovered a privilege escalation vulnerability in the rundump binary within amanda. rundump is a suid binary owned by root that did not perform adequate sanitization of environment variables or commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37704) Maher Azzouzi discovered a privilege escalation vulnerability in the runtar binary within amanda. runtar is a suid binary owned by root that did not perform adequate sanitization of commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37705) Update Instructions: Run `sudo pro fix USN-5966-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amanda-client - 1:3.5.1-2ubuntu0.2 amanda-common - 1:3.5.1-2ubuntu0.2 amanda-server - 1:3.5.1-2ubuntu0.2 No subscription required None https://launchpad.net/bugs/2012536 Ubuntu 20.04 LTS USN-5966-1 fixed vulnerabilities in amanda. Unfortunately that update caused a regression and was reverted in USN-5966-2. This update provides security fixes for Ubuntu 22.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. We apologize for the inconvenience. Original advisory details: Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within amanda. calcsize is a suid binary owned by root that could possibly be used by a malicious local attacker to expose sensitive file system information. (CVE-2022-37703) Maher Azzouzi discovered a privilege escalation vulnerability in the rundump binary within amanda. rundump is a suid binary owned by root that did not perform adequate sanitization of environment variables or commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37704) Maher Azzouzi discovered a privilege escalation vulnerability in the runtar binary within amanda. runtar is a suid binary owned by root that did not perform adequate sanitization of commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37705) Update Instructions: Run `sudo pro fix USN-5966-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amanda-client - 1:3.5.1-2ubuntu0.3 amanda-common - 1:3.5.1-2ubuntu0.3 amanda-server - 1:3.5.1-2ubuntu0.3 No subscription required High CVE-2022-37703 CVE-2022-37704 CVE-2022-37705 https://launchpad.net/bugs/2012536 Ubuntu 20.04 LTS It was discovered that the set() method in object-path could be corrupted as a result of prototype pollution by sending a message to the parent process. An attacker could use this issue to cause object-path to crash. (CVE-2020-15256, CVE-2021-23434, CVE-2021-3805) Update Instructions: Run `sudo pro fix USN-5967-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-object-path - 0.11.4-2ubuntu0.1 No subscription required Medium CVE-2020-15256 CVE-2021-23434 CVE-2021-3805 Ubuntu 20.04 LTS It was discovered that GitPython did not properly sanitize user inputs for remote URLs in the clone command. By injecting a maliciously crafted remote URL, an attacker could possibly use this issue to execute arbitrary commands on the host. Update Instructions: Run `sudo pro fix USN-5968-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-git-doc - 3.0.7-1ubuntu0.1~esm1 python3-git - 3.0.7-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-24439 Ubuntu 20.04 LTS It was discovered that gif2apng contained multiple heap-base overflows. An attacker could potentially exploit this to cause a denial of service (system crash). (CVE-2021-45909, CVE-2021-45910, CVE-2021-45911) Update Instructions: Run `sudo pro fix USN-5969-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gif2apng - 1.9+srconly-3ubuntu0.1 No subscription required Medium CVE-2021-45909 CVE-2021-45910 CVE-2021-45911 Ubuntu 20.04 LTS It was discovered that graphviz contains null pointer dereference vulnerabilities. Exploitation via a specially crafted input file can cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-10196) It was discovered that graphviz contains null pointer dereference vulnerabilities. Exploitation via a specially crafted input file can cause a denial of service. These issues only affected Ubuntu 14.04 ESM and Ubuntu 18.04 LTS. (CVE-2019-11023) It was discovered that graphviz contains a buffer overflow vulnerability. Exploitation via a specially crafted input file can cause a denial of service or possibly allow for arbitrary code execution. These issues only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-18032) Update Instructions: Run `sudo pro fix USN-5971-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgv-perl - 2.42.2-3ubuntu0.1~esm1 python3-gv - 2.42.2-3ubuntu0.1~esm1 libcgraph6 - 2.42.2-3ubuntu0.1~esm1 libgv-tcl - 2.42.2-3ubuntu0.1~esm1 liblab-gamut1 - 2.42.2-3ubuntu0.1~esm1 libgvc6 - 2.42.2-3ubuntu0.1~esm1 libxdot4 - 2.42.2-3ubuntu0.1~esm1 libgv-php7 - 2.42.2-3ubuntu0.1~esm1 graphviz-doc - 2.42.2-3ubuntu0.1~esm1 graphviz - 2.42.2-3ubuntu0.1~esm1 libgv-lua - 2.42.2-3ubuntu0.1~esm1 libpathplan4 - 2.42.2-3ubuntu0.1~esm1 libcdt5 - 2.42.2-3ubuntu0.1~esm1 libgvpr2 - 2.42.2-3ubuntu0.1~esm1 libgraphviz-dev - 2.42.2-3ubuntu0.1~esm1 libgvc6-plugins-gtk - 2.42.2-3ubuntu0.1~esm1 libgv-guile - 2.42.2-3ubuntu0.1~esm1 libgv-ruby - 2.42.2-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2018-10196 CVE-2019-11023 CVE-2020-18032 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-25152, CVE-2023-28162, CVE-2023-28176) Lukas Bernhard discovered that Thunderbird did not properly manage memory when invalidating JIT code while following an iterator. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25751) Luan Herrera discovered that Thunderbird did not properly manage cross-origin iframe when dragging a URL. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-28164) Update Instructions: Run `sudo pro fix USN-5972-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.9.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.9.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.9.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.9.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-25751 CVE-2023-25752 CVE-2023-28162 CVE-2023-28164 CVE-2023-28176 Ubuntu 20.04 LTS It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or to perform a server-side request forgery attack or open redirect attack. (CVE-2018-3774) It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass input validation. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-8124) Yaniv Nizry discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or to perform a server-side request forgery attack or open redirect attack. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-27515) It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or to perform a server-side request forgery attack or open redirect attack. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-3664) It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass authorization. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-0512, CVE-2022-0639, CVE-2022-0691) Rohan Sharma discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass authorization. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-0686) Update Instructions: Run `sudo pro fix USN-5973-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-url-parse - 1.4.7-3ubuntu0.1 No subscription required Medium CVE-2018-3774 CVE-2020-8124 CVE-2021-27515 CVE-2021-3664 CVE-2022-0512 CVE-2022-0639 CVE-2022-0686 CVE-2022-0691 Ubuntu 20.04 LTS It was discovered that GraphicsMagick was not properly performing bounds checks when processing TGA image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted TGA image file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2018-20184) It was discovered that GraphicsMagick was not properly validating bits per pixel data when processing DIB image files. If a user or automated system were tricked into processing a specially crafted DIB image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2018-20189) It was discovered that GraphicsMagick was not properly processing bit-field mask values in BMP image files, which could result in the execution of an infinite loop. If a user or automated system were tricked into processing a specially crafted BMP image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2018-5685) It was discovered that GraphicsMagick was not properly validating data used in arithmetic operations when processing MNG image files, which could result in a divide-by-zero error. If a user or automated system were tricked into processing a specially crafted MNG image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2018-9018) It was discovered that GraphicsMagick was not properly performing bounds checks when processing MIFF image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted MIFF image file, an attacker could possibly use this issue to cause a denial of service or expose sensitive information. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2019-11006) It was discovered that GraphicsMagick did not properly magnify certain MNG image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted MNG image file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-12672) It was discovered that GraphicsMagick was not properly performing bounds checks when parsing certain MIFF image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted MIFF image file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1270) Update Instructions: Run `sudo pro fix USN-5974-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgraphics-magick-perl - 1.4+really1.3.35-1ubuntu0.1 libgraphicsmagick-q16-3 - 1.4+really1.3.35-1ubuntu0.1 libgraphicsmagick1-dev - 1.4+really1.3.35-1ubuntu0.1 graphicsmagick - 1.4+really1.3.35-1ubuntu0.1 graphicsmagick-imagemagick-compat - 1.4+really1.3.35-1ubuntu0.1 graphicsmagick-libmagick-dev-compat - 1.4+really1.3.35-1ubuntu0.1 libgraphicsmagick++-q16-12 - 1.4+really1.3.35-1ubuntu0.1 libgraphicsmagick++1-dev - 1.4+really1.3.35-1ubuntu0.1 No subscription required Medium CVE-2018-20184 CVE-2018-20189 CVE-2018-5685 CVE-2018-9018 CVE-2019-11006 CVE-2020-12672 CVE-2022-1270 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) Update Instructions: Run `sudo pro fix USN-5976-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-headers-5.14.0-1059 - 5.14.0-1059.67 linux-headers-5.14.0-1059-oem - 5.14.0-1059.67 linux-oem-5.14-tools-5.14.0-1059 - 5.14.0-1059.67 linux-image-5.14.0-1059-oem - 5.14.0-1059.67 linux-tools-5.14.0-1059-oem - 5.14.0-1059.67 linux-modules-5.14.0-1059-oem - 5.14.0-1059.67 linux-image-unsigned-5.14.0-1059-oem - 5.14.0-1059.67 linux-modules-iwlwifi-5.14.0-1059-oem - 5.14.0-1059.67 linux-oem-5.14-tools-host - 5.14.0-1059.67 linux-buildinfo-5.14.0-1059-oem - 5.14.0-1059.67 No subscription required linux-image-oem-20.04c - 5.14.0.1059.57 linux-image-oem-20.04b - 5.14.0.1059.57 linux-image-oem-20.04d - 5.14.0.1059.57 linux-headers-oem-20.04 - 5.14.0.1059.57 linux-tools-oem-20.04c - 5.14.0.1059.57 linux-tools-oem-20.04b - 5.14.0.1059.57 linux-oem-20.04 - 5.14.0.1059.57 linux-image-oem-20.04 - 5.14.0.1059.57 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1059.57 linux-oem-20.04d - 5.14.0.1059.57 linux-oem-20.04c - 5.14.0.1059.57 linux-oem-20.04b - 5.14.0.1059.57 linux-tools-oem-20.04d - 5.14.0.1059.57 linux-headers-oem-20.04b - 5.14.0.1059.57 linux-headers-oem-20.04c - 5.14.0.1059.57 linux-headers-oem-20.04d - 5.14.0.1059.57 linux-tools-oem-20.04 - 5.14.0.1059.57 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1059.57 No subscription required High CVE-2022-2196 CVE-2022-3061 CVE-2022-3628 CVE-2022-36280 CVE-2022-3646 CVE-2022-3649 CVE-2022-41850 CVE-2023-0394 CVE-2023-0461 Ubuntu 20.04 LTS It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4382) It was discovered that the RNDIS USB driver in the Linux kernel contained an integer overflow vulnerability. A local attacker with physical access could plug in a malicious USB device to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-23559) Update Instructions: Run `sudo pro fix USN-5980-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-source-5.4.0 - 5.4.0-1046.51 linux-modules-extra-5.4.0-1046-ibm - 5.4.0-1046.51 linux-ibm-cloud-tools-common - 5.4.0-1046.51 linux-ibm-tools-common - 5.4.0-1046.51 linux-ibm-headers-5.4.0-1046 - 5.4.0-1046.51 linux-image-unsigned-5.4.0-1046-ibm - 5.4.0-1046.51 linux-modules-5.4.0-1046-ibm - 5.4.0-1046.51 linux-buildinfo-5.4.0-1046-ibm - 5.4.0-1046.51 linux-tools-5.4.0-1046-ibm - 5.4.0-1046.51 linux-image-5.4.0-1046-ibm - 5.4.0-1046.51 linux-headers-5.4.0-1046-ibm - 5.4.0-1046.51 linux-ibm-tools-5.4.0-1046 - 5.4.0-1046.51 No subscription required linux-image-unsigned-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-tools-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-image-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-headers-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-gkeop-source-5.4.0 - 5.4.0-1066.70 linux-gkeop-headers-5.4.0-1066 - 5.4.0-1066.70 linux-gkeop-tools-5.4.0-1066 - 5.4.0-1066.70 linux-gkeop-cloud-tools-5.4.0-1066 - 5.4.0-1066.70 linux-cloud-tools-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-modules-extra-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-buildinfo-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-modules-5.4.0-1066-gkeop - 5.4.0-1066.70 No subscription required linux-raspi-headers-5.4.0-1082 - 5.4.0-1082.93 linux-modules-5.4.0-1082-raspi - 5.4.0-1082.93 linux-tools-5.4.0-1082-raspi - 5.4.0-1082.93 linux-buildinfo-5.4.0-1082-raspi - 5.4.0-1082.93 linux-headers-5.4.0-1082-raspi - 5.4.0-1082.93 linux-raspi-tools-5.4.0-1082 - 5.4.0-1082.93 linux-image-5.4.0-1082-raspi - 5.4.0-1082.93 No subscription required linux-kvm-tools-5.4.0-1088 - 5.4.0-1088.94 linux-kvm-headers-5.4.0-1088 - 5.4.0-1088.94 linux-buildinfo-5.4.0-1088-kvm - 5.4.0-1088.94 linux-tools-5.4.0-1088-kvm - 5.4.0-1088.94 linux-image-5.4.0-1088-kvm - 5.4.0-1088.94 linux-image-unsigned-5.4.0-1088-kvm - 5.4.0-1088.94 linux-headers-5.4.0-1088-kvm - 5.4.0-1088.94 linux-modules-5.4.0-1088-kvm - 5.4.0-1088.94 No subscription required linux-gke-tools-5.4.0-1096 - 5.4.0-1096.103 linux-image-unsigned-5.4.0-1096-gke - 5.4.0-1096.103 linux-modules-extra-5.4.0-1096-gke - 5.4.0-1096.103 linux-modules-5.4.0-1096-gke - 5.4.0-1096.103 linux-image-5.4.0-1096-gke - 5.4.0-1096.103 linux-headers-5.4.0-1096-gke - 5.4.0-1096.103 linux-gke-headers-5.4.0-1096 - 5.4.0-1096.103 linux-tools-5.4.0-1096-gke - 5.4.0-1096.103 linux-buildinfo-5.4.0-1096-gke - 5.4.0-1096.103 No subscription required linux-image-5.4.0-1098-oracle - 5.4.0-1098.107 linux-modules-5.4.0-1098-oracle - 5.4.0-1098.107 linux-modules-extra-5.4.0-1098-oracle - 5.4.0-1098.107 linux-headers-5.4.0-1098-oracle - 5.4.0-1098.107 linux-tools-5.4.0-1098-oracle - 5.4.0-1098.107 linux-oracle-tools-5.4.0-1098 - 5.4.0-1098.107 linux-oracle-headers-5.4.0-1098 - 5.4.0-1098.107 linux-buildinfo-5.4.0-1098-oracle - 5.4.0-1098.107 linux-image-unsigned-5.4.0-1098-oracle - 5.4.0-1098.107 No subscription required linux-image-5.4.0-1099-aws - 5.4.0-1099.107 linux-aws-cloud-tools-5.4.0-1099 - 5.4.0-1099.107 linux-buildinfo-5.4.0-1099-aws - 5.4.0-1099.107 linux-tools-5.4.0-1099-aws - 5.4.0-1099.107 linux-cloud-tools-5.4.0-1099-aws - 5.4.0-1099.107 linux-image-unsigned-5.4.0-1099-aws - 5.4.0-1099.107 linux-modules-5.4.0-1099-aws - 5.4.0-1099.107 linux-aws-tools-5.4.0-1099 - 5.4.0-1099.107 linux-headers-5.4.0-1099-aws - 5.4.0-1099.107 linux-aws-headers-5.4.0-1099 - 5.4.0-1099.107 linux-modules-extra-5.4.0-1099-aws - 5.4.0-1099.107 No subscription required linux-modules-extra-5.4.0-1102-gcp - 5.4.0-1102.111 linux-modules-5.4.0-1102-gcp - 5.4.0-1102.111 linux-buildinfo-5.4.0-1102-gcp - 5.4.0-1102.111 linux-gcp-tools-5.4.0-1102 - 5.4.0-1102.111 linux-image-5.4.0-1102-gcp - 5.4.0-1102.111 linux-gcp-headers-5.4.0-1102 - 5.4.0-1102.111 linux-tools-5.4.0-1102-gcp - 5.4.0-1102.111 linux-image-unsigned-5.4.0-1102-gcp - 5.4.0-1102.111 linux-headers-5.4.0-1102-gcp - 5.4.0-1102.111 No subscription required linux-azure-tools-5.4.0-1105 - 5.4.0-1105.111 linux-modules-5.4.0-1105-azure - 5.4.0-1105.111 linux-buildinfo-5.4.0-1105-azure - 5.4.0-1105.111 linux-azure-headers-5.4.0-1105 - 5.4.0-1105.111 linux-tools-5.4.0-1105-azure - 5.4.0-1105.111 linux-image-5.4.0-1105-azure - 5.4.0-1105.111 linux-cloud-tools-5.4.0-1105-azure - 5.4.0-1105.111 linux-headers-5.4.0-1105-azure - 5.4.0-1105.111 linux-image-unsigned-5.4.0-1105-azure - 5.4.0-1105.111 linux-modules-extra-5.4.0-1105-azure - 5.4.0-1105.111 linux-azure-cloud-tools-5.4.0-1105 - 5.4.0-1105.111 No subscription required linux-cloud-tools-5.4.0-146-generic - 5.4.0-146.163 linux-tools-common - 5.4.0-146.163 linux-image-unsigned-5.4.0-146-lowlatency - 5.4.0-146.163 linux-tools-host - 5.4.0-146.163 linux-doc - 5.4.0-146.163 linux-modules-5.4.0-146-generic - 5.4.0-146.163 linux-image-unsigned-5.4.0-146-generic - 5.4.0-146.163 linux-buildinfo-5.4.0-146-lowlatency - 5.4.0-146.163 linux-buildinfo-5.4.0-146-generic-lpae - 5.4.0-146.163 linux-headers-5.4.0-146 - 5.4.0-146.163 linux-libc-dev - 5.4.0-146.163 linux-source-5.4.0 - 5.4.0-146.163 linux-modules-5.4.0-146-generic-lpae - 5.4.0-146.163 linux-tools-5.4.0-146 - 5.4.0-146.163 linux-image-5.4.0-146-generic-lpae - 5.4.0-146.163 linux-buildinfo-5.4.0-146-generic - 5.4.0-146.163 linux-modules-extra-5.4.0-146-generic - 5.4.0-146.163 linux-cloud-tools-5.4.0-146 - 5.4.0-146.163 linux-tools-5.4.0-146-lowlatency - 5.4.0-146.163 linux-headers-5.4.0-146-generic - 5.4.0-146.163 linux-modules-5.4.0-146-lowlatency - 5.4.0-146.163 linux-cloud-tools-common - 5.4.0-146.163 linux-image-5.4.0-146-generic - 5.4.0-146.163 linux-tools-5.4.0-146-generic-lpae - 5.4.0-146.163 linux-headers-5.4.0-146-generic-lpae - 5.4.0-146.163 linux-image-5.4.0-146-lowlatency - 5.4.0-146.163 linux-cloud-tools-5.4.0-146-lowlatency - 5.4.0-146.163 linux-headers-5.4.0-146-lowlatency - 5.4.0-146.163 linux-tools-5.4.0-146-generic - 5.4.0-146.163 No subscription required linux-modules-extra-ibm - 5.4.0.1046.72 linux-image-ibm - 5.4.0.1046.72 linux-headers-ibm-lts-20.04 - 5.4.0.1046.72 linux-tools-ibm - 5.4.0.1046.72 linux-image-ibm-lts-20.04 - 5.4.0.1046.72 linux-ibm-lts-20.04 - 5.4.0.1046.72 linux-ibm - 5.4.0.1046.72 linux-tools-ibm-lts-20.04 - 5.4.0.1046.72 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1046.72 linux-headers-ibm - 5.4.0.1046.72 No subscription required linux-cloud-tools-gkeop-5.4 - 5.4.0.1066.64 linux-image-gkeop - 5.4.0.1066.64 linux-gkeop-5.4 - 5.4.0.1066.64 linux-headers-gkeop - 5.4.0.1066.64 linux-image-gkeop-5.4 - 5.4.0.1066.64 linux-gkeop - 5.4.0.1066.64 linux-cloud-tools-gkeop - 5.4.0.1066.64 linux-modules-extra-gkeop-5.4 - 5.4.0.1066.64 linux-headers-gkeop-5.4 - 5.4.0.1066.64 linux-modules-extra-gkeop - 5.4.0.1066.64 linux-tools-gkeop - 5.4.0.1066.64 linux-tools-gkeop-5.4 - 5.4.0.1066.64 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1082.112 linux-raspi2 - 5.4.0.1082.112 linux-headers-raspi2 - 5.4.0.1082.112 linux-image-raspi-hwe-18.04 - 5.4.0.1082.112 linux-image-raspi2-hwe-18.04 - 5.4.0.1082.112 linux-tools-raspi - 5.4.0.1082.112 linux-headers-raspi-hwe-18.04 - 5.4.0.1082.112 linux-headers-raspi2-hwe-18.04 - 5.4.0.1082.112 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1082.112 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1082.112 linux-headers-raspi - 5.4.0.1082.112 linux-raspi2-hwe-18.04-edge - 5.4.0.1082.112 linux-image-raspi-hwe-18.04-edge - 5.4.0.1082.112 linux-raspi-hwe-18.04 - 5.4.0.1082.112 linux-tools-raspi2-hwe-18.04 - 5.4.0.1082.112 linux-raspi2-hwe-18.04 - 5.4.0.1082.112 linux-image-raspi2 - 5.4.0.1082.112 linux-tools-raspi-hwe-18.04 - 5.4.0.1082.112 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1082.112 linux-raspi-hwe-18.04-edge - 5.4.0.1082.112 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1082.112 linux-image-raspi - 5.4.0.1082.112 linux-tools-raspi2 - 5.4.0.1082.112 linux-raspi - 5.4.0.1082.112 No subscription required linux-kvm - 5.4.0.1088.82 linux-headers-kvm - 5.4.0.1088.82 linux-tools-kvm - 5.4.0.1088.82 linux-image-kvm - 5.4.0.1088.82 No subscription required linux-modules-extra-gke - 5.4.0.1096.101 linux-headers-gke-5.4 - 5.4.0.1096.101 linux-modules-extra-gke-5.4 - 5.4.0.1096.101 linux-gke-5.4 - 5.4.0.1096.101 linux-tools-gke - 5.4.0.1096.101 linux-gke - 5.4.0.1096.101 linux-headers-gke - 5.4.0.1096.101 linux-image-gke - 5.4.0.1096.101 linux-image-gke-5.4 - 5.4.0.1096.101 linux-tools-gke-5.4 - 5.4.0.1096.101 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1098.91 linux-headers-oracle-lts-20.04 - 5.4.0.1098.91 linux-oracle-lts-20.04 - 5.4.0.1098.91 linux-image-oracle-lts-20.04 - 5.4.0.1098.91 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1099.96 linux-image-aws-lts-20.04 - 5.4.0.1099.96 linux-headers-aws-lts-20.04 - 5.4.0.1099.96 linux-tools-aws-lts-20.04 - 5.4.0.1099.96 linux-aws-lts-20.04 - 5.4.0.1099.96 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1102.104 linux-gcp-lts-20.04 - 5.4.0.1102.104 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1102.104 linux-headers-gcp-lts-20.04 - 5.4.0.1102.104 linux-image-gcp-lts-20.04 - 5.4.0.1102.104 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1105.98 linux-azure-lts-20.04 - 5.4.0.1105.98 linux-image-azure-lts-20.04 - 5.4.0.1105.98 linux-modules-extra-azure-lts-20.04 - 5.4.0.1105.98 linux-tools-azure-lts-20.04 - 5.4.0.1105.98 linux-headers-azure-lts-20.04 - 5.4.0.1105.98 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.146.144 linux-cloud-tools-virtual - 5.4.0.146.144 linux-image-generic-hwe-18.04 - 5.4.0.146.144 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.146.144 linux-headers-generic-lpae - 5.4.0.146.144 linux-image-virtual - 5.4.0.146.144 linux-oem-osp1-tools-host - 5.4.0.146.144 linux-image-generic - 5.4.0.146.144 linux-tools-lowlatency - 5.4.0.146.144 linux-image-oem - 5.4.0.146.144 linux-headers-lowlatency-hwe-18.04 - 5.4.0.146.144 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.146.144 linux-image-extra-virtual-hwe-18.04 - 5.4.0.146.144 linux-image-generic-lpae-hwe-18.04 - 5.4.0.146.144 linux-crashdump - 5.4.0.146.144 linux-tools-lowlatency-hwe-18.04 - 5.4.0.146.144 linux-headers-generic-hwe-18.04 - 5.4.0.146.144 linux-headers-virtual-hwe-18.04-edge - 5.4.0.146.144 linux-source - 5.4.0.146.144 linux-lowlatency - 5.4.0.146.144 linux-tools-virtual-hwe-18.04-edge - 5.4.0.146.144 linux-tools-generic-lpae - 5.4.0.146.144 linux-cloud-tools-generic - 5.4.0.146.144 linux-virtual - 5.4.0.146.144 linux-tools-virtual - 5.4.0.146.144 linux-tools-generic - 5.4.0.146.144 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.146.144 linux-generic-lpae-hwe-18.04-edge - 5.4.0.146.144 linux-lowlatency-hwe-18.04-edge - 5.4.0.146.144 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.146.144 linux-headers-oem - 5.4.0.146.144 linux-generic - 5.4.0.146.144 linux-tools-oem-osp1 - 5.4.0.146.144 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.146.144 linux-image-lowlatency - 5.4.0.146.144 linux-headers-virtual-hwe-18.04 - 5.4.0.146.144 linux-image-virtual-hwe-18.04 - 5.4.0.146.144 linux-cloud-tools-lowlatency - 5.4.0.146.144 linux-headers-lowlatency - 5.4.0.146.144 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.146.144 linux-image-generic-hwe-18.04-edge - 5.4.0.146.144 linux-generic-hwe-18.04-edge - 5.4.0.146.144 linux-tools-generic-hwe-18.04-edge - 5.4.0.146.144 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.146.144 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.146.144 linux-oem - 5.4.0.146.144 linux-image-extra-virtual - 5.4.0.146.144 linux-image-oem-osp1 - 5.4.0.146.144 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.146.144 linux-tools-oem - 5.4.0.146.144 linux-headers-oem-osp1 - 5.4.0.146.144 linux-generic-lpae - 5.4.0.146.144 linux-virtual-hwe-18.04 - 5.4.0.146.144 linux-generic-lpae-hwe-18.04 - 5.4.0.146.144 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.146.144 linux-headers-generic-hwe-18.04-edge - 5.4.0.146.144 linux-headers-generic - 5.4.0.146.144 linux-oem-osp1 - 5.4.0.146.144 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.146.144 linux-image-lowlatency-hwe-18.04 - 5.4.0.146.144 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.146.144 linux-virtual-hwe-18.04-edge - 5.4.0.146.144 linux-headers-virtual - 5.4.0.146.144 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.146.144 linux-tools-virtual-hwe-18.04 - 5.4.0.146.144 linux-lowlatency-hwe-18.04 - 5.4.0.146.144 linux-generic-hwe-18.04 - 5.4.0.146.144 linux-image-generic-lpae - 5.4.0.146.144 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.146.144 linux-image-virtual-hwe-18.04-edge - 5.4.0.146.144 linux-tools-generic-hwe-18.04 - 5.4.0.146.144 linux-oem-tools-host - 5.4.0.146.144 No subscription required Medium CVE-2021-3669 CVE-2022-2196 CVE-2022-4382 CVE-2023-23559 Ubuntu 20.04 LTS It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3424) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41218) Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4382) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate attributes in certain situations, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-48423) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate attributes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-48424) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer lengths, leading to a heap-based buffer overflow. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-0210) It was discovered that a use-after-free vulnerability existed in the Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0266) Kyle Zeng discovered that the class-based queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23454) Kyle Zeng discovered that the ATM VC queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23455) It was discovered that the RNDIS USB driver in the Linux kernel contained an integer overflow vulnerability. A local attacker with physical access could plug in a malicious USB device to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-23559) It was discovered that the NTFS file system implementation in the Linux kernel did not properly handle a loop termination condition, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-26606) Wei Chen discovered that the DVB USB AZ6027 driver in the Linux kernel contained a null pointer dereference when handling certain messages from user space. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-28328) Update Instructions: Run `sudo pro fix USN-5982-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-image-unsigned-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-image-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-tools-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-buildinfo-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-modules-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-modules-iwlwifi-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-gcp-5.15-tools-5.15.0-1031 - 5.15.0-1031.38~20.04.1 linux-gcp-5.15-headers-5.15.0-1031 - 5.15.0-1031.38~20.04.1 linux-modules-extra-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 No subscription required linux-oracle-5.15-tools-5.15.0-1032 - 5.15.0-1032.38~20.04.1 linux-oracle-5.15-headers-5.15.0-1032 - 5.15.0-1032.38~20.04.1 linux-modules-extra-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 linux-tools-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 linux-image-unsigned-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 linux-headers-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 linux-modules-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 linux-buildinfo-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 linux-image-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 No subscription required linux-modules-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-tools-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1033 - 5.15.0-1033.37~20.04.1 linux-headers-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-image-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-buildinfo-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-aws-5.15-tools-5.15.0-1033 - 5.15.0-1033.37~20.04.1 linux-aws-5.15-headers-5.15.0-1033 - 5.15.0-1033.37~20.04.1 linux-modules-extra-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-cloud-tools-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-image-unsigned-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1035 - 5.15.0-1035.42~20.04.1 linux-tools-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-buildinfo-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-image-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-headers-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-image-unsigned-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-azure-5.15-headers-5.15.0-1035 - 5.15.0-1035.42~20.04.1 linux-modules-extra-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-cloud-tools-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-modules-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1035 - 5.15.0-1035.42~20.04.1 No subscription required linux-buildinfo-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-tools-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-modules-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-tools-5.15.0-69-lowlatency-64k - 5.15.0-69.76~20.04.1 linux-headers-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-69 - 5.15.0-69.76~20.04.1 linux-image-5.15.0-69-generic-lpae - 5.15.0-69.76~20.04.1 linux-image-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-image-unsigned-5.15.0-69-generic-64k - 5.15.0-69.76~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-69.76~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-69.76~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-69.76~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-69 - 5.15.0-69.76~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-69.76~20.04.1 linux-tools-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-image-unsigned-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-cloud-tools-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-headers-5.15.0-69-lowlatency-64k - 5.15.0-69.76~20.04.1 linux-modules-5.15.0-69-generic-lpae - 5.15.0-69.76~20.04.1 linux-buildinfo-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-headers-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-modules-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-image-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-modules-5.15.0-69-lowlatency-64k - 5.15.0-69.76~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-69.76~20.04.1 linux-tools-5.15.0-69-generic-lpae - 5.15.0-69.76~20.04.1 linux-cloud-tools-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-69 - 5.15.0-69.76~20.04.1 linux-image-5.15.0-69-generic-64k - 5.15.0-69.76~20.04.1 linux-headers-5.15.0-69-generic-lpae - 5.15.0-69.76~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-69 - 5.15.0-69.76~20.04.1 linux-modules-5.15.0-69-generic-64k - 5.15.0-69.76~20.04.1 linux-image-5.15.0-69-lowlatency-64k - 5.15.0-69.76~20.04.1 linux-hwe-5.15-headers-5.15.0-69 - 5.15.0-69.76~20.04.1 linux-buildinfo-5.15.0-69-generic-lpae - 5.15.0-69.76~20.04.1 linux-buildinfo-5.15.0-69-generic-64k - 5.15.0-69.76~20.04.1 linux-headers-5.15.0-69-generic-64k - 5.15.0-69.76~20.04.1 linux-tools-5.15.0-69-generic-64k - 5.15.0-69.76~20.04.1 linux-buildinfo-5.15.0-69-lowlatency-64k - 5.15.0-69.76~20.04.1 linux-hwe-5.15-tools-5.15.0-69 - 5.15.0-69.76~20.04.1 linux-modules-extra-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-69.76~20.04.1 linux-modules-iwlwifi-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-69.76~20.04.1 linux-modules-iwlwifi-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-image-unsigned-5.15.0-69-lowlatency-64k - 5.15.0-69.76~20.04.1 linux-image-unsigned-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1031.38~20.04.1 linux-headers-gcp-edge - 5.15.0.1031.38~20.04.1 linux-tools-gcp - 5.15.0.1031.38~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1031.38~20.04.1 linux-gcp - 5.15.0.1031.38~20.04.1 linux-tools-gcp-edge - 5.15.0.1031.38~20.04.1 linux-headers-gcp - 5.15.0.1031.38~20.04.1 linux-image-gcp - 5.15.0.1031.38~20.04.1 linux-modules-extra-gcp - 5.15.0.1031.38~20.04.1 linux-gcp-edge - 5.15.0.1031.38~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1032.38~20.04.1 linux-tools-oracle - 5.15.0.1032.38~20.04.1 linux-tools-oracle-edge - 5.15.0.1032.38~20.04.1 linux-oracle-edge - 5.15.0.1032.38~20.04.1 linux-image-oracle-edge - 5.15.0.1032.38~20.04.1 linux-headers-oracle-edge - 5.15.0.1032.38~20.04.1 linux-image-oracle - 5.15.0.1032.38~20.04.1 linux-oracle - 5.15.0.1032.38~20.04.1 No subscription required linux-image-aws - 5.15.0.1033.37~20.04.22 linux-headers-aws - 5.15.0.1033.37~20.04.22 linux-modules-extra-aws-edge - 5.15.0.1033.37~20.04.22 linux-image-aws-edge - 5.15.0.1033.37~20.04.22 linux-aws-edge - 5.15.0.1033.37~20.04.22 linux-aws - 5.15.0.1033.37~20.04.22 linux-tools-aws - 5.15.0.1033.37~20.04.22 linux-headers-aws-edge - 5.15.0.1033.37~20.04.22 linux-modules-extra-aws - 5.15.0.1033.37~20.04.22 linux-tools-aws-edge - 5.15.0.1033.37~20.04.22 No subscription required linux-tools-azure-edge - 5.15.0.1035.42~20.04.25 linux-cloud-tools-azure - 5.15.0.1035.42~20.04.25 linux-tools-azure - 5.15.0.1035.42~20.04.25 linux-image-azure-edge - 5.15.0.1035.42~20.04.25 linux-cloud-tools-azure-edge - 5.15.0.1035.42~20.04.25 linux-modules-extra-azure - 5.15.0.1035.42~20.04.25 linux-azure - 5.15.0.1035.42~20.04.25 linux-image-azure - 5.15.0.1035.42~20.04.25 linux-headers-azure-edge - 5.15.0.1035.42~20.04.25 linux-azure-edge - 5.15.0.1035.42~20.04.25 linux-modules-extra-azure-edge - 5.15.0.1035.42~20.04.25 linux-headers-azure - 5.15.0.1035.42~20.04.25 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-headers-lowlatency-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-image-lowlatency-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-lowlatency-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-lowlatency-64k-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-tools-lowlatency-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-lowlatency-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.27 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-image-virtual-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-headers-virtual-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-headers-generic-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-image-virtual-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-image-extra-virtual-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-headers-virtual-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-virtual-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-image-generic-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-headers-generic-64k-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-generic-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-virtual-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-tools-generic-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-generic-lpae-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-generic-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-generic-lpae-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-tools-generic-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-headers-generic-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-generic-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-image-generic-lpae-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-tools-virtual-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-tools-generic-64k-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-tools-virtual-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-image-generic-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-generic-64k-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-image-generic-64k-hwe-20.04 - 5.15.0.69.76~20.04.30 No subscription required Medium CVE-2022-2196 CVE-2022-3424 CVE-2022-36280 CVE-2022-41218 CVE-2022-4382 CVE-2022-48423 CVE-2022-48424 CVE-2023-0045 CVE-2023-0210 CVE-2023-0266 CVE-2023-23454 CVE-2023-23455 CVE-2023-23559 CVE-2023-26606 CVE-2023-28328 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges. Update Instructions: Run `sudo pro fix USN-5986-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.8 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.8 xwayland - 2:1.20.13-1ubuntu1~20.04.8 xdmx - 2:1.20.13-1ubuntu1~20.04.8 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.8 xvfb - 2:1.20.13-1ubuntu1~20.04.8 xnest - 2:1.20.13-1ubuntu1~20.04.8 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.8 xserver-common - 2:1.20.13-1ubuntu1~20.04.8 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.8 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.8 No subscription required Medium CVE-2023-1393 Ubuntu 20.04 LTS It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3424) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41218) Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4382) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate attributes in certain situations, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-48423) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate attributes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-48424) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer lengths, leading to a heap-based buffer overflow. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-0210) It was discovered that a use-after-free vulnerability existed in the Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0266) Kyle Zeng discovered that the class-based queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23454) Kyle Zeng discovered that the ATM VC queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23455) It was discovered that the RNDIS USB driver in the Linux kernel contained an integer overflow vulnerability. A local attacker with physical access could plug in a malicious USB device to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-23559) It was discovered that the NTFS file system implementation in the Linux kernel did not properly handle a loop termination condition, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-26606) Wei Chen discovered that the DVB USB AZ6027 driver in the Linux kernel contained a null pointer dereference when handling certain messages from user space. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-28328) Update Instructions: Run `sudo pro fix USN-5987-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-gke-5.15-headers-5.15.0-1029 - 5.15.0-1029.34~20.04.1 linux-image-unsigned-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-modules-iwlwifi-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-buildinfo-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-modules-extra-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-gke-5.15-tools-5.15.0-1029 - 5.15.0-1029.34~20.04.1 linux-headers-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-image-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-tools-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 No subscription required linux-image-gke-edge - 5.15.0.1029.34~20.04.1 linux-headers-gke-5.15 - 5.15.0.1029.34~20.04.1 linux-tools-gke-edge - 5.15.0.1029.34~20.04.1 linux-gke-edge - 5.15.0.1029.34~20.04.1 linux-image-gke-5.15 - 5.15.0.1029.34~20.04.1 linux-tools-gke-5.15 - 5.15.0.1029.34~20.04.1 linux-headers-gke-edge - 5.15.0.1029.34~20.04.1 linux-gke-5.15 - 5.15.0.1029.34~20.04.1 No subscription required Medium CVE-2022-2196 CVE-2022-3424 CVE-2022-36280 CVE-2022-41218 CVE-2022-4382 CVE-2022-48423 CVE-2022-48424 CVE-2023-0045 CVE-2023-0210 CVE-2023-0266 CVE-2023-23454 CVE-2023-23455 CVE-2023-23559 CVE-2023-26606 CVE-2023-28328 Ubuntu 20.04 LTS It was discovered that integer overflows vulnerabilities existed in Xcftools. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-5086, CVE-2019-5087) Update Instructions: Run `sudo pro fix USN-5988-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xcftools - 1.0.7-6ubuntu0.20.04.1 No subscription required Medium CVE-2019-5086 CVE-2019-5087 Ubuntu 20.04 LTS It was discovered that musl did not handle certain i386 math functions properly. An attacker could use this vulnerability to cause a denial of service (crash) or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2019-14697) It was discovered that musl did not handle wide-character conversion properly. A remote attacker could use this vulnerability to cause resource consumption (infinite loop), denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-28928) Update Instructions: Run `sudo pro fix USN-5990-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: musl-dev - 1.1.24-1ubuntu0.1~esm1 musl-tools - 1.1.24-1ubuntu0.1~esm1 musl - 1.1.24-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-14697 CVE-2020-28928 Ubuntu 20.04 LTS Demi Marie Obenour discovered that ldb, when used with Samba, incorrectly handled certain confidential attribute values. A remote authenticated attacker could possibly use this issue to obtain certain sensitive information. Update Instructions: Run `sudo pro fix USN-5992-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ldb-tools - 2:2.4.4-0ubuntu0.20.04.2 libldb2 - 2:2.4.4-0ubuntu0.20.04.2 python3-ldb - 2:2.4.4-0ubuntu0.20.04.2 libldb-dev - 2:2.4.4-0ubuntu0.20.04.2 python3-ldb-dev - 2:2.4.4-0ubuntu0.20.04.2 No subscription required Medium CVE-2023-0614 Ubuntu 20.04 LTS Demi Marie Obenour discovered that the Samba LDAP server incorrectly handled certain confidential attribute values. A remote authenticated attacker could possibly use this issue to obtain certain sensitive information. (CVE-2023-0614) Andrew Bartlett discovered that the Samba AD DC admin tool incorrectly sent passwords in cleartext. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-0922) Update Instructions: Run `sudo pro fix USN-5993-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: registry-tools - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-testsuite - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba - 2:4.15.13+dfsg-0ubuntu0.20.04.2 libnss-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.2 libpam-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.2 winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.2 smbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.2 libwbclient0 - 2:4.15.13+dfsg-0ubuntu0.20.04.2 libwbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-common-bin - 2:4.15.13+dfsg-0ubuntu0.20.04.2 libsmbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-dsdb-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.2 libsmbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-vfs-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-common - 2:4.15.13+dfsg-0ubuntu0.20.04.2 ctdb - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-libs - 2:4.15.13+dfsg-0ubuntu0.20.04.2 python3-samba - 2:4.15.13+dfsg-0ubuntu0.20.04.2 No subscription required Medium CVE-2023-0614 CVE-2023-0922 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-0413, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733, CVE-2022-1735, CVE-2022-1785, CVE-2022-1796, CVE-2022-1851, CVE-2022-1898, CVE-2022-1942, CVE-2022-1968, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2183, CVE-2022-2206, CVE-2022-2304, CVE-2022-2345, CVE-2022-2581) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1720, CVE-2022-2571, CVE-2022-2845, CVE-2022-2849, CVE-2022-2923) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-1927, CVE-2022-2344) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-2946) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-2980) Update Instructions: Run `sudo pro fix USN-5995-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.13 vim-athena - 2:8.1.2269-1ubuntu5.13 vim-tiny - 2:8.1.2269-1ubuntu5.13 vim-gtk - 2:8.1.2269-1ubuntu5.13 vim-gui-common - 2:8.1.2269-1ubuntu5.13 vim - 2:8.1.2269-1ubuntu5.13 vim-doc - 2:8.1.2269-1ubuntu5.13 xxd - 2:8.1.2269-1ubuntu5.13 vim-runtime - 2:8.1.2269-1ubuntu5.13 vim-gtk3 - 2:8.1.2269-1ubuntu5.13 vim-nox - 2:8.1.2269-1ubuntu5.13 No subscription required Medium CVE-2022-0413 CVE-2022-1629 CVE-2022-1674 CVE-2022-1720 CVE-2022-1733 CVE-2022-1735 CVE-2022-1785 CVE-2022-1796 CVE-2022-1851 CVE-2022-1898 CVE-2022-1927 CVE-2022-1942 CVE-2022-1968 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-2129 CVE-2022-2175 CVE-2022-2183 CVE-2022-2206 CVE-2022-2304 CVE-2022-2344 CVE-2022-2345 CVE-2022-2571 CVE-2022-2581 CVE-2022-2845 CVE-2022-2849 CVE-2022-2923 CVE-2022-2946 CVE-2022-2980 Ubuntu 20.04 LTS It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-26767, CVE-2023-26768, CVE-2023-26769) Update Instructions: Run `sudo pro fix USN-5996-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblouis-dev - 3.12.0-3ubuntu0.2 python3-louis - 3.12.0-3ubuntu0.2 liblouis-data - 3.12.0-3ubuntu0.2 liblouis20 - 3.12.0-3ubuntu0.2 liblouis-bin - 3.12.0-3ubuntu0.2 No subscription required Medium CVE-2023-26767 CVE-2023-26768 CVE-2023-26769 Ubuntu 20.04 LTS It was discovered that IPMItool was not properly checking the data received from a remote LAN party. A remote attacker could possibly use this issue to to cause a crash or arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5997-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ipmitool - 1.8.18-8ubuntu0.1 No subscription required Medium CVE-2020-5208 Ubuntu 20.04 LTS It was discovered that the SocketServer component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. (CVE-2019-17571) It was discovered that the JMSSink component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-23302) It was discovered that Apache Log4j 1.2 incorrectly handled certain SQL statements. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-23305) It was discovered that the Chainsaw component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-23307) Update Instructions: Run `sudo pro fix USN-5998-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4j1.2-java-doc - 1.2.17-9ubuntu0.2 liblog4j1.2-java - 1.2.17-9ubuntu0.2 No subscription required Medium CVE-2022-23302 CVE-2022-23305 CVE-2022-23307 CVE-2019-17571 Ubuntu 20.04 LTS It was discovered that trim-newlines incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-33623) Update Instructions: Run `sudo pro fix USN-5999-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-trim-newlines - 1.0.0-1ubuntu0.20.04.1 No subscription required Medium CVE-2021-33623 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3169) It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3424) Gwangun Jung discovered a race condition in the IPv4 implementation in the Linux kernel when deleting multipath routes, resulting in an out-of-bounds read. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3435) It was discovered that a race condition existed in the Kernel Connection Multiplexor (KCM) socket implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3521) It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3545) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41218) It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-4139) It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-42328, CVE-2022-42329) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate offsets, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2022-47520) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) It was discovered that a use-after-free vulnerability existed in the Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0266) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) Wei Chen discovered that a race condition existed in the TIPC protocol implementation in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1382) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) Kyle Zeng discovered that the class-based queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23454) Kyle Zeng discovered that the ATM VC queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23455) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate attributes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2023-26607) Wei Chen discovered that the DVB USB AZ6027 driver in the Linux kernel contained a null pointer dereference when handling certain messages from user space. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-28328) Update Instructions: Run `sudo pro fix USN-6000-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-headers-5.4.0-1059 - 5.4.0-1059.65 linux-image-unsigned-5.4.0-1059-bluefield - 5.4.0-1059.65 linux-headers-5.4.0-1059-bluefield - 5.4.0-1059.65 linux-tools-5.4.0-1059-bluefield - 5.4.0-1059.65 linux-buildinfo-5.4.0-1059-bluefield - 5.4.0-1059.65 linux-image-5.4.0-1059-bluefield - 5.4.0-1059.65 linux-bluefield-tools-5.4.0-1059 - 5.4.0-1059.65 linux-modules-5.4.0-1059-bluefield - 5.4.0-1059.65 No subscription required linux-bluefield - 5.4.0.1059.54 linux-tools-bluefield - 5.4.0.1059.54 linux-image-bluefield - 5.4.0.1059.54 linux-headers-bluefield - 5.4.0.1059.54 No subscription required High CVE-2022-3169 CVE-2022-3424 CVE-2022-3435 CVE-2022-3521 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-41218 CVE-2022-4139 CVE-2022-42328 CVE-2022-42329 CVE-2022-47520 CVE-2022-47929 CVE-2023-0045 CVE-2023-0266 CVE-2023-0394 CVE-2023-0461 CVE-2023-1382 CVE-2023-20938 CVE-2023-23454 CVE-2023-23455 CVE-2023-26607 CVE-2023-28328 Ubuntu 20.04 LTS Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly escaped control characters in log messages and sudoreplay output. An attacker could possibly use these issues to inject terminal control characters that alter output when being viewed. Update Instructions: Run `sudo pro fix USN-6005-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sudo-ldap - 1.8.31-1ubuntu1.5 sudo - 1.8.31-1ubuntu1.5 No subscription required Medium CVE-2023-28486 CVE-2023-28487 Ubuntu 20.04 LTS It was discovered that Exo did not properly sanitized desktop files. A remote attacker could possibly use this issue to to cause a crash or arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6008-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libexo-2-dev - 0.12.11-1ubuntu1.20.04.1+esm1 libexo-helpers - 0.12.11-1ubuntu1.20.04.1+esm1 libexo-common - 0.12.11-1ubuntu1.20.04.1+esm1 libexo-1-0 - 0.12.11-1ubuntu1.20.04.1+esm1 exo-utils - 0.12.11-1ubuntu1.20.04.1+esm1 libexo-1-dev - 0.12.11-1ubuntu1.20.04.1+esm1 libexo-2-0 - 0.12.11-1ubuntu1.20.04.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-32278 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-29537, CVE-2023-29540, CVE-2023-29543, CVE-2023-29544, CVE-2023-29547, CVE-2023-29548, CVE-2023-29549, CVE-2023-29550, CVE-2023-29551) Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-29533) Lukas Bernhard discovered that Firefox did not properly manage memory when doing Garbage Collector compaction. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29535) Zx from qriousec discovered that Firefox did not properly validate the address to free a pointer provided to the memory manager. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29536) Alexis aka zoracon discovered that Firefox did not properly validate the URI received by the WebExtension during a load request. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-29538) Trung Pham discovered that Firefox did not properly validate the filename directive in the Content-Disposition header. An attacker could possibly exploit this to perform reflected file download attacks potentially tricking users to install malware. (CVE-2023-29539) Ameen Basha M K discovered that Firefox did not properly validate downloads of files ending in .desktop. An attacker could potentially exploits this issue to execute arbitrary code. (CVE-2023-29541) Update Instructions: Run `sudo pro fix USN-6010-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 112.0+build2-0ubuntu0.20.04.1 firefox - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 112.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 112.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 112.0+build2-0ubuntu0.20.04.1 firefox-dev - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 112.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-29533 CVE-2023-29535 CVE-2023-29536 CVE-2023-29537 CVE-2023-29538 CVE-2023-29539 CVE-2023-29540 CVE-2023-29541 CVE-2023-29543 CVE-2023-29544 CVE-2023-29547 CVE-2023-29548 CVE-2023-29549 CVE-2023-29550 CVE-2023-29551 Ubuntu 20.04 LTS USN-6010-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-29537, CVE-2023-29540, CVE-2023-29543, CVE-2023-29544, CVE-2023-29547, CVE-2023-29548, CVE-2023-29549, CVE-2023-29550, CVE-2023-29551) Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-29533) Lukas Bernhard discovered that Firefox did not properly manage memory when doing Garbage Collector compaction. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29535) Zx from qriousec discovered that Firefox did not properly validate the address to free a pointer provided to the memory manager. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29536) Alexis aka zoracon discovered that Firefox did not properly validate the URI received by the WebExtension during a load request. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-29538) Trung Pham discovered that Firefox did not properly validate the filename directive in the Content-Disposition header. An attacker could possibly exploit this to perform reflected file download attacks potentially tricking users to install malware. (CVE-2023-29539) Ameen Basha M K discovered that Firefox did not properly validate downloads of files ending in .desktop. An attacker could potentially exploits this issue to execute arbitrary code. (CVE-2023-29541) Update Instructions: Run `sudo pro fix USN-6010-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 112.0.1+build1-0ubuntu0.20.04.1 firefox - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 112.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 112.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 112.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 112.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2016835 Ubuntu 20.04 LTS USN-6010-1 fixed vulnerabilities and USN-6010-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-29537, CVE-2023-29540, CVE-2023-29543, CVE-2023-29544, CVE-2023-29547, CVE-2023-29548, CVE-2023-29549, CVE-2023-29550, CVE-2023-29551) Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-29533) Lukas Bernhard discovered that Firefox did not properly manage memory when doing Garbage Collector compaction. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29535) Zx from qriousec discovered that Firefox did not properly validate the address to free a pointer provided to the memory manager. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29536) Alexis aka zoracon discovered that Firefox did not properly validate the URI received by the WebExtension during a load request. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-29538) Trung Pham discovered that Firefox did not properly validate the filename directive in the Content-Disposition header. An attacker could possibly exploit this to perform reflected file download attacks potentially tricking users to install malware. (CVE-2023-29539) Ameen Basha M K discovered that Firefox did not properly validate downloads of files ending in .desktop. An attacker could potentially exploits this issue to execute arbitrary code. (CVE-2023-29541) Update Instructions: Run `sudo pro fix USN-6010-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 112.0.2+build1-0ubuntu0.20.04.1 firefox - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 112.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 112.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 112.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 112.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2017722 Ubuntu 20.04 LTS It was discovered that Json-smart incorrectly handled memory when processing input containing unclosed quotes. A remote attacker could possibly use this issue to cause applications using Json-smart to crash, leading to a denial of service. (CVE-2021-31684) It was discovered that Json-smart incorrectly handled memory when processing input containing unclosed brackets. A remote attacker could possibly use this issue to cause applications using Json-smart to crash, leading to a denial of service. (CVE-2023-1370) Update Instructions: Run `sudo pro fix USN-6011-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjson-smart-java - 2.2-2ubuntu0.20.04.1 No subscription required Medium CVE-2021-31684 CVE-2023-1370 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-1945, CVE-2023-29548, CVE-2023-29550) Paul Menzel discovered that Thunderbird did not properly validate OCSP revocation status of recipient certificates when sending S/Mime encrypted email. An attacker could potentially exploits this issue to perform spoofing attack. (CVE-2023-0547) Ribose RNP Team discovered that Thunderbird did not properly manage memory when parsing certain OpenPGP messages. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29479) Irvan Kurniawan discovered that Thunderbird did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-29533) Lukas Bernhard discovered that Thunderbird did not properly manage memory when doing Garbage Collector compaction. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29535) Zx from qriousec discovered that Thunderbird did not properly validate the address to free a pointer provided to the memory manager. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29536) Trung Pham discovered that Thunderbird did not properly validate the filename directive in the Content-Disposition header. An attacker could possibly exploit this to perform reflected file download attacks potentially tricking users to install malware. (CVE-2023-29539) Ameen Basha M K discovered that Thunderbird did not properly validate downloads of files ending in .desktop. An attacker could potentially exploits this issue to execute arbitrary code. (CVE-2023-29541) Update Instructions: Run `sudo pro fix USN-6015-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.10.0+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.10.0+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.10.0+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.10.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-0547 CVE-2023-1945 CVE-2023-29479 CVE-2023-29533 CVE-2023-29535 CVE-2023-29536 CVE-2023-29539 CVE-2023-29541 CVE-2023-29548 CVE-2023-29550 Ubuntu 20.04 LTS It was discovered that thenify incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6016-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-thenify - 3.3.0-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2020-7677 Ubuntu 20.04 LTS Hadrien Perrineau discovered that Ghostscript incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6017-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.7 ghostscript-x - 9.50~dfsg-5ubuntu4.7 libgs-dev - 9.50~dfsg-5ubuntu4.7 ghostscript-doc - 9.50~dfsg-5ubuntu4.7 libgs9 - 9.50~dfsg-5ubuntu4.7 libgs9-common - 9.50~dfsg-5ubuntu4.7 No subscription required Medium CVE-2023-28879 Ubuntu 20.04 LTS Chen Lu, Lei Wang, and YiQi Sun discovered a privilege escalation vulnerability in apport-cli when viewing crash reports and unprivileged users are allowed to run sudo less. A local attacker on a specially configured system could use this to escalate their privilege. Update Instructions: Run `sudo pro fix USN-6018-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.26 apport-kde - 2.20.11-0ubuntu27.26 apport-retrace - 2.20.11-0ubuntu27.26 apport-valgrind - 2.20.11-0ubuntu27.26 python3-apport - 2.20.11-0ubuntu27.26 dh-apport - 2.20.11-0ubuntu27.26 apport-gtk - 2.20.11-0ubuntu27.26 apport - 2.20.11-0ubuntu27.26 apport-noui - 2.20.11-0ubuntu27.26 No subscription required Medium CVE-2023-1326 https://launchpad.net/bugs/2016023 Ubuntu 20.04 LTS It was discovered that Flask-CORS did not properly escape paths before evaluating resource rules. An attacker could possibly use this to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6019-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-flask-cors - 3.0.8-2ubuntu0.1 No subscription required Medium CVE-2020-25032 Ubuntu 20.04 LTS It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4382) It was discovered that the RNDIS USB driver in the Linux kernel contained an integer overflow vulnerability. A local attacker with physical access could plug in a malicious USB device to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-23559) Update Instructions: Run `sudo pro fix USN-6020-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1060-bluefield - 5.4.0-1060.66 linux-bluefield-headers-5.4.0-1060 - 5.4.0-1060.66 linux-bluefield-tools-5.4.0-1060 - 5.4.0-1060.66 linux-image-unsigned-5.4.0-1060-bluefield - 5.4.0-1060.66 linux-buildinfo-5.4.0-1060-bluefield - 5.4.0-1060.66 linux-headers-5.4.0-1060-bluefield - 5.4.0-1060.66 linux-tools-5.4.0-1060-bluefield - 5.4.0-1060.66 linux-modules-5.4.0-1060-bluefield - 5.4.0-1060.66 No subscription required linux-bluefield - 5.4.0.1060.55 linux-tools-bluefield - 5.4.0.1060.55 linux-image-bluefield - 5.4.0.1060.55 linux-headers-bluefield - 5.4.0.1060.55 No subscription required Medium CVE-2021-3669 CVE-2022-2196 CVE-2022-4382 CVE-2023-23559 Ubuntu 20.04 LTS It was discovered that Kamailio did not properly sanitize SIP messages under certain circumstances. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and 18.04 ESM. (CVE-2018-16657) It was discovered that Kamailio did not properly validate INVITE requests under certain circumstances. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. (CVE-2020-27507) Update Instructions: Run `sudo pro fix USN-6022-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: kamailio-radius-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-lua-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-postgres-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-perl-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-ruby-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-mysql-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-utils-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-extra-modules - 5.3.2-1ubuntu0.1~esm1 kamailio - 5.3.2-1ubuntu0.1~esm1 kamailio-cpl-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-mono-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-kazoo-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-rabbitmq-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-cnxcc-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-snmpstats-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-tls-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-xmpp-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-presence-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-json-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-sctp-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-mongodb-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-geoip-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-sqlite-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-ldap-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-websocket-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-ims-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-phonenum-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-redis-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-python3-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-erlang-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-autheph-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-outbound-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-systemd-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-berkeley-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-geoip2-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-unixodbc-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-xml-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-berkeley-bin - 5.3.2-1ubuntu0.1~esm1 kamailio-memcached-modules - 5.3.2-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2018-16657 CVE-2020-27507 Ubuntu 20.04 LTS It was discovered that LibreOffice may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory. Update Instructions: Run `sudo pro fix USN-6023-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.7 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.7 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.7 python3-uno - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.7 libreoffice - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.7 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.7 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.7 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.7 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.7 libridl-java - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.7 python3-access2base - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.7 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.7 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.7 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.7 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.7 libunoil-java - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.7 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.7 libjurt-java - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.7 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.7 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.7 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.7 ure - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.7 libjuh-java - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.7 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.7 No subscription required Low CVE-2022-38745 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-0386) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-4842) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) It was discovered that the NFS implementation in the Linux kernel did not properly handle pending tasks in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1652) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) Update Instructions: Run `sudo pro fix USN-6025-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-image-unsigned-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-buildinfo-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-gke-5.15-headers-5.15.0-1031 - 5.15.0-1031.36~20.04.1 linux-modules-iwlwifi-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-modules-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-gke-5.15-tools-5.15.0-1031 - 5.15.0-1031.36~20.04.1 linux-image-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-modules-extra-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-tools-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 No subscription required linux-modules-iwlwifi-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-headers-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-tools-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-modules-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-image-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-modules-extra-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-gcp-5.15-tools-5.15.0-1032 - 5.15.0-1032.40~20.04.1 linux-gcp-5.15-headers-5.15.0-1032 - 5.15.0-1032.40~20.04.1 linux-buildinfo-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-image-unsigned-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 No subscription required linux-tools-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 linux-oracle-5.15-tools-5.15.0-1033 - 5.15.0-1033.39~20.04.1 linux-headers-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 linux-image-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 linux-oracle-5.15-headers-5.15.0-1033 - 5.15.0-1033.39~20.04.1 linux-modules-extra-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 linux-image-unsigned-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 linux-modules-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 linux-buildinfo-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 No subscription required linux-buildinfo-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-tools-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-cloud-tools-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1034 - 5.15.0-1034.38~20.04.1 linux-modules-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-image-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-headers-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-aws-5.15-tools-5.15.0-1034 - 5.15.0-1034.38~20.04.1 linux-aws-5.15-headers-5.15.0-1034 - 5.15.0-1034.38~20.04.1 linux-modules-extra-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-image-unsigned-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1036 - 5.15.0-1036.43~20.04.1 linux-buildinfo-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-image-unsigned-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-modules-extra-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-modules-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-azure-5.15-headers-5.15.0-1036 - 5.15.0-1036.43~20.04.1 linux-headers-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-image-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-cloud-tools-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-tools-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1036 - 5.15.0-1036.43~20.04.1 No subscription required linux-headers-5.15.0-70-lowlatency-64k - 5.15.0-70.77~20.04.1 linux-buildinfo-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-buildinfo-5.15.0-70-lowlatency-64k - 5.15.0-70.77~20.04.1 linux-image-5.15.0-70-lowlatency-64k - 5.15.0-70.77~20.04.1 linux-image-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-70 - 5.15.0-70.77~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-70.77~20.04.1 linux-modules-5.15.0-70-lowlatency-64k - 5.15.0-70.77~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-70.77~20.04.1 linux-tools-5.15.0-70-lowlatency-64k - 5.15.0-70.77~20.04.1 linux-tools-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-70 - 5.15.0-70.77~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-70 - 5.15.0-70.77~20.04.1 linux-image-unsigned-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-image-unsigned-5.15.0-70-lowlatency-64k - 5.15.0-70.77~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-70.77~20.04.1 linux-cloud-tools-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-headers-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-modules-iwlwifi-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-modules-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 No subscription required linux-tools-gke-5.15 - 5.15.0.1031.36~20.04.1 linux-headers-gke-edge - 5.15.0.1031.36~20.04.1 linux-image-gke-edge - 5.15.0.1031.36~20.04.1 linux-gke-5.15 - 5.15.0.1031.36~20.04.1 linux-image-gke-5.15 - 5.15.0.1031.36~20.04.1 linux-tools-gke-edge - 5.15.0.1031.36~20.04.1 linux-gke-edge - 5.15.0.1031.36~20.04.1 linux-headers-gke-5.15 - 5.15.0.1031.36~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1032.40~20.04.1 linux-image-gcp - 5.15.0.1032.40~20.04.1 linux-headers-gcp-edge - 5.15.0.1032.40~20.04.1 linux-modules-extra-gcp - 5.15.0.1032.40~20.04.1 linux-tools-gcp - 5.15.0.1032.40~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1032.40~20.04.1 linux-headers-gcp - 5.15.0.1032.40~20.04.1 linux-gcp - 5.15.0.1032.40~20.04.1 linux-tools-gcp-edge - 5.15.0.1032.40~20.04.1 linux-gcp-edge - 5.15.0.1032.40~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1033.39~20.04.1 linux-image-oracle-edge - 5.15.0.1033.39~20.04.1 linux-tools-oracle-edge - 5.15.0.1033.39~20.04.1 linux-oracle-edge - 5.15.0.1033.39~20.04.1 linux-oracle - 5.15.0.1033.39~20.04.1 linux-headers-oracle-edge - 5.15.0.1033.39~20.04.1 linux-image-oracle - 5.15.0.1033.39~20.04.1 linux-tools-oracle - 5.15.0.1033.39~20.04.1 No subscription required linux-headers-aws - 5.15.0.1034.38~20.04.23 linux-image-aws - 5.15.0.1034.38~20.04.23 linux-modules-extra-aws-edge - 5.15.0.1034.38~20.04.23 linux-tools-aws-edge - 5.15.0.1034.38~20.04.23 linux-image-aws-edge - 5.15.0.1034.38~20.04.23 linux-aws-edge - 5.15.0.1034.38~20.04.23 linux-aws - 5.15.0.1034.38~20.04.23 linux-headers-aws-edge - 5.15.0.1034.38~20.04.23 linux-modules-extra-aws - 5.15.0.1034.38~20.04.23 linux-tools-aws - 5.15.0.1034.38~20.04.23 No subscription required linux-tools-azure-edge - 5.15.0.1036.43~20.04.26 linux-cloud-tools-azure - 5.15.0.1036.43~20.04.26 linux-headers-azure-cvm - 5.15.0.1036.43~20.04.26 linux-image-azure-edge - 5.15.0.1036.43~20.04.26 linux-image-azure-cvm - 5.15.0.1036.43~20.04.26 linux-modules-extra-azure-cvm - 5.15.0.1036.43~20.04.26 linux-tools-azure-cvm - 5.15.0.1036.43~20.04.26 linux-cloud-tools-azure-edge - 5.15.0.1036.43~20.04.26 linux-modules-extra-azure - 5.15.0.1036.43~20.04.26 linux-azure - 5.15.0.1036.43~20.04.26 linux-image-azure - 5.15.0.1036.43~20.04.26 linux-cloud-tools-azure-cvm - 5.15.0.1036.43~20.04.26 linux-headers-azure-edge - 5.15.0.1036.43~20.04.26 linux-azure-edge - 5.15.0.1036.43~20.04.26 linux-tools-azure - 5.15.0.1036.43~20.04.26 linux-azure-cvm - 5.15.0.1036.43~20.04.26 linux-modules-extra-azure-edge - 5.15.0.1036.43~20.04.26 linux-headers-azure - 5.15.0.1036.43~20.04.26 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-headers-lowlatency-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-image-lowlatency-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-lowlatency-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-lowlatency-64k-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-tools-lowlatency-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-lowlatency-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.28 No subscription required High CVE-2022-4129 CVE-2022-47929 CVE-2022-4842 CVE-2023-0386 CVE-2023-0394 CVE-2023-1073 CVE-2023-1074 CVE-2023-1281 CVE-2023-1652 CVE-2023-26545 Ubuntu 20.04 LTS It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-4166) It was discovered that Vim was using freed memory when dealing with regular expressions inside a visual selection. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-4192) It was discovered that Vim was incorrectly handling virtual column position operations, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-4193) It was discovered that Vim was not properly performing bounds checks when updating windows present on a screen, which could result in a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0213) It was discovered that Vim was incorrectly performing read and write operations when in visual block mode, going beyond the end of a line and causing a heap buffer overflow. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0261, CVE-2022-0318) It was discovered that Vim was incorrectly handling window exchanging operations when in Visual mode, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. (CVE-2022-0319) It was discovered that Vim was incorrectly handling recursion when parsing conditional expressions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0351) It was discovered that Vim was not properly handling memory allocation when processing data in Ex mode, which could result in a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0359) It was discovered that Vim was not properly performing bounds checks when executing line operations in Visual mode, which could result in a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0361, CVE-2022-0368) It was discovered that Vim was not properly handling loop conditions when looking for spell suggestions, which could result in a stack buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0408) It was discovered that Vim was incorrectly handling memory access when executing buffer operations, which could result in the usage of freed memory. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-0443) It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. (CVE-2022-0554) It was discovered that Vim was not properly performing bounds checks for column numbers when replacing tabs with spaces or spaces with tabs, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0572) It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0629) It was discovered that Vim was not properly performing validation of data that contained special multi-byte characters, which could cause an out-of-bounds read. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0685) It was discovered that Vim was incorrectly processing data used to define indentation in a file, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0714) It was discovered that Vim was incorrectly processing certain regular expression patterns and strings, which could cause an out-of-bounds read. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0729) It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution. (CVE-2022-2207) Update Instructions: Run `sudo pro fix USN-6026-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.14 vim-athena - 2:8.1.2269-1ubuntu5.14 vim-tiny - 2:8.1.2269-1ubuntu5.14 vim-gtk - 2:8.1.2269-1ubuntu5.14 vim-gui-common - 2:8.1.2269-1ubuntu5.14 vim - 2:8.1.2269-1ubuntu5.14 vim-doc - 2:8.1.2269-1ubuntu5.14 xxd - 2:8.1.2269-1ubuntu5.14 vim-runtime - 2:8.1.2269-1ubuntu5.14 vim-gtk3 - 2:8.1.2269-1ubuntu5.14 vim-nox - 2:8.1.2269-1ubuntu5.14 No subscription required Medium CVE-2021-4166 CVE-2021-4192 CVE-2021-4193 CVE-2022-0213 CVE-2022-0261 CVE-2022-0318 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0368 CVE-2022-0408 CVE-2022-0443 CVE-2022-0554 CVE-2022-0572 CVE-2022-0629 CVE-2022-0685 CVE-2022-0714 CVE-2022-0729 CVE-2022-2207 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3108) It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3903) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) Update Instructions: Run `sudo pro fix USN-6027-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1047-ibm - 5.4.0-1047.52 linux-ibm-source-5.4.0 - 5.4.0-1047.52 linux-ibm-tools-common - 5.4.0-1047.52 linux-image-unsigned-5.4.0-1047-ibm - 5.4.0-1047.52 linux-modules-5.4.0-1047-ibm - 5.4.0-1047.52 linux-buildinfo-5.4.0-1047-ibm - 5.4.0-1047.52 linux-ibm-cloud-tools-common - 5.4.0-1047.52 linux-tools-5.4.0-1047-ibm - 5.4.0-1047.52 linux-ibm-headers-5.4.0-1047 - 5.4.0-1047.52 linux-image-5.4.0-1047-ibm - 5.4.0-1047.52 linux-headers-5.4.0-1047-ibm - 5.4.0-1047.52 linux-ibm-tools-5.4.0-1047 - 5.4.0-1047.52 No subscription required linux-headers-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-modules-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-cloud-tools-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-tools-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-gkeop-source-5.4.0 - 5.4.0-1067.71 linux-gkeop-headers-5.4.0-1067 - 5.4.0-1067.71 linux-modules-extra-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-gkeop-tools-5.4.0-1067 - 5.4.0-1067.71 linux-buildinfo-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-image-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-gkeop-cloud-tools-5.4.0-1067 - 5.4.0-1067.71 linux-image-unsigned-5.4.0-1067-gkeop - 5.4.0-1067.71 No subscription required linux-raspi-headers-5.4.0-1083 - 5.4.0-1083.94 linux-tools-5.4.0-1083-raspi - 5.4.0-1083.94 linux-headers-5.4.0-1083-raspi - 5.4.0-1083.94 linux-image-5.4.0-1083-raspi - 5.4.0-1083.94 linux-raspi-tools-5.4.0-1083 - 5.4.0-1083.94 linux-modules-5.4.0-1083-raspi - 5.4.0-1083.94 linux-buildinfo-5.4.0-1083-raspi - 5.4.0-1083.94 No subscription required linux-image-5.4.0-1089-kvm - 5.4.0-1089.95 linux-tools-5.4.0-1089-kvm - 5.4.0-1089.95 linux-kvm-tools-5.4.0-1089 - 5.4.0-1089.95 linux-headers-5.4.0-1089-kvm - 5.4.0-1089.95 linux-buildinfo-5.4.0-1089-kvm - 5.4.0-1089.95 linux-kvm-headers-5.4.0-1089 - 5.4.0-1089.95 linux-image-unsigned-5.4.0-1089-kvm - 5.4.0-1089.95 linux-modules-5.4.0-1089-kvm - 5.4.0-1089.95 No subscription required linux-gke-tools-5.4.0-1097 - 5.4.0-1097.104 linux-image-5.4.0-1097-gke - 5.4.0-1097.104 linux-modules-5.4.0-1097-gke - 5.4.0-1097.104 linux-buildinfo-5.4.0-1097-gke - 5.4.0-1097.104 linux-image-unsigned-5.4.0-1097-gke - 5.4.0-1097.104 linux-modules-extra-5.4.0-1097-gke - 5.4.0-1097.104 linux-gke-headers-5.4.0-1097 - 5.4.0-1097.104 linux-tools-5.4.0-1097-gke - 5.4.0-1097.104 linux-headers-5.4.0-1097-gke - 5.4.0-1097.104 No subscription required linux-oracle-headers-5.4.0-1099 - 5.4.0-1099.108 linux-modules-5.4.0-1099-oracle - 5.4.0-1099.108 linux-buildinfo-5.4.0-1099-oracle - 5.4.0-1099.108 linux-image-unsigned-5.4.0-1099-oracle - 5.4.0-1099.108 linux-image-5.4.0-1099-oracle - 5.4.0-1099.108 linux-modules-extra-5.4.0-1099-oracle - 5.4.0-1099.108 linux-headers-5.4.0-1099-oracle - 5.4.0-1099.108 linux-oracle-tools-5.4.0-1099 - 5.4.0-1099.108 linux-tools-5.4.0-1099-oracle - 5.4.0-1099.108 No subscription required linux-buildinfo-5.4.0-1100-aws - 5.4.0-1100.108 linux-image-5.4.0-1100-aws - 5.4.0-1100.108 linux-aws-headers-5.4.0-1100 - 5.4.0-1100.108 linux-cloud-tools-5.4.0-1100-aws - 5.4.0-1100.108 linux-modules-5.4.0-1100-aws - 5.4.0-1100.108 linux-aws-tools-5.4.0-1100 - 5.4.0-1100.108 linux-tools-5.4.0-1100-aws - 5.4.0-1100.108 linux-headers-5.4.0-1100-aws - 5.4.0-1100.108 linux-aws-cloud-tools-5.4.0-1100 - 5.4.0-1100.108 linux-image-unsigned-5.4.0-1100-aws - 5.4.0-1100.108 linux-modules-extra-5.4.0-1100-aws - 5.4.0-1100.108 No subscription required linux-image-5.4.0-1103-gcp - 5.4.0-1103.112 linux-headers-5.4.0-1103-gcp - 5.4.0-1103.112 linux-gcp-headers-5.4.0-1103 - 5.4.0-1103.112 linux-buildinfo-5.4.0-1103-gcp - 5.4.0-1103.112 linux-modules-5.4.0-1103-gcp - 5.4.0-1103.112 linux-gcp-tools-5.4.0-1103 - 5.4.0-1103.112 linux-modules-extra-5.4.0-1103-gcp - 5.4.0-1103.112 linux-image-unsigned-5.4.0-1103-gcp - 5.4.0-1103.112 linux-tools-5.4.0-1103-gcp - 5.4.0-1103.112 No subscription required linux-tools-5.4.0-1106-azure - 5.4.0-1106.112 linux-azure-tools-5.4.0-1106 - 5.4.0-1106.112 linux-modules-5.4.0-1106-azure - 5.4.0-1106.112 linux-azure-headers-5.4.0-1106 - 5.4.0-1106.112 linux-image-5.4.0-1106-azure - 5.4.0-1106.112 linux-headers-5.4.0-1106-azure - 5.4.0-1106.112 linux-cloud-tools-5.4.0-1106-azure - 5.4.0-1106.112 linux-image-unsigned-5.4.0-1106-azure - 5.4.0-1106.112 linux-azure-cloud-tools-5.4.0-1106 - 5.4.0-1106.112 linux-modules-extra-5.4.0-1106-azure - 5.4.0-1106.112 linux-buildinfo-5.4.0-1106-azure - 5.4.0-1106.112 No subscription required linux-tools-common - 5.4.0-147.164 linux-tools-host - 5.4.0-147.164 linux-doc - 5.4.0-147.164 linux-tools-5.4.0-147-generic-lpae - 5.4.0-147.164 linux-image-5.4.0-147-generic - 5.4.0-147.164 linux-headers-5.4.0-147 - 5.4.0-147.164 linux-headers-5.4.0-147-generic - 5.4.0-147.164 linux-image-5.4.0-147-generic-lpae - 5.4.0-147.164 linux-image-5.4.0-147-lowlatency - 5.4.0-147.164 linux-cloud-tools-5.4.0-147 - 5.4.0-147.164 linux-tools-5.4.0-147 - 5.4.0-147.164 linux-image-unsigned-5.4.0-147-generic - 5.4.0-147.164 linux-modules-5.4.0-147-generic-lpae - 5.4.0-147.164 linux-headers-5.4.0-147-lowlatency - 5.4.0-147.164 linux-buildinfo-5.4.0-147-generic - 5.4.0-147.164 linux-buildinfo-5.4.0-147-lowlatency - 5.4.0-147.164 linux-modules-extra-5.4.0-147-generic - 5.4.0-147.164 linux-tools-5.4.0-147-generic - 5.4.0-147.164 linux-modules-5.4.0-147-generic - 5.4.0-147.164 linux-cloud-tools-common - 5.4.0-147.164 linux-tools-5.4.0-147-lowlatency - 5.4.0-147.164 linux-image-unsigned-5.4.0-147-lowlatency - 5.4.0-147.164 linux-cloud-tools-5.4.0-147-generic - 5.4.0-147.164 linux-source-5.4.0 - 5.4.0-147.164 linux-buildinfo-5.4.0-147-generic-lpae - 5.4.0-147.164 linux-headers-5.4.0-147-generic-lpae - 5.4.0-147.164 linux-cloud-tools-5.4.0-147-lowlatency - 5.4.0-147.164 linux-libc-dev - 5.4.0-147.164 linux-modules-5.4.0-147-lowlatency - 5.4.0-147.164 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1047.73 linux-image-ibm - 5.4.0.1047.73 linux-headers-ibm-lts-20.04 - 5.4.0.1047.73 linux-tools-ibm - 5.4.0.1047.73 linux-image-ibm-lts-20.04 - 5.4.0.1047.73 linux-ibm-lts-20.04 - 5.4.0.1047.73 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1047.73 linux-modules-extra-ibm - 5.4.0.1047.73 linux-ibm - 5.4.0.1047.73 linux-headers-ibm - 5.4.0.1047.73 No subscription required linux-headers-gkeop - 5.4.0.1067.65 linux-cloud-tools-gkeop-5.4 - 5.4.0.1067.65 linux-image-gkeop - 5.4.0.1067.65 linux-gkeop-5.4 - 5.4.0.1067.65 linux-image-gkeop-5.4 - 5.4.0.1067.65 linux-gkeop - 5.4.0.1067.65 linux-cloud-tools-gkeop - 5.4.0.1067.65 linux-modules-extra-gkeop-5.4 - 5.4.0.1067.65 linux-headers-gkeop-5.4 - 5.4.0.1067.65 linux-modules-extra-gkeop - 5.4.0.1067.65 linux-tools-gkeop - 5.4.0.1067.65 linux-tools-gkeop-5.4 - 5.4.0.1067.65 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1083.113 linux-raspi2 - 5.4.0.1083.113 linux-headers-raspi2 - 5.4.0.1083.113 linux-image-raspi-hwe-18.04 - 5.4.0.1083.113 linux-image-raspi2-hwe-18.04 - 5.4.0.1083.113 linux-headers-raspi2-hwe-18.04 - 5.4.0.1083.113 linux-headers-raspi-hwe-18.04 - 5.4.0.1083.113 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1083.113 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1083.113 linux-headers-raspi - 5.4.0.1083.113 linux-raspi2-hwe-18.04-edge - 5.4.0.1083.113 linux-raspi-hwe-18.04 - 5.4.0.1083.113 linux-tools-raspi - 5.4.0.1083.113 linux-tools-raspi2-hwe-18.04 - 5.4.0.1083.113 linux-raspi-hwe-18.04-edge - 5.4.0.1083.113 linux-raspi2-hwe-18.04 - 5.4.0.1083.113 linux-image-raspi-hwe-18.04-edge - 5.4.0.1083.113 linux-image-raspi2 - 5.4.0.1083.113 linux-tools-raspi-hwe-18.04 - 5.4.0.1083.113 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1083.113 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1083.113 linux-image-raspi - 5.4.0.1083.113 linux-tools-raspi2 - 5.4.0.1083.113 linux-raspi - 5.4.0.1083.113 No subscription required linux-kvm - 5.4.0.1089.83 linux-headers-kvm - 5.4.0.1089.83 linux-image-kvm - 5.4.0.1089.83 linux-tools-kvm - 5.4.0.1089.83 No subscription required linux-modules-extra-gke - 5.4.0.1097.102 linux-headers-gke-5.4 - 5.4.0.1097.102 linux-modules-extra-gke-5.4 - 5.4.0.1097.102 linux-gke-5.4 - 5.4.0.1097.102 linux-gke - 5.4.0.1097.102 linux-tools-gke - 5.4.0.1097.102 linux-headers-gke - 5.4.0.1097.102 linux-image-gke-5.4 - 5.4.0.1097.102 linux-image-gke - 5.4.0.1097.102 linux-tools-gke-5.4 - 5.4.0.1097.102 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1099.92 linux-oracle-lts-20.04 - 5.4.0.1099.92 linux-tools-oracle-lts-20.04 - 5.4.0.1099.92 linux-image-oracle-lts-20.04 - 5.4.0.1099.92 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1100.97 linux-image-aws-lts-20.04 - 5.4.0.1100.97 linux-headers-aws-lts-20.04 - 5.4.0.1100.97 linux-tools-aws-lts-20.04 - 5.4.0.1100.97 linux-aws-lts-20.04 - 5.4.0.1100.97 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1103.105 linux-gcp-lts-20.04 - 5.4.0.1103.105 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1103.105 linux-headers-gcp-lts-20.04 - 5.4.0.1103.105 linux-image-gcp-lts-20.04 - 5.4.0.1103.105 No subscription required linux-azure-lts-20.04 - 5.4.0.1106.99 linux-tools-azure-lts-20.04 - 5.4.0.1106.99 linux-image-azure-lts-20.04 - 5.4.0.1106.99 linux-modules-extra-azure-lts-20.04 - 5.4.0.1106.99 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1106.99 linux-headers-azure-lts-20.04 - 5.4.0.1106.99 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.147.145 linux-headers-generic-hwe-18.04-edge - 5.4.0.147.145 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.147.145 linux-image-generic-hwe-18.04 - 5.4.0.147.145 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.147.145 linux-headers-generic-lpae - 5.4.0.147.145 linux-image-virtual - 5.4.0.147.145 linux-oem-osp1-tools-host - 5.4.0.147.145 linux-cloud-tools-lowlatency - 5.4.0.147.145 linux-tools-lowlatency - 5.4.0.147.145 linux-image-oem - 5.4.0.147.145 linux-tools-lowlatency-hwe-18.04 - 5.4.0.147.145 linux-lowlatency-hwe-18.04 - 5.4.0.147.145 linux-headers-lowlatency-hwe-18.04 - 5.4.0.147.145 linux-cloud-tools-virtual - 5.4.0.147.145 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.147.145 linux-lowlatency-hwe-18.04-edge - 5.4.0.147.145 linux-image-extra-virtual-hwe-18.04 - 5.4.0.147.145 linux-oem - 5.4.0.147.145 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.147.145 linux-image-oem-osp1 - 5.4.0.147.145 linux-image-generic-lpae-hwe-18.04 - 5.4.0.147.145 linux-crashdump - 5.4.0.147.145 linux-headers-generic-hwe-18.04 - 5.4.0.147.145 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.147.145 linux-headers-virtual-hwe-18.04-edge - 5.4.0.147.145 linux-source - 5.4.0.147.145 linux-lowlatency - 5.4.0.147.145 linux-tools-virtual-hwe-18.04-edge - 5.4.0.147.145 linux-tools-generic-lpae - 5.4.0.147.145 linux-cloud-tools-generic - 5.4.0.147.145 linux-virtual - 5.4.0.147.145 linux-headers-virtual-hwe-18.04 - 5.4.0.147.145 linux-tools-generic - 5.4.0.147.145 linux-virtual-hwe-18.04 - 5.4.0.147.145 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.147.145 linux-tools-virtual - 5.4.0.147.145 linux-generic-lpae-hwe-18.04-edge - 5.4.0.147.145 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.147.145 linux-headers-oem - 5.4.0.147.145 linux-generic - 5.4.0.147.145 linux-tools-oem-osp1 - 5.4.0.147.145 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.147.145 linux-image-virtual-hwe-18.04 - 5.4.0.147.145 linux-headers-lowlatency - 5.4.0.147.145 linux-image-generic-hwe-18.04-edge - 5.4.0.147.145 linux-generic-hwe-18.04-edge - 5.4.0.147.145 linux-tools-generic-hwe-18.04 - 5.4.0.147.145 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.147.145 linux-tools-generic-hwe-18.04-edge - 5.4.0.147.145 linux-image-extra-virtual - 5.4.0.147.145 linux-oem-tools-host - 5.4.0.147.145 linux-tools-oem - 5.4.0.147.145 linux-headers-oem-osp1 - 5.4.0.147.145 linux-generic-lpae - 5.4.0.147.145 linux-generic-lpae-hwe-18.04 - 5.4.0.147.145 linux-headers-generic - 5.4.0.147.145 linux-image-generic - 5.4.0.147.145 linux-oem-osp1 - 5.4.0.147.145 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.147.145 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.147.145 linux-virtual-hwe-18.04-edge - 5.4.0.147.145 linux-headers-virtual - 5.4.0.147.145 linux-tools-virtual-hwe-18.04 - 5.4.0.147.145 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.147.145 linux-image-virtual-hwe-18.04-edge - 5.4.0.147.145 linux-generic-hwe-18.04 - 5.4.0.147.145 linux-image-generic-lpae - 5.4.0.147.145 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.147.145 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.147.145 linux-image-lowlatency-hwe-18.04 - 5.4.0.147.145 linux-image-lowlatency - 5.4.0.147.145 No subscription required High CVE-2022-3108 CVE-2022-3903 CVE-2022-4129 CVE-2023-1073 CVE-2023-1074 CVE-2023-1281 CVE-2023-26545 Ubuntu 20.04 LTS It was discovered that lixml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2023-28484) It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash. (CVE-2023-29469) Update Instructions: Run `sudo pro fix USN-6028-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.6 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.6 libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.6 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.6 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.6 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.6 No subscription required Medium CVE-2023-28484 CVE-2023-29469 Ubuntu 20.04 LTS It was discovered that Dnsmasq was sending large DNS messages over UDP, possibly causing transmission failures due to IP fragmentation. This update lowers the default maximum size of DNS messages to improve transmission reliability over UDP. Update Instructions: Run `sudo pro fix USN-6034-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsmasq - 2.80-1.1ubuntu1.7 dnsmasq-base-lua - 2.80-1.1ubuntu1.7 dnsmasq-utils - 2.80-1.1ubuntu1.7 dnsmasq-base - 2.80-1.1ubuntu1.7 No subscription required Low CVE-2023-28450 Ubuntu 20.04 LTS ZeddYu Lu discovered that the FTP client from Apache Commons Net trusted the host from PASV responses by default. A remote attacker with a malicious FTP server could redirect the client to another server, which could possibly result in leaked information about services running on the private network of the client. Update Instructions: Run `sudo pro fix USN-6037-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcommons-net-java-doc - 3.6-1+deb11u1build0.20.04.1 libcommons-net-java - 3.6-1+deb11u1build0.20.04.1 No subscription required Medium CVE-2021-37533 Ubuntu 20.04 LTS It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-1705) It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2022-1962, CVE-2022-27664, CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32189, CVE-2022-41715, CVE-2022-41717, CVE-2023-24534, CVE-2023-24537) It was discovered that Go did not properly implemented the maximum size of file headers in Reader.Read. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2022-2879) It was discovered that the Go net/http module incorrectly handled query parameters in requests forwarded by ReverseProxy. A remote attacker could possibly use this issue to perform an HTTP Query Parameter Smuggling attack. (CVE-2022-2880) It was discovered that Go did not properly manage the permissions for Faccessat function. A attacker could possibly use this issue to expose sensitive information. (CVE-2022-29526) It was discovered that Go did not properly generate the values for ticket_age_add in session tickets. An attacker could possibly use this issue to observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. (CVE-2022-30629) It was discovered that Go did not properly manage client IP addresses in net/http. An attacker could possibly use this issue to cause ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148) It was discovered that Go did not properly validate backticks (`) as Javascript string delimiters, and do not escape them as expected. An attacker could possibly use this issue to inject arbitrary Javascript code into the Go template. (CVE-2023-24538) Update Instructions: Run `sudo pro fix USN-6038-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.18-go - 1.18.1-1ubuntu1~20.04.2 golang-1.18-src - 1.18.1-1ubuntu1~20.04.2 golang-1.18 - 1.18.1-1ubuntu1~20.04.2 golang-1.18-doc - 1.18.1-1ubuntu1~20.04.2 No subscription required Medium CVE-2022-1705 CVE-2022-1962 CVE-2022-27664 CVE-2022-28131 CVE-2022-2879 CVE-2022-2880 CVE-2022-29526 CVE-2022-30629 CVE-2022-30630 CVE-2022-30631 CVE-2022-30632 CVE-2022-30633 CVE-2022-30635 CVE-2022-32148 CVE-2022-32189 CVE-2022-41715 CVE-2022-41717 CVE-2023-24534 CVE-2023-24537 CVE-2023-24538 Ubuntu 20.04 LTS USN-6038-1 fixed several vulnerabilities in Go 1.18. This update provides the corresponding updates for Go 1.13 and Go 1.16. CVE-2022-29526 and CVE-2022-30630 only affected Go 1.16. Original advisory details: It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-1705) It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2022-1962, CVE-2022-27664, CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32189, CVE-2022-41715, CVE-2022-41717, CVE-2023-24534, CVE-2023-24537) It was discovered that Go did not properly implemented the maximum size of file headers in Reader.Read. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2022-2879) It was discovered that the Go net/http module incorrectly handled query parameters in requests forwarded by ReverseProxy. A remote attacker could possibly use this issue to perform an HTTP Query Parameter Smuggling attack. (CVE-2022-2880) It was discovered that Go did not properly manage the permissions for Faccessat function. A attacker could possibly use this issue to expose sensitive information. (CVE-2022-29526) It was discovered that Go did not properly generate the values for ticket_age_add in session tickets. An attacker could possibly use this issue to observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. (CVE-2022-30629) It was discovered that Go did not properly manage client IP addresses in net/http. An attacker could possibly use this issue to cause ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148) It was discovered that Go did not properly validate backticks (`) as Javascript string delimiters, and do not escape them as expected. An attacker could possibly use this issue to inject arbitrary Javascript code into the Go template. (CVE-2023-24538) Update Instructions: Run `sudo pro fix USN-6038-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.13 - 1.13.8-1ubuntu1.2 golang-1.13-doc - 1.13.8-1ubuntu1.2 golang-1.13-go - 1.13.8-1ubuntu1.2 golang-1.13-src - 1.13.8-1ubuntu1.2 No subscription required golang-1.16 - 1.16.2-0ubuntu1~20.04.1 golang-1.16-doc - 1.16.2-0ubuntu1~20.04.1 golang-1.16-go - 1.16.2-0ubuntu1~20.04.1 golang-1.16-src - 1.16.2-0ubuntu1~20.04.1 No subscription required Medium CVE-2022-1705 CVE-2022-27664 CVE-2022-28131 CVE-2022-2879 CVE-2022-2880 CVE-2022-29526 CVE-2022-30629 CVE-2022-30630 CVE-2022-30631 CVE-2022-30632 CVE-2022-30633 CVE-2022-30635 CVE-2022-32148 CVE-2022-32189 CVE-2022-41717 CVE-2023-24534 CVE-2023-24537 CVE-2023-24538 Ubuntu 20.04 LTS It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3996) David Benjamin discovered that OpenSSL was not properly performing the verification of X.509 certificate chains that include policy constraints, which could lead to excessive resource consumption. If a user or automated system were tricked into processing a specially crafted X.509 certificate chain that includes policy constraints, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-0464) David Benjamin discovered that OpenSSL was not properly handling invalid certificate policies in leaf certificates, which would result in certain policy checks being skipped for the certificate. If a user or automated system were tricked into processing a specially crafted certificate, a remote attacker could possibly use this issue to assert invalid certificate policies and circumvent policy checking. (CVE-2023-0465) David Benjamin discovered that OpenSSL incorrectly documented the functionalities of function X509_VERIFY_PARAM_add0_policy, stating that it would implicitly enable certificate policy checks when doing certificate verifications, contrary to its implementation. This could cause users and applications to not perform certificate policy checks even when expected to do so. (CVE-2023-0466) Update Instructions: Run `sudo pro fix USN-6039-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.18 libssl-dev - 1.1.1f-1ubuntu2.18 openssl - 1.1.1f-1ubuntu2.18 libssl-doc - 1.1.1f-1ubuntu2.18 No subscription required Low CVE-2022-3996 CVE-2023-0464 CVE-2023-0466 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-0386) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-4842) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) It was discovered that the NFS implementation in the Linux kernel did not properly handle pending tasks in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1652) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) Update Instructions: Run `sudo pro fix USN-6040-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-70-generic-64k - 5.15.0-70.77~20.04.1 linux-modules-extra-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-headers-5.15.0-70-generic-lpae - 5.15.0-70.77~20.04.1 linux-image-unsigned-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-70.77~20.04.1 linux-modules-iwlwifi-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-buildinfo-5.15.0-70-generic-64k - 5.15.0-70.77~20.04.1 linux-tools-5.15.0-70-generic-64k - 5.15.0-70.77~20.04.1 linux-modules-5.15.0-70-generic-lpae - 5.15.0-70.77~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-70 - 5.15.0-70.77~20.04.1 linux-image-5.15.0-70-generic-64k - 5.15.0-70.77~20.04.1 linux-image-unsigned-5.15.0-70-generic-64k - 5.15.0-70.77~20.04.1 linux-modules-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-image-5.15.0-70-generic-lpae - 5.15.0-70.77~20.04.1 linux-buildinfo-5.15.0-70-generic-lpae - 5.15.0-70.77~20.04.1 linux-tools-5.15.0-70-generic-lpae - 5.15.0-70.77~20.04.1 linux-headers-5.15.0-70-generic-64k - 5.15.0-70.77~20.04.1 linux-hwe-5.15-tools-5.15.0-70 - 5.15.0-70.77~20.04.1 linux-hwe-5.15-headers-5.15.0-70 - 5.15.0-70.77~20.04.1 linux-headers-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-70.77~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-70.77~20.04.1 linux-image-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-buildinfo-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-cloud-tools-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-tools-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-70.77~20.04.1 No subscription required linux-tools-oem-20.04 - 5.15.0.70.77~20.04.31 linux-headers-virtual-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-headers-generic-64k-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-image-oem-20.04c - 5.15.0.70.77~20.04.31 linux-image-oem-20.04b - 5.15.0.70.77~20.04.31 linux-image-generic-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-image-oem-20.04d - 5.15.0.70.77~20.04.31 linux-headers-oem-20.04 - 5.15.0.70.77~20.04.31 linux-headers-generic-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-virtual-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-tools-oem-20.04c - 5.15.0.70.77~20.04.31 linux-tools-oem-20.04b - 5.15.0.70.77~20.04.31 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-image-virtual-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-virtual-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-generic-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-image-oem-20.04 - 5.15.0.70.77~20.04.31 linux-tools-virtual-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-generic-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-image-extra-virtual-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-tools-generic-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-modules-iwlwifi-oem-20.04d - 5.15.0.70.77~20.04.31 linux-tools-generic-64k-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-oem-20.04d - 5.15.0.70.77~20.04.31 linux-oem-20.04c - 5.15.0.70.77~20.04.31 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-headers-generic-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-image-virtual-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-image-generic-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-generic-64k-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-generic-lpae-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-image-generic-64k-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-oem-20.04 - 5.15.0.70.77~20.04.31 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-headers-oem-20.04b - 5.15.0.70.77~20.04.31 linux-headers-oem-20.04c - 5.15.0.70.77~20.04.31 linux-headers-virtual-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-image-generic-lpae-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-generic-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-headers-oem-20.04d - 5.15.0.70.77~20.04.31 linux-tools-generic-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-generic-lpae-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-tools-virtual-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-modules-iwlwifi-oem-20.04 - 5.15.0.70.77~20.04.31 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-tools-oem-20.04d - 5.15.0.70.77~20.04.31 linux-oem-20.04b - 5.15.0.70.77~20.04.31 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.31 No subscription required High CVE-2022-4129 CVE-2022-47929 CVE-2022-4842 CVE-2023-0386 CVE-2023-0394 CVE-2023-1073 CVE-2023-1074 CVE-2023-1281 CVE-2023-1652 CVE-2023-26545 Ubuntu 20.04 LTS James Golovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their privilege. Update Instructions: Run `sudo pro fix USN-6042-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cloud-init - 23.1.2-0ubuntu0~20.04.1 No subscription required Medium CVE-2023-1786 https://bugs.launchpad.net/cloud-init/+bug/2013967 Ubuntu 20.04 LTS USN-6042-1 fixed a vulnerability in Cloud-init. The update introduced a regression on Ubuntu 20.04 LTS resulting in a possible loss of networking. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Golovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their privilege. Update Instructions: Run `sudo pro fix USN-6042-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cloud-init - 23.1.2-0ubuntu0~20.04.2 No subscription required None https://launchpad.net/bugs/2020375 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1872) Update Instructions: Run `sudo pro fix USN-6044-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-modules-iwlwifi-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-gke-5.15-headers-5.15.0-1032 - 5.15.0-1032.37~20.04.1 linux-gke-5.15-tools-5.15.0-1032 - 5.15.0-1032.37~20.04.1 linux-modules-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-modules-extra-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-tools-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-buildinfo-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-image-unsigned-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-headers-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 No subscription required linux-headers-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 linux-oracle-5.15-tools-5.15.0-1034 - 5.15.0-1034.40~20.04.1 linux-image-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 linux-buildinfo-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 linux-tools-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 linux-oracle-5.15-headers-5.15.0-1034 - 5.15.0-1034.40~20.04.1 linux-modules-extra-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 linux-modules-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 linux-image-unsigned-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 No subscription required linux-image-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-cloud-tools-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1035 - 5.15.0-1035.39~20.04.1 linux-image-unsigned-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-modules-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-modules-extra-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-buildinfo-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-tools-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-aws-5.15-tools-5.15.0-1035 - 5.15.0-1035.39~20.04.1 linux-aws-5.15-headers-5.15.0-1035 - 5.15.0-1035.39~20.04.1 linux-headers-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 No subscription required linux-image-unsigned-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-image-unsigned-5.15.0-71-lowlatency-64k - 5.15.0-71.78~20.04.1 linux-headers-5.15.0-71-generic-lpae - 5.15.0-71.78~20.04.1 linux-buildinfo-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-tools-5.15.0-71-generic-64k - 5.15.0-71.78~20.04.1 linux-buildinfo-5.15.0-71-generic-lpae - 5.15.0-71.78~20.04.1 linux-tools-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-modules-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-modules-5.15.0-71-generic-lpae - 5.15.0-71.78~20.04.1 linux-tools-5.15.0-71-lowlatency-64k - 5.15.0-71.78~20.04.1 linux-modules-5.15.0-71-lowlatency-64k - 5.15.0-71.78~20.04.1 linux-modules-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-71.78~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-71.78~20.04.1 linux-image-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-71.78~20.04.1 linux-headers-5.15.0-71-generic-64k - 5.15.0-71.78~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-71 - 5.15.0-71.78~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-71.78~20.04.1 linux-image-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-modules-5.15.0-71-generic-64k - 5.15.0-71.78~20.04.1 linux-image-5.15.0-71-lowlatency-64k - 5.15.0-71.78~20.04.1 linux-cloud-tools-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-image-unsigned-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-71 - 5.15.0-71.78~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-71 - 5.15.0-71.78~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-71.78~20.04.1 linux-image-5.15.0-71-generic-64k - 5.15.0-71.78~20.04.1 linux-tools-5.15.0-71-generic-lpae - 5.15.0-71.78~20.04.1 linux-modules-extra-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-71 - 5.15.0-71.78~20.04.1 linux-buildinfo-5.15.0-71-generic-64k - 5.15.0-71.78~20.04.1 linux-hwe-5.15-headers-5.15.0-71 - 5.15.0-71.78~20.04.1 linux-cloud-tools-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-headers-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-71.78~20.04.1 linux-headers-5.15.0-71-lowlatency-64k - 5.15.0-71.78~20.04.1 linux-tools-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-buildinfo-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-modules-iwlwifi-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-71.78~20.04.1 linux-image-unsigned-5.15.0-71-generic-64k - 5.15.0-71.78~20.04.1 linux-modules-iwlwifi-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-headers-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-image-5.15.0-71-generic-lpae - 5.15.0-71.78~20.04.1 linux-buildinfo-5.15.0-71-lowlatency-64k - 5.15.0-71.78~20.04.1 linux-hwe-5.15-tools-5.15.0-71 - 5.15.0-71.78~20.04.1 No subscription required linux-gke-5.15 - 5.15.0.1032.37~20.04.1 linux-tools-gke-5.15 - 5.15.0.1032.37~20.04.1 linux-headers-gke-edge - 5.15.0.1032.37~20.04.1 linux-image-gke-5.15 - 5.15.0.1032.37~20.04.1 linux-tools-gke-edge - 5.15.0.1032.37~20.04.1 linux-image-gke-edge - 5.15.0.1032.37~20.04.1 linux-gke-edge - 5.15.0.1032.37~20.04.1 linux-headers-gke-5.15 - 5.15.0.1032.37~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1034.40~20.04.1 linux-tools-oracle - 5.15.0.1034.40~20.04.1 linux-tools-oracle-edge - 5.15.0.1034.40~20.04.1 linux-image-oracle-edge - 5.15.0.1034.40~20.04.1 linux-oracle-edge - 5.15.0.1034.40~20.04.1 linux-headers-oracle-edge - 5.15.0.1034.40~20.04.1 linux-image-oracle - 5.15.0.1034.40~20.04.1 linux-oracle - 5.15.0.1034.40~20.04.1 No subscription required linux-headers-aws - 5.15.0.1035.39~20.04.24 linux-image-aws - 5.15.0.1035.39~20.04.24 linux-modules-extra-aws-edge - 5.15.0.1035.39~20.04.24 linux-image-aws-edge - 5.15.0.1035.39~20.04.24 linux-aws-edge - 5.15.0.1035.39~20.04.24 linux-aws - 5.15.0.1035.39~20.04.24 linux-tools-aws - 5.15.0.1035.39~20.04.24 linux-headers-aws-edge - 5.15.0.1035.39~20.04.24 linux-modules-extra-aws - 5.15.0.1035.39~20.04.24 linux-tools-aws-edge - 5.15.0.1035.39~20.04.24 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-headers-lowlatency-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-image-lowlatency-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-lowlatency-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-lowlatency-64k-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-tools-lowlatency-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-lowlatency-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.29 No subscription required linux-tools-oem-20.04 - 5.15.0.71.78~20.04.32 linux-headers-oem-20.04 - 5.15.0.71.78~20.04.32 linux-tools-oem-20.04c - 5.15.0.71.78~20.04.32 linux-tools-oem-20.04b - 5.15.0.71.78~20.04.32 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-image-virtual-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-headers-virtual-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-headers-generic-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-image-virtual-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-tools-oem-20.04d - 5.15.0.71.78~20.04.32 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-image-extra-virtual-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-virtual-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-headers-generic-64k-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-generic-lpae-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-virtual-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-tools-generic-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-generic-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-image-oem-20.04c - 5.15.0.71.78~20.04.32 linux-image-oem-20.04b - 5.15.0.71.78~20.04.32 linux-image-oem-20.04d - 5.15.0.71.78~20.04.32 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-image-generic-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-oem-20.04 - 5.15.0.71.78~20.04.32 linux-image-oem-20.04 - 5.15.0.71.78~20.04.32 linux-generic-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-oem-20.04c - 5.15.0.71.78~20.04.32 linux-oem-20.04b - 5.15.0.71.78~20.04.32 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-oem-20.04d - 5.15.0.71.78~20.04.32 linux-generic-lpae-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-modules-iwlwifi-oem-20.04 - 5.15.0.71.78~20.04.32 linux-tools-generic-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-headers-generic-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-image-generic-64k-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-image-generic-lpae-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-tools-virtual-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-modules-iwlwifi-oem-20.04d - 5.15.0.71.78~20.04.32 linux-tools-generic-64k-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-tools-virtual-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-image-generic-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-generic-64k-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-generic-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-headers-oem-20.04b - 5.15.0.71.78~20.04.32 linux-headers-oem-20.04c - 5.15.0.71.78~20.04.32 linux-headers-virtual-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-headers-oem-20.04d - 5.15.0.71.78~20.04.32 No subscription required High CVE-2023-1829 CVE-2023-1872 Ubuntu 20.04 LTS It was discovered that OpenSSL-ibmca incorrectly handled certain RSA decryption. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6046-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssl-ibmca - 2.1.0-0ubuntu1.20.04.2 No subscription required None https://launchpad.net/bugs/2015454 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Update Instructions: Run `sudo pro fix USN-6047-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1048-ibm - 5.4.0-1048.53 linux-modules-extra-5.4.0-1048-ibm - 5.4.0-1048.53 linux-modules-5.4.0-1048-ibm - 5.4.0-1048.53 linux-ibm-tools-5.4.0-1048 - 5.4.0-1048.53 linux-ibm-tools-common - 5.4.0-1048.53 linux-tools-5.4.0-1048-ibm - 5.4.0-1048.53 linux-ibm-source-5.4.0 - 5.4.0-1048.53 linux-ibm-cloud-tools-common - 5.4.0-1048.53 linux-ibm-headers-5.4.0-1048 - 5.4.0-1048.53 linux-buildinfo-5.4.0-1048-ibm - 5.4.0-1048.53 linux-image-5.4.0-1048-ibm - 5.4.0-1048.53 linux-headers-5.4.0-1048-ibm - 5.4.0-1048.53 No subscription required linux-image-unsigned-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-gkeop-source-5.4.0 - 5.4.0-1068.72 linux-headers-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-cloud-tools-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-gkeop-headers-5.4.0-1068 - 5.4.0-1068.72 linux-gkeop-cloud-tools-5.4.0-1068 - 5.4.0-1068.72 linux-gkeop-tools-5.4.0-1068 - 5.4.0-1068.72 linux-buildinfo-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-modules-extra-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-image-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-modules-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-tools-5.4.0-1068-gkeop - 5.4.0-1068.72 No subscription required linux-kvm-headers-5.4.0-1090 - 5.4.0-1090.96 linux-tools-5.4.0-1090-kvm - 5.4.0-1090.96 linux-image-5.4.0-1090-kvm - 5.4.0-1090.96 linux-buildinfo-5.4.0-1090-kvm - 5.4.0-1090.96 linux-modules-5.4.0-1090-kvm - 5.4.0-1090.96 linux-image-unsigned-5.4.0-1090-kvm - 5.4.0-1090.96 linux-headers-5.4.0-1090-kvm - 5.4.0-1090.96 linux-kvm-tools-5.4.0-1090 - 5.4.0-1090.96 No subscription required linux-gke-tools-5.4.0-1098 - 5.4.0-1098.105 linux-tools-5.4.0-1098-gke - 5.4.0-1098.105 linux-modules-extra-5.4.0-1098-gke - 5.4.0-1098.105 linux-headers-5.4.0-1098-gke - 5.4.0-1098.105 linux-gke-headers-5.4.0-1098 - 5.4.0-1098.105 linux-image-unsigned-5.4.0-1098-gke - 5.4.0-1098.105 linux-image-5.4.0-1098-gke - 5.4.0-1098.105 linux-buildinfo-5.4.0-1098-gke - 5.4.0-1098.105 linux-modules-5.4.0-1098-gke - 5.4.0-1098.105 No subscription required linux-buildinfo-5.4.0-1100-oracle - 5.4.0-1100.109 linux-image-unsigned-5.4.0-1100-oracle - 5.4.0-1100.109 linux-modules-5.4.0-1100-oracle - 5.4.0-1100.109 linux-oracle-headers-5.4.0-1100 - 5.4.0-1100.109 linux-modules-extra-5.4.0-1100-oracle - 5.4.0-1100.109 linux-oracle-tools-5.4.0-1100 - 5.4.0-1100.109 linux-image-5.4.0-1100-oracle - 5.4.0-1100.109 linux-headers-5.4.0-1100-oracle - 5.4.0-1100.109 linux-tools-5.4.0-1100-oracle - 5.4.0-1100.109 No subscription required linux-modules-5.4.0-1101-aws - 5.4.0-1101.109 linux-image-5.4.0-1101-aws - 5.4.0-1101.109 linux-image-unsigned-5.4.0-1101-aws - 5.4.0-1101.109 linux-cloud-tools-5.4.0-1101-aws - 5.4.0-1101.109 linux-aws-tools-5.4.0-1101 - 5.4.0-1101.109 linux-buildinfo-5.4.0-1101-aws - 5.4.0-1101.109 linux-headers-5.4.0-1101-aws - 5.4.0-1101.109 linux-modules-extra-5.4.0-1101-aws - 5.4.0-1101.109 linux-aws-headers-5.4.0-1101 - 5.4.0-1101.109 linux-tools-5.4.0-1101-aws - 5.4.0-1101.109 linux-aws-cloud-tools-5.4.0-1101 - 5.4.0-1101.109 No subscription required linux-tools-5.4.0-1104-gcp - 5.4.0-1104.113 linux-image-unsigned-5.4.0-1104-gcp - 5.4.0-1104.113 linux-gcp-headers-5.4.0-1104 - 5.4.0-1104.113 linux-modules-extra-5.4.0-1104-gcp - 5.4.0-1104.113 linux-modules-5.4.0-1104-gcp - 5.4.0-1104.113 linux-headers-5.4.0-1104-gcp - 5.4.0-1104.113 linux-image-5.4.0-1104-gcp - 5.4.0-1104.113 linux-gcp-tools-5.4.0-1104 - 5.4.0-1104.113 linux-buildinfo-5.4.0-1104-gcp - 5.4.0-1104.113 No subscription required linux-azure-tools-5.4.0-1107 - 5.4.0-1107.113 linux-buildinfo-5.4.0-1107-azure - 5.4.0-1107.113 linux-tools-5.4.0-1107-azure - 5.4.0-1107.113 linux-cloud-tools-5.4.0-1107-azure - 5.4.0-1107.113 linux-modules-5.4.0-1107-azure - 5.4.0-1107.113 linux-azure-headers-5.4.0-1107 - 5.4.0-1107.113 linux-azure-cloud-tools-5.4.0-1107 - 5.4.0-1107.113 linux-image-unsigned-5.4.0-1107-azure - 5.4.0-1107.113 linux-headers-5.4.0-1107-azure - 5.4.0-1107.113 linux-image-5.4.0-1107-azure - 5.4.0-1107.113 linux-modules-extra-5.4.0-1107-azure - 5.4.0-1107.113 No subscription required linux-tools-common - 5.4.0-148.165 linux-modules-5.4.0-148-generic - 5.4.0-148.165 linux-buildinfo-5.4.0-148-generic-lpae - 5.4.0-148.165 linux-tools-host - 5.4.0-148.165 linux-buildinfo-5.4.0-148-generic - 5.4.0-148.165 linux-doc - 5.4.0-148.165 linux-modules-5.4.0-148-generic-lpae - 5.4.0-148.165 linux-cloud-tools-5.4.0-148-lowlatency - 5.4.0-148.165 linux-headers-5.4.0-148-generic-lpae - 5.4.0-148.165 linux-image-unsigned-5.4.0-148-lowlatency - 5.4.0-148.165 linux-headers-5.4.0-148-generic - 5.4.0-148.165 linux-modules-5.4.0-148-lowlatency - 5.4.0-148.165 linux-tools-5.4.0-148-generic-lpae - 5.4.0-148.165 linux-libc-dev - 5.4.0-148.165 linux-tools-5.4.0-148-lowlatency - 5.4.0-148.165 linux-image-5.4.0-148-generic - 5.4.0-148.165 linux-source-5.4.0 - 5.4.0-148.165 linux-cloud-tools-5.4.0-148 - 5.4.0-148.165 linux-image-5.4.0-148-generic-lpae - 5.4.0-148.165 linux-tools-5.4.0-148-generic - 5.4.0-148.165 linux-image-unsigned-5.4.0-148-generic - 5.4.0-148.165 linux-tools-5.4.0-148 - 5.4.0-148.165 linux-buildinfo-5.4.0-148-lowlatency - 5.4.0-148.165 linux-cloud-tools-5.4.0-148-generic - 5.4.0-148.165 linux-cloud-tools-common - 5.4.0-148.165 linux-modules-extra-5.4.0-148-generic - 5.4.0-148.165 linux-headers-5.4.0-148 - 5.4.0-148.165 linux-headers-5.4.0-148-lowlatency - 5.4.0-148.165 linux-image-5.4.0-148-lowlatency - 5.4.0-148.165 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1048.74 linux-modules-extra-ibm - 5.4.0.1048.74 linux-image-ibm - 5.4.0.1048.74 linux-headers-ibm-lts-20.04 - 5.4.0.1048.74 linux-tools-ibm - 5.4.0.1048.74 linux-ibm - 5.4.0.1048.74 linux-ibm-lts-20.04 - 5.4.0.1048.74 linux-image-ibm-lts-20.04 - 5.4.0.1048.74 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1048.74 linux-headers-ibm - 5.4.0.1048.74 No subscription required linux-headers-gkeop - 5.4.0.1068.66 linux-cloud-tools-gkeop-5.4 - 5.4.0.1068.66 linux-image-gkeop - 5.4.0.1068.66 linux-modules-extra-gkeop-5.4 - 5.4.0.1068.66 linux-gkeop-5.4 - 5.4.0.1068.66 linux-image-gkeop-5.4 - 5.4.0.1068.66 linux-gkeop - 5.4.0.1068.66 linux-cloud-tools-gkeop - 5.4.0.1068.66 linux-headers-gkeop-5.4 - 5.4.0.1068.66 linux-modules-extra-gkeop - 5.4.0.1068.66 linux-tools-gkeop - 5.4.0.1068.66 linux-tools-gkeop-5.4 - 5.4.0.1068.66 No subscription required linux-kvm - 5.4.0.1090.84 linux-headers-kvm - 5.4.0.1090.84 linux-image-kvm - 5.4.0.1090.84 linux-tools-kvm - 5.4.0.1090.84 No subscription required linux-modules-extra-gke - 5.4.0.1098.103 linux-headers-gke-5.4 - 5.4.0.1098.103 linux-tools-gke-5.4 - 5.4.0.1098.103 linux-modules-extra-gke-5.4 - 5.4.0.1098.103 linux-gke-5.4 - 5.4.0.1098.103 linux-tools-gke - 5.4.0.1098.103 linux-gke - 5.4.0.1098.103 linux-headers-gke - 5.4.0.1098.103 linux-image-gke-5.4 - 5.4.0.1098.103 linux-image-gke - 5.4.0.1098.103 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1100.93 linux-headers-oracle-lts-20.04 - 5.4.0.1100.93 linux-oracle-lts-20.04 - 5.4.0.1100.93 linux-image-oracle-lts-20.04 - 5.4.0.1100.93 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1101.98 linux-image-aws-lts-20.04 - 5.4.0.1101.98 linux-headers-aws-lts-20.04 - 5.4.0.1101.98 linux-tools-aws-lts-20.04 - 5.4.0.1101.98 linux-aws-lts-20.04 - 5.4.0.1101.98 No subscription required linux-gcp-lts-20.04 - 5.4.0.1104.106 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1104.106 linux-headers-gcp-lts-20.04 - 5.4.0.1104.106 linux-tools-gcp-lts-20.04 - 5.4.0.1104.106 linux-image-gcp-lts-20.04 - 5.4.0.1104.106 No subscription required linux-azure-lts-20.04 - 5.4.0.1107.100 linux-image-azure-lts-20.04 - 5.4.0.1107.100 linux-modules-extra-azure-lts-20.04 - 5.4.0.1107.100 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1107.100 linux-tools-azure-lts-20.04 - 5.4.0.1107.100 linux-headers-azure-lts-20.04 - 5.4.0.1107.100 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.148.146 linux-cloud-tools-virtual - 5.4.0.148.146 linux-image-generic-hwe-18.04 - 5.4.0.148.146 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.148.146 linux-headers-generic-lpae - 5.4.0.148.146 linux-image-virtual - 5.4.0.148.146 linux-oem-osp1-tools-host - 5.4.0.148.146 linux-image-generic - 5.4.0.148.146 linux-tools-lowlatency - 5.4.0.148.146 linux-virtual-hwe-18.04-edge - 5.4.0.148.146 linux-tools-virtual-hwe-18.04 - 5.4.0.148.146 linux-tools-lowlatency-hwe-18.04 - 5.4.0.148.146 linux-headers-lowlatency-hwe-18.04 - 5.4.0.148.146 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.148.146 linux-lowlatency-hwe-18.04-edge - 5.4.0.148.146 linux-image-extra-virtual-hwe-18.04 - 5.4.0.148.146 linux-image-oem-osp1 - 5.4.0.148.146 linux-image-generic-lpae-hwe-18.04 - 5.4.0.148.146 linux-crashdump - 5.4.0.148.146 linux-headers-generic-hwe-18.04 - 5.4.0.148.146 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.148.146 linux-headers-virtual-hwe-18.04-edge - 5.4.0.148.146 linux-source - 5.4.0.148.146 linux-lowlatency - 5.4.0.148.146 linux-tools-virtual-hwe-18.04-edge - 5.4.0.148.146 linux-cloud-tools-generic - 5.4.0.148.146 linux-virtual - 5.4.0.148.146 linux-headers-virtual-hwe-18.04 - 5.4.0.148.146 linux-tools-generic - 5.4.0.148.146 linux-virtual-hwe-18.04 - 5.4.0.148.146 linux-tools-generic-lpae - 5.4.0.148.146 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.148.146 linux-tools-virtual - 5.4.0.148.146 linux-generic-lpae-hwe-18.04-edge - 5.4.0.148.146 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.148.146 linux-generic-lpae - 5.4.0.148.146 linux-headers-oem - 5.4.0.148.146 linux-tools-oem-osp1 - 5.4.0.148.146 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.148.146 linux-tools-generic-hwe-18.04-edge - 5.4.0.148.146 linux-image-virtual-hwe-18.04 - 5.4.0.148.146 linux-headers-lowlatency - 5.4.0.148.146 linux-image-generic-hwe-18.04-edge - 5.4.0.148.146 linux-generic-hwe-18.04-edge - 5.4.0.148.146 linux-generic - 5.4.0.148.146 linux-oem - 5.4.0.148.146 linux-image-extra-virtual - 5.4.0.148.146 linux-oem-tools-host - 5.4.0.148.146 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.148.146 linux-cloud-tools-lowlatency - 5.4.0.148.146 linux-tools-oem - 5.4.0.148.146 linux-headers-oem-osp1 - 5.4.0.148.146 linux-generic-lpae-hwe-18.04 - 5.4.0.148.146 linux-tools-generic-hwe-18.04 - 5.4.0.148.146 linux-headers-generic-hwe-18.04-edge - 5.4.0.148.146 linux-headers-generic - 5.4.0.148.146 linux-oem-osp1 - 5.4.0.148.146 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.148.146 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.148.146 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.148.146 linux-image-lowlatency-hwe-18.04 - 5.4.0.148.146 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.148.146 linux-headers-virtual - 5.4.0.148.146 linux-image-oem - 5.4.0.148.146 linux-lowlatency-hwe-18.04 - 5.4.0.148.146 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.148.146 linux-generic-hwe-18.04 - 5.4.0.148.146 linux-image-generic-lpae - 5.4.0.148.146 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.148.146 linux-image-virtual-hwe-18.04-edge - 5.4.0.148.146 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.148.146 linux-image-lowlatency - 5.4.0.148.146 No subscription required High CVE-2023-1829 Ubuntu 20.04 LTS It was discovered that ZenLib doesn't check the return value of a specific operation before using it. An attacker could use a specially crafted input to crash programs using the library. Update Instructions: Run `sudo pro fix USN-6048-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libzen-dev - 0.4.37-1ubuntu0.20.04.1 libzen-doc - 0.4.37-1ubuntu0.20.04.1 libzen0v5 - 0.4.37-1ubuntu0.20.04.1 No subscription required Medium CVE-2020-36646 Ubuntu 20.04 LTS It was discovered that Netty's Zlib decoders did not limit memory allocations. A remote attacker could possibly use this issue to cause Netty to exhaust memory via malicious input, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-11612) It was discovered that Netty created temporary files with excessive permissions. A local attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM, and Ubuntu 20.04 ESM. (CVE-2021-21290) It was discovered that Netty did not properly validate content-length headers. A remote attacker could possibly use this issue to smuggle requests. This issue was only fixed in Ubuntu 20.04 ESM. (CVE-2021-21295, CVE-2021-21409) It was discovered that Netty's Bzip2 decompression decoder did not limit the decompressed output data size. A remote attacker could possibly use this issue to cause Netty to exhaust memory via malicious input, leading to a denial of service. This issue only affected Ubuntu 18.04 ESM, Ubuntu 20.04 ESM, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2021-37136) It was discovered that Netty's Snappy frame decoder function did not limit chunk lengths. A remote attacker could possibly use this issue to cause Netty to exhaust memory via malicious input, leading to a denial of service. (CVE-2021-37137) It was discovered that Netty did not properly handle control chars at the beginning and end of header names. A remote attacker could possibly use this issue to smuggle requests. This issue only affected Ubuntu 18.04 ESM, Ubuntu 20.04 ESM, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2021-43797) It was discovered that Netty could be made into an infinite recursion when parsing a malformed crafted message. A remote attacker could possibly use this issue to cause Netty to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 ESM, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-41881) It was discovered that Netty did not validate header values under certain circumstances. A remote attacker could possibly use this issue to perform HTTP response splitting via malicious header values. This issue only affected Ubuntu 18.04 ESM, Ubuntu 20.04 ESM, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-41915) Update Instructions: Run `sudo pro fix USN-6049-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnetty-java - 1:4.1.45-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-11612 CVE-2021-21290 CVE-2021-21295 CVE-2021-21409 CVE-2021-37136 CVE-2021-37137 CVE-2021-43797 CVE-2022-41881 CVE-2022-41915 Ubuntu 20.04 LTS It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwriting some paths. (CVE-2023-25652) Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to allows the malicious placement of crafted messages. (CVE-2023-25815) André Baptista and Vítor Pinho discovered that Git incorrectly handled certain configurations. An attacker could possibly use this issue to arbitrary configuration injection. (CVE-2023-29007) Update Instructions: Run `sudo pro fix USN-6050-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.11 gitweb - 1:2.25.1-1ubuntu3.11 git-gui - 1:2.25.1-1ubuntu3.11 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.11 git-el - 1:2.25.1-1ubuntu3.11 gitk - 1:2.25.1-1ubuntu3.11 git-all - 1:2.25.1-1ubuntu3.11 git-mediawiki - 1:2.25.1-1ubuntu3.11 git-daemon-run - 1:2.25.1-1ubuntu3.11 git-man - 1:2.25.1-1ubuntu3.11 git-doc - 1:2.25.1-1ubuntu3.11 git-svn - 1:2.25.1-1ubuntu3.11 git-cvs - 1:2.25.1-1ubuntu3.11 git-email - 1:2.25.1-1ubuntu3.11 No subscription required Medium CVE-2023-25652 CVE-2023-25815 CVE-2023-29007 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1872) Update Instructions: Run `sudo pro fix USN-6051-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-azure-5.15-tools-5.15.0-1037 - 5.15.0-1037.44~20.04.1 linux-modules-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-image-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-cloud-tools-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-tools-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-image-unsigned-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-azure-5.15-headers-5.15.0-1037 - 5.15.0-1037.44~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1037 - 5.15.0-1037.44~20.04.1 linux-modules-extra-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-headers-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 No subscription required linux-modules-extra-azure-edge - 5.15.0.1037.44~20.04.27 linux-tools-azure-cvm - 5.15.0.1037.44~20.04.27 linux-tools-azure-edge - 5.15.0.1037.44~20.04.27 linux-azure - 5.15.0.1037.44~20.04.27 linux-image-azure - 5.15.0.1037.44~20.04.27 linux-cloud-tools-azure - 5.15.0.1037.44~20.04.27 linux-headers-azure-cvm - 5.15.0.1037.44~20.04.27 linux-cloud-tools-azure-edge - 5.15.0.1037.44~20.04.27 linux-cloud-tools-azure-cvm - 5.15.0.1037.44~20.04.27 linux-tools-azure - 5.15.0.1037.44~20.04.27 linux-headers-azure-edge - 5.15.0.1037.44~20.04.27 linux-image-azure-edge - 5.15.0.1037.44~20.04.27 linux-modules-extra-azure - 5.15.0.1037.44~20.04.27 linux-azure-edge - 5.15.0.1037.44~20.04.27 linux-image-azure-cvm - 5.15.0.1037.44~20.04.27 linux-azure-cvm - 5.15.0.1037.44~20.04.27 linux-modules-extra-azure-cvm - 5.15.0.1037.44~20.04.27 linux-headers-azure - 5.15.0.1037.44~20.04.27 No subscription required High CVE-2023-1829 CVE-2023-1872 Ubuntu 20.04 LTS Moataz Al-Sharida and nawaik discovered that Django incorrectly handled uploading multiple files using one form field. A remote attacker could possibly use this issue to bypass certain validations. Update Instructions: Run `sudo pro fix USN-6054-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.17 python-django-doc - 2:2.2.12-1ubuntu0.17 No subscription required Low CVE-2023-31047 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-28755) It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue is being addressed only for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2023-28756) Update Instructions: Run `sudo pro fix USN-6055-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.9 ruby2.7-doc - 2.7.0-5ubuntu1.9 ruby2.7-dev - 2.7.0-5ubuntu1.9 libruby2.7 - 2.7.0-5ubuntu1.9 No subscription required Medium CVE-2023-28755 CVE-2023-28756 Ubuntu 20.04 LTS USN-6055-1 fixed a vulnerability in Ruby. Unfortunately it introduced a regression. This update reverts the patches applied to CVE-2023-28755 in order to fix the regression pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-28755) Update Instructions: Run `sudo pro fix USN-6055-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.10 ruby2.7-doc - 2.7.0-5ubuntu1.10 ruby2.7-dev - 2.7.0-5ubuntu1.10 libruby2.7 - 2.7.0-5ubuntu1.10 No subscription required Medium CVE-2023-28755 https://launchpad.net/bugs/2018547 Ubuntu 20.04 LTS It was discovered that Erlang did not properly implement TLS client certificate validation during the TLS handshake. A remote attacker could use this issue to bypass client authentication. Update Instructions: Run `sudo pro fix USN-6059-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: erlang-x11 - 1:22.2.7+dfsg-1ubuntu0.2 erlang-jinterface - 1:22.2.7+dfsg-1ubuntu0.2 erlang-asn1 - 1:22.2.7+dfsg-1ubuntu0.2 erlang-inets - 1:22.2.7+dfsg-1ubuntu0.2 erlang-snmp - 1:22.2.7+dfsg-1ubuntu0.2 erlang-mode - 1:22.2.7+dfsg-1ubuntu0.2 erlang-odbc - 1:22.2.7+dfsg-1ubuntu0.2 erlang-common-test - 1:22.2.7+dfsg-1ubuntu0.2 erlang-examples - 1:22.2.7+dfsg-1ubuntu0.2 erlang-wx - 1:22.2.7+dfsg-1ubuntu0.2 erlang-ftp - 1:22.2.7+dfsg-1ubuntu0.2 erlang-observer - 1:22.2.7+dfsg-1ubuntu0.2 erlang-os-mon - 1:22.2.7+dfsg-1ubuntu0.2 erlang-syntax-tools - 1:22.2.7+dfsg-1ubuntu0.2 erlang-ssl - 1:22.2.7+dfsg-1ubuntu0.2 erlang-dev - 1:22.2.7+dfsg-1ubuntu0.2 erlang-ssh - 1:22.2.7+dfsg-1ubuntu0.2 erlang-megaco - 1:22.2.7+dfsg-1ubuntu0.2 erlang-manpages - 1:22.2.7+dfsg-1ubuntu0.2 erlang - 1:22.2.7+dfsg-1ubuntu0.2 erlang-tftp - 1:22.2.7+dfsg-1ubuntu0.2 erlang-runtime-tools - 1:22.2.7+dfsg-1ubuntu0.2 erlang-eunit - 1:22.2.7+dfsg-1ubuntu0.2 erlang-tools - 1:22.2.7+dfsg-1ubuntu0.2 erlang-debugger - 1:22.2.7+dfsg-1ubuntu0.2 erlang-parsetools - 1:22.2.7+dfsg-1ubuntu0.2 erlang-public-key - 1:22.2.7+dfsg-1ubuntu0.2 erlang-diameter - 1:22.2.7+dfsg-1ubuntu0.2 erlang-doc - 1:22.2.7+dfsg-1ubuntu0.2 erlang-reltool - 1:22.2.7+dfsg-1ubuntu0.2 erlang-xmerl - 1:22.2.7+dfsg-1ubuntu0.2 erlang-nox - 1:22.2.7+dfsg-1ubuntu0.2 erlang-eldap - 1:22.2.7+dfsg-1ubuntu0.2 erlang-src - 1:22.2.7+dfsg-1ubuntu0.2 erlang-edoc - 1:22.2.7+dfsg-1ubuntu0.2 erlang-mnesia - 1:22.2.7+dfsg-1ubuntu0.2 erlang-base-hipe - 1:22.2.7+dfsg-1ubuntu0.2 erlang-crypto - 1:22.2.7+dfsg-1ubuntu0.2 erlang-erl-docgen - 1:22.2.7+dfsg-1ubuntu0.2 erlang-base - 1:22.2.7+dfsg-1ubuntu0.2 erlang-et - 1:22.2.7+dfsg-1ubuntu0.2 erlang-dialyzer - 1:22.2.7+dfsg-1ubuntu0.2 No subscription required Medium CVE-2022-37026 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.33 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.42. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-42.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-33.html https://www.oracle.com/security-alerts/cpuapr2023.html Update Instructions: Run `sudo pro fix USN-6060-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.33-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.33-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.33-0ubuntu0.20.04.1 mysql-router - 8.0.33-0ubuntu0.20.04.1 mysql-server - 8.0.33-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.33-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.33-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.33-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.33-0ubuntu0.20.04.1 mysql-testsuite - 8.0.33-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.33-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.33-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-21911 CVE-2023-21912 CVE-2023-21919 CVE-2023-21920 CVE-2023-21929 CVE-2023-21933 CVE-2023-21935 CVE-2023-21940 CVE-2023-21945 CVE-2023-21946 CVE-2023-21947 CVE-2023-21953 CVE-2023-21955 CVE-2023-21962 CVE-2023-21966 CVE-2023-21972 CVE-2023-21976 CVE-2023-21977 CVE-2023-21980 CVE-2023-21982 Ubuntu 20.04 LTS USN-6060-1 fixed vulnerabilities in MySQL. The new upstream 8.0.33 version introduced a regression on the armhf architecture. This update fixes the problem. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.33 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.42. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-42.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-33.html https://www.oracle.com/security-alerts/cpuapr2023.html Update Instructions: Run `sudo pro fix USN-6060-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.33-0ubuntu0.20.04.2 libmysqlclient-dev - 8.0.33-0ubuntu0.20.04.2 mysql-testsuite-8.0 - 8.0.33-0ubuntu0.20.04.2 mysql-router - 8.0.33-0ubuntu0.20.04.2 mysql-server - 8.0.33-0ubuntu0.20.04.2 libmysqlclient21 - 8.0.33-0ubuntu0.20.04.2 mysql-client-core-8.0 - 8.0.33-0ubuntu0.20.04.2 mysql-server-core-8.0 - 8.0.33-0ubuntu0.20.04.2 mysql-server-8.0 - 8.0.33-0ubuntu0.20.04.2 mysql-testsuite - 8.0.33-0ubuntu0.20.04.2 mysql-client-8.0 - 8.0.33-0ubuntu0.20.04.2 mysql-source-8.0 - 8.0.33-0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/2019203 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6061-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.38.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.38.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.38.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.38.6-0ubuntu0.20.04.1 webkit2gtk-driver - 2.38.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.38.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.38.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.38.6-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.38.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.38.6-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-0108 CVE-2023-25358 CVE-2023-27932 CVE-2023-27954 CVE-2023-28205 Ubuntu 20.04 LTS It was discovered that FreeType incorrectly handled certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6062-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freetype2-doc - 2.10.1-2ubuntu0.3 libfreetype6-dev - 2.10.1-2ubuntu0.3 libfreetype-dev - 2.10.1-2ubuntu0.3 freetype2-demos - 2.10.1-2ubuntu0.3 libfreetype6 - 2.10.1-2ubuntu0.3 No subscription required None Ubuntu 20.04 LTS Mark Kirkwood discovered that Ceph incorrectly handled certain key lengths. An attacker could possibly use this issue to create non-random encryption keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-3979) It was discovered that Ceph incorrectly handled the volumes plugin. An attacker could possibly use this issue to obtain access to any share. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-0670) It was discovered that Ceph incorrectly handled crash dumps. A local attacker could possibly use this issue to escalate privileges to root. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-3650) It was discovered that Ceph incorrectly handled URL processing on RGW backends. An attacker could possibly use this issue to cause RGW to crash, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3854) Update Instructions: Run `sudo pro fix USN-6063-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-rbd - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-modules-core - 15.2.17-0ubuntu0.20.04.3 ceph-mgr - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-cephadm - 15.2.17-0ubuntu0.20.04.3 ceph - 15.2.17-0ubuntu0.20.04.3 rbd-mirror - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-dashboard - 15.2.17-0ubuntu0.20.04.3 librbd-dev - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-rook - 15.2.17-0ubuntu0.20.04.3 rbd-fuse - 15.2.17-0ubuntu0.20.04.3 libradospp-dev - 15.2.17-0ubuntu0.20.04.3 rbd-nbd - 15.2.17-0ubuntu0.20.04.3 librados-dev - 15.2.17-0ubuntu0.20.04.3 librbd1 - 15.2.17-0ubuntu0.20.04.3 python3-ceph - 15.2.17-0ubuntu0.20.04.3 cephadm - 15.2.17-0ubuntu0.20.04.3 libradosstriper-dev - 15.2.17-0ubuntu0.20.04.3 librados2 - 15.2.17-0ubuntu0.20.04.3 ceph-mon - 15.2.17-0ubuntu0.20.04.3 libcephfs2 - 15.2.17-0ubuntu0.20.04.3 ceph-immutable-object-cache - 15.2.17-0ubuntu0.20.04.3 librgw2 - 15.2.17-0ubuntu0.20.04.3 ceph-mds - 15.2.17-0ubuntu0.20.04.3 radosgw - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-diskprediction-local - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-diskprediction-cloud - 15.2.17-0ubuntu0.20.04.3 python3-rgw - 15.2.17-0ubuntu0.20.04.3 python3-ceph-common - 15.2.17-0ubuntu0.20.04.3 libcephfs-dev - 15.2.17-0ubuntu0.20.04.3 rados-objclass-dev - 15.2.17-0ubuntu0.20.04.3 libradosstriper1 - 15.2.17-0ubuntu0.20.04.3 ceph-osd - 15.2.17-0ubuntu0.20.04.3 python3-ceph-argparse - 15.2.17-0ubuntu0.20.04.3 librgw-dev - 15.2.17-0ubuntu0.20.04.3 python3-rados - 15.2.17-0ubuntu0.20.04.3 ceph-base - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-k8sevents - 15.2.17-0ubuntu0.20.04.3 python3-cephfs - 15.2.17-0ubuntu0.20.04.3 ceph-fuse - 15.2.17-0ubuntu0.20.04.3 cephfs-shell - 15.2.17-0ubuntu0.20.04.3 ceph-common - 15.2.17-0ubuntu0.20.04.3 libcephfs-java - 15.2.17-0ubuntu0.20.04.3 ceph-resource-agents - 15.2.17-0ubuntu0.20.04.3 libcephfs-jni - 15.2.17-0ubuntu0.20.04.3 No subscription required Medium CVE-2021-3979 CVE-2022-0670 CVE-2022-3650 CVE-2022-3854 Ubuntu 20.04 LTS It was discovered that SQL parse incorrectly handled certain regular expression. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6064-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sqlformat - 0.2.4-3ubuntu0.1 python3-sqlparse - 0.2.4-3ubuntu0.1 python-sqlparse-doc - 0.2.4-3ubuntu0.1 pypy-sqlparse - 0.2.4-3ubuntu0.1 No subscription required Medium CVE-2023-30608 Ubuntu 20.04 LTS It was discovered that css-what incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-33587, CVE-2022-21222) Update Instructions: Run `sudo pro fix USN-6065-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-css-what - 3.2.1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-33587 CVE-2022-21222 Ubuntu 20.04 LTS It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain sensitive data. Update Instructions: Run `sudo pro fix USN-6066-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-heat - 1:14.2.0-0ubuntu1.1 heat-api-cfn - 1:14.2.0-0ubuntu1.1 heat-engine - 1:14.2.0-0ubuntu1.1 heat-api - 1:14.2.0-0ubuntu1.1 heat-common - 1:14.2.0-0ubuntu1.1 No subscription required Medium CVE-2023-1625 Ubuntu 20.04 LTS David Sinquin discovered that OpenStack Neutron incorrectly handled the default Open vSwitch firewall rules. An attacker could possibly use this issue to impersonate the IPv6 addresses of other systems on the network. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-20267) Jake Yip and Justin Mammarella discovered that OpenStack Neutron incorrectly handled the linuxbridge driver when ebtables-nft is being used. An attacker could possibly use this issue to impersonate the hardware addresss of other systems on the network. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-38598) Pavel Toporkov discovered that OpenStack Neutron incorrectly handled extra_dhcp_opts values. An attacker could possibly use this issue to reconfigure dnsmasq. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40085) Slawek Kaplonski discovered that OpenStack Neutron incorrectly handled the routes middleware. An attacker could possibly use this issue to cause the API worker to consume memory, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40797) It was discovered that OpenStack Neutron incorrectly handled certain queries. A remote authenticated user could possibly use this issue to cause resource consumption, leading to a denial of service. (CVE-2022-3277) Update Instructions: Run `sudo pro fix USN-6067-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: neutron-linuxbridge-agent - 2:16.4.2-0ubuntu6.2 neutron-metering-agent - 2:16.4.2-0ubuntu6.2 neutron-plugin-ml2 - 2:16.4.2-0ubuntu6.2 neutron-server - 2:16.4.2-0ubuntu6.2 neutron-ovn-metadata-agent - 2:16.4.2-0ubuntu6.2 python3-neutron - 2:16.4.2-0ubuntu6.2 neutron-l3-agent - 2:16.4.2-0ubuntu6.2 neutron-metadata-agent - 2:16.4.2-0ubuntu6.2 neutron-dhcp-agent - 2:16.4.2-0ubuntu6.2 neutron-sriov-agent - 2:16.4.2-0ubuntu6.2 neutron-openvswitch-agent - 2:16.4.2-0ubuntu6.2 neutron-common - 2:16.4.2-0ubuntu6.2 neutron-macvtap-agent - 2:16.4.2-0ubuntu6.2 No subscription required Medium CVE-2021-20267 CVE-2021-38598 CVE-2021-40085 CVE-2021-40797 CVE-2022-3277 Ubuntu 20.04 LTS David Marchand discovered that Open vSwitch incorrectly handled IP packets with the protocol set to 0. A remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6068-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-doc - 2.13.8-0ubuntu1.2 openvswitch-switch - 2.13.8-0ubuntu1.2 openvswitch-pki - 2.13.8-0ubuntu1.2 openvswitch-common - 2.13.8-0ubuntu1.2 openvswitch-testcontroller - 2.13.8-0ubuntu1.2 openvswitch-vtep - 2.13.8-0ubuntu1.2 openvswitch-source - 2.13.8-0ubuntu1.2 python3-openvswitch - 2.13.8-0ubuntu1.2 openvswitch-switch-dpdk - 2.13.8-0ubuntu1.2 openvswitch-test - 2.13.8-0ubuntu1.2 No subscription required Medium CVE-2023-1668 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Update Instructions: Run `sudo pro fix USN-6069-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-raspi-tools-5.4.0-1084 - 5.4.0-1084.95 linux-image-5.4.0-1084-raspi - 5.4.0-1084.95 linux-buildinfo-5.4.0-1084-raspi - 5.4.0-1084.95 linux-raspi-headers-5.4.0-1084 - 5.4.0-1084.95 linux-modules-5.4.0-1084-raspi - 5.4.0-1084.95 linux-headers-5.4.0-1084-raspi - 5.4.0-1084.95 linux-tools-5.4.0-1084-raspi - 5.4.0-1084.95 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1084.114 linux-raspi2 - 5.4.0.1084.114 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1084.114 linux-raspi-hwe-18.04-edge - 5.4.0.1084.114 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1084.114 linux-raspi-hwe-18.04 - 5.4.0.1084.114 linux-tools-raspi - 5.4.0.1084.114 linux-image-raspi - 5.4.0.1084.114 linux-tools-raspi2-hwe-18.04 - 5.4.0.1084.114 linux-raspi2-hwe-18.04 - 5.4.0.1084.114 linux-headers-raspi2 - 5.4.0.1084.114 linux-tools-raspi2 - 5.4.0.1084.114 linux-tools-raspi-hwe-18.04 - 5.4.0.1084.114 linux-headers-raspi2-hwe-18.04 - 5.4.0.1084.114 linux-image-raspi2 - 5.4.0.1084.114 linux-image-raspi-hwe-18.04-edge - 5.4.0.1084.114 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1084.114 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1084.114 linux-image-raspi-hwe-18.04 - 5.4.0.1084.114 linux-raspi - 5.4.0.1084.114 linux-headers-raspi - 5.4.0.1084.114 linux-headers-raspi-hwe-18.04 - 5.4.0.1084.114 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1084.114 linux-image-raspi2-hwe-18.04 - 5.4.0.1084.114 No subscription required High CVE-2023-1829 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1872) Update Instructions: Run `sudo pro fix USN-6070-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1037-azure-fde - 5.15.0-1037.44~20.04.1.1 linux-image-unsigned-5.15.0-1037-azure-fde - 5.15.0-1037.44~20.04.1.1 No subscription required linux-azure-fde - 5.15.0.1037.44~20.04.1.16 linux-modules-extra-azure-fde - 5.15.0.1037.44~20.04.1.16 linux-headers-azure-fde-edge - 5.15.0.1037.44~20.04.1.16 linux-azure-fde-edge - 5.15.0.1037.44~20.04.1.16 linux-modules-extra-azure-fde-edge - 5.15.0.1037.44~20.04.1.16 linux-tools-azure-fde-edge - 5.15.0.1037.44~20.04.1.16 linux-image-azure-fde-edge - 5.15.0.1037.44~20.04.1.16 linux-image-azure-fde - 5.15.0.1037.44~20.04.1.16 linux-cloud-tools-azure-fde-edge - 5.15.0.1037.44~20.04.1.16 linux-cloud-tools-azure-fde - 5.15.0.1037.44~20.04.1.16 linux-tools-azure-fde - 5.15.0.1037.44~20.04.1.16 linux-headers-azure-fde - 5.15.0.1037.44~20.04.1.16 No subscription required High CVE-2023-1829 CVE-2023-1872 Ubuntu 20.04 LTS Jan Wasilewski and Gorka Eguileor discovered that Cinder incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-cinder - 2:16.4.2-0ubuntu2.3 cinder-api - 2:16.4.2-0ubuntu2.3 cinder-volume - 2:16.4.2-0ubuntu2.3 cinder-common - 2:16.4.2-0ubuntu2.3 cinder-backup - 2:16.4.2-0ubuntu2.3 cinder-scheduler - 2:16.4.2-0ubuntu2.3 No subscription required Medium CVE-2023-2088 Ubuntu 20.04 LTS Jan Wasilewski and Gorka Eguileor discovered that Glance_store incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-glance-store-doc - 2.0.0-0ubuntu4.1 python3-glance-store - 2.0.0-0ubuntu4.1 No subscription required Medium CVE-2023-2088 Ubuntu 20.04 LTS Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nova-api - 2:21.2.4-0ubuntu2.3 nova-common - 2:21.2.4-0ubuntu2.3 nova-compute-xen - 2:21.2.4-0ubuntu2.3 nova-api-os-compute - 2:21.2.4-0ubuntu2.3 nova-novncproxy - 2:21.2.4-0ubuntu2.3 nova-serialproxy - 2:21.2.4-0ubuntu2.3 nova-api-os-volume - 2:21.2.4-0ubuntu2.3 nova-compute-lxc - 2:21.2.4-0ubuntu2.3 nova-api-metadata - 2:21.2.4-0ubuntu2.3 nova-compute-libvirt - 2:21.2.4-0ubuntu2.3 nova-compute-kvm - 2:21.2.4-0ubuntu2.3 nova-doc - 2:21.2.4-0ubuntu2.3 nova-conductor - 2:21.2.4-0ubuntu2.3 nova-volume - 2:21.2.4-0ubuntu2.3 nova-compute-vmware - 2:21.2.4-0ubuntu2.3 nova-cells - 2:21.2.4-0ubuntu2.3 nova-spiceproxy - 2:21.2.4-0ubuntu2.3 nova-scheduler - 2:21.2.4-0ubuntu2.3 nova-ajax-console-proxy - 2:21.2.4-0ubuntu2.3 nova-compute - 2:21.2.4-0ubuntu2.3 nova-compute-qemu - 2:21.2.4-0ubuntu2.3 python3-nova - 2:21.2.4-0ubuntu2.3 No subscription required Medium CVE-2023-2088 Ubuntu 20.04 LTS Jan Wasilewski and Gorka Eguileor discovered that os-brick incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: os-brick-common - 3.0.8-0ubuntu1.1 python3-os-brick - 3.0.8-0ubuntu1.1 python-os-brick-doc - 3.0.8-0ubuntu1.1 No subscription required Medium CVE-2023-2088 Ubuntu 20.04 LTS USN-6073-3 fixed a vulnerability in Nova. The update introduced a regression causing Nova to be unable to detach volumes from instances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-5` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nova-api - 2:21.2.4-0ubuntu2.4 nova-common - 2:21.2.4-0ubuntu2.4 nova-compute-xen - 2:21.2.4-0ubuntu2.4 nova-api-os-compute - 2:21.2.4-0ubuntu2.4 nova-novncproxy - 2:21.2.4-0ubuntu2.4 nova-serialproxy - 2:21.2.4-0ubuntu2.4 nova-api-os-volume - 2:21.2.4-0ubuntu2.4 nova-compute-lxc - 2:21.2.4-0ubuntu2.4 nova-api-metadata - 2:21.2.4-0ubuntu2.4 nova-compute-libvirt - 2:21.2.4-0ubuntu2.4 nova-compute-kvm - 2:21.2.4-0ubuntu2.4 nova-doc - 2:21.2.4-0ubuntu2.4 nova-conductor - 2:21.2.4-0ubuntu2.4 nova-volume - 2:21.2.4-0ubuntu2.4 nova-compute-vmware - 2:21.2.4-0ubuntu2.4 nova-cells - 2:21.2.4-0ubuntu2.4 nova-spiceproxy - 2:21.2.4-0ubuntu2.4 nova-scheduler - 2:21.2.4-0ubuntu2.4 nova-ajax-console-proxy - 2:21.2.4-0ubuntu2.4 nova-compute - 2:21.2.4-0ubuntu2.4 nova-compute-qemu - 2:21.2.4-0ubuntu2.4 python3-nova - 2:21.2.4-0ubuntu2.4 No subscription required None https://launchpad.net/bugs/2019460 Ubuntu 20.04 LTS USN-6073-1 fixed a vulnerability in Cinder. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Cinder incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-6` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-cinder - 2:16.4.2-0ubuntu2.4 cinder-api - 2:16.4.2-0ubuntu2.4 cinder-volume - 2:16.4.2-0ubuntu2.4 cinder-common - 2:16.4.2-0ubuntu2.4 cinder-backup - 2:16.4.2-0ubuntu2.4 cinder-scheduler - 2:16.4.2-0ubuntu2.4 No subscription required None https://launchpad.net/bugs/2020111 Ubuntu 20.04 LTS USN-6073-2 fixed a vulnerability in Glance_store. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Glance_store incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-7` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-glance-store-doc - 2.0.0-0ubuntu4.2 python3-glance-store - 2.0.0-0ubuntu4.2 No subscription required None https://launchpad.net/bugs/2020111 Ubuntu 20.04 LTS USN-6073-3 fixed a vulnerability in Nova. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-8` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nova-api - 2:21.2.4-0ubuntu2.5 nova-common - 2:21.2.4-0ubuntu2.5 nova-compute-xen - 2:21.2.4-0ubuntu2.5 nova-api-os-compute - 2:21.2.4-0ubuntu2.5 nova-novncproxy - 2:21.2.4-0ubuntu2.5 nova-serialproxy - 2:21.2.4-0ubuntu2.5 nova-api-os-volume - 2:21.2.4-0ubuntu2.5 nova-compute-lxc - 2:21.2.4-0ubuntu2.5 nova-api-metadata - 2:21.2.4-0ubuntu2.5 nova-compute-libvirt - 2:21.2.4-0ubuntu2.5 nova-compute-kvm - 2:21.2.4-0ubuntu2.5 nova-doc - 2:21.2.4-0ubuntu2.5 nova-conductor - 2:21.2.4-0ubuntu2.5 nova-volume - 2:21.2.4-0ubuntu2.5 nova-compute-vmware - 2:21.2.4-0ubuntu2.5 nova-cells - 2:21.2.4-0ubuntu2.5 nova-spiceproxy - 2:21.2.4-0ubuntu2.5 nova-scheduler - 2:21.2.4-0ubuntu2.5 nova-ajax-console-proxy - 2:21.2.4-0ubuntu2.5 nova-compute - 2:21.2.4-0ubuntu2.5 nova-compute-qemu - 2:21.2.4-0ubuntu2.5 python3-nova - 2:21.2.4-0ubuntu2.5 No subscription required None https://launchpad.net/bugs/2020111 Ubuntu 20.04 LTS USN-6073-4 fixed a vulnerability in os-brick. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that os-brick incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-9` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: os-brick-common - 3.0.8-0ubuntu1.2 python3-os-brick - 3.0.8-0ubuntu1.2 python-os-brick-doc - 3.0.8-0ubuntu1.2 No subscription required None https://launchpad.net/bugs/2020111 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-32205, CVE-2023-32207, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215, CVE-2023-32216) Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-32206) Anne van Kesteren discovered that Firefox did not properly validate the import() call in service workers. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-32208) Sam Ezeh discovered that Firefox did not properly handle certain favicon image files. If a user were tricked into opening a malicicous favicon file, an attacker could cause a denial of service. (CVE-2023-32209) Update Instructions: Run `sudo pro fix USN-6074-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 113.0+build2-0ubuntu0.20.04.1 firefox - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 113.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 113.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 113.0+build2-0ubuntu0.20.04.1 firefox-dev - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 113.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-32205 CVE-2023-32206 CVE-2023-32207 CVE-2023-32208 CVE-2023-32209 CVE-2023-32210 CVE-2023-32211 CVE-2023-32212 CVE-2023-32213 CVE-2023-32215 CVE-2023-32216 Ubuntu 20.04 LTS USN-6074-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-32205, CVE-2023-32207, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215, CVE-2023-32216) Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-32206) Anne van Kesteren discovered that Firefox did not properly validate the import() call in service workers. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-32208) Sam Ezeh discovered that Firefox did not properly handle certain favicon image files. If a user were tricked into opening a malicicous favicon file, an attacker could cause a denial of service. (CVE-2023-32209) Update Instructions: Run `sudo pro fix USN-6074-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 113.0.1+build1-0ubuntu0.20.04.1 firefox - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 113.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 113.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 113.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 113.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2019782 Ubuntu 20.04 LTS USN-6074-1 fixed vulnerabilities and USN-6074-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-32205, CVE-2023-32207, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215, CVE-2023-32216) Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-32206) Anne van Kesteren discovered that Firefox did not properly validate the import() call in service workers. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-32208) Sam Ezeh discovered that Firefox did not properly handle certain favicon image files. If a user were tricked into opening a malicicous favicon file, an attacker could cause a denial of service. (CVE-2023-32209) Update Instructions: Run `sudo pro fix USN-6074-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 113.0.2+build1-0ubuntu0.20.04.1 firefox - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 113.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 113.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tg - 113.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 113.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2020649 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-32205, CVE-2023-32207, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215) Irvan Kurniawan discovered that Thunderbird did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-32206) Update Instructions: Run `sudo pro fix USN-6075-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.11.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.11.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.11.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.11.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-32205 CVE-2023-32206 CVE-2023-32207 CVE-2023-32211 CVE-2023-32212 CVE-2023-32213 CVE-2023-32215 Ubuntu 20.04 LTS Ben Smyth discovered that OpenJDK incorrectly handled half-duplex connections during TLS handshake. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-21930) It was discovered that OpenJDK incorrectly handled certain inputs. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-21937) It was discovered that OpenJDK incorrectly handled command arguments. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-21938) It was discovered that OpenJDK incorrectly validated HTML documents. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-21939) Ramki Ramakrishna discovered that OpenJDK incorrectly handled garbage collection. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2023-21954) Jonathan Looney discovered that OpenJDK incorrectly handled certificate chains during TLS session negotiation. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-21967) Adam Reziouk discovered that OpenJDK incorrectly sanitized URIs. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2023-21968) Update Instructions: Run `sudo pro fix USN-6077-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-doc - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-jdk - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-source - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-jdk-headless - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-demo - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-jre-zero - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-jre-headless - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-jre - 11.0.19+7~us1-0ubuntu1~20.04.1 No subscription required openjdk-17-jdk-headless - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-jre-headless - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-jre - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-jdk - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-jre-zero - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-source - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-demo - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-doc - 17.0.7+7~us1-0ubuntu1~20.04 No subscription required openjdk-8-doc - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-jre-headless - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-jre - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-demo - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-jre-zero - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-jdk - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-source - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u372-ga~us1-0ubuntu1~20.04 No subscription required Medium CVE-2023-21930 CVE-2023-21937 CVE-2023-21938 CVE-2023-21939 CVE-2023-21954 CVE-2023-21967 CVE-2023-21968 Ubuntu 20.04 LTS Irvan Kurniawan discovered that libwebp incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6078-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: webp - 0.6.1-2ubuntu0.20.04.2 libwebp6 - 0.6.1-2ubuntu0.20.04.2 libwebpmux3 - 0.6.1-2ubuntu0.20.04.2 libwebp-dev - 0.6.1-2ubuntu0.20.04.2 libwebpdemux2 - 0.6.1-2ubuntu0.20.04.2 No subscription required Medium CVE-2023-1999 Ubuntu 20.04 LTS It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6080-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-image-unsigned-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-cloud-tools-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-headers-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-buildinfo-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1036 - 5.15.0-1036.40~20.04.1 linux-aws-5.15-tools-5.15.0-1036 - 5.15.0-1036.40~20.04.1 linux-modules-extra-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-tools-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-aws-5.15-headers-5.15.0-1036 - 5.15.0-1036.40~20.04.1 linux-image-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 No subscription required linux-modules-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-azure-5.15-tools-5.15.0-1038 - 5.15.0-1038.45~20.04.1 linux-image-unsigned-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-cloud-tools-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-headers-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-azure-5.15-headers-5.15.0-1038 - 5.15.0-1038.45~20.04.1 linux-modules-extra-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-buildinfo-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-tools-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1038 - 5.15.0-1038.45~20.04.1 linux-image-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 No subscription required linux-image-5.15.0-1038-azure-fde - 5.15.0-1038.45~20.04.1.1 linux-image-unsigned-5.15.0-1038-azure-fde - 5.15.0-1038.45~20.04.1.1 No subscription required linux-image-unsigned-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-modules-extra-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-headers-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-image-5.15.0-72-lowlatency-64k - 5.15.0-72.79~20.04.1 linux-modules-iwlwifi-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-buildinfo-5.15.0-72-generic-lpae - 5.15.0-72.79~20.04.1 linux-modules-5.15.0-72-generic-lpae - 5.15.0-72.79~20.04.1 linux-headers-5.15.0-72-lowlatency-64k - 5.15.0-72.79~20.04.1 linux-modules-5.15.0-72-generic-64k - 5.15.0-72.79~20.04.1 linux-headers-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-buildinfo-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-image-5.15.0-72-generic-64k - 5.15.0-72.79~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-72.79~20.04.1 linux-image-5.15.0-72-generic-lpae - 5.15.0-72.79~20.04.1 linux-tools-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-72 - 5.15.0-72.79~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-72.79~20.04.1 linux-image-unsigned-5.15.0-72-generic-64k - 5.15.0-72.79~20.04.1 linux-tools-5.15.0-72-lowlatency-64k - 5.15.0-72.79~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-72 - 5.15.0-72.79~20.04.1 linux-cloud-tools-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-72 - 5.15.0-72.79~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-72 - 5.15.0-72.79~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-72.79~20.04.1 linux-headers-5.15.0-72-generic-64k - 5.15.0-72.79~20.04.1 linux-modules-iwlwifi-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-tools-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-hwe-5.15-headers-5.15.0-72 - 5.15.0-72.79~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-72.79~20.04.1 linux-tools-5.15.0-72-generic-lpae - 5.15.0-72.79~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-72.79~20.04.1 linux-buildinfo-5.15.0-72-lowlatency-64k - 5.15.0-72.79~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-72.79~20.04.1 linux-modules-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-image-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-headers-5.15.0-72-generic-lpae - 5.15.0-72.79~20.04.1 linux-image-unsigned-5.15.0-72-lowlatency-64k - 5.15.0-72.79~20.04.1 linux-image-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-image-unsigned-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-cloud-tools-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-72.79~20.04.1 linux-buildinfo-5.15.0-72-generic-64k - 5.15.0-72.79~20.04.1 linux-buildinfo-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-modules-5.15.0-72-lowlatency-64k - 5.15.0-72.79~20.04.1 linux-hwe-5.15-tools-5.15.0-72 - 5.15.0-72.79~20.04.1 linux-tools-5.15.0-72-generic-64k - 5.15.0-72.79~20.04.1 linux-modules-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 No subscription required linux-headers-aws - 5.15.0.1036.40~20.04.25 linux-image-aws - 5.15.0.1036.40~20.04.25 linux-modules-extra-aws-edge - 5.15.0.1036.40~20.04.25 linux-image-aws-edge - 5.15.0.1036.40~20.04.25 linux-aws-edge - 5.15.0.1036.40~20.04.25 linux-aws - 5.15.0.1036.40~20.04.25 linux-tools-aws - 5.15.0.1036.40~20.04.25 linux-tools-aws-edge - 5.15.0.1036.40~20.04.25 linux-headers-aws-edge - 5.15.0.1036.40~20.04.25 linux-modules-extra-aws - 5.15.0.1036.40~20.04.25 No subscription required linux-cloud-tools-azure-fde-edge - 5.15.0.1038.45~20.04.1.17 linux-tools-azure-fde-edge - 5.15.0.1038.45~20.04.1.17 linux-headers-azure-fde-edge - 5.15.0.1038.45~20.04.1.17 linux-image-azure-fde - 5.15.0.1038.45~20.04.1.17 linux-tools-azure-fde - 5.15.0.1038.45~20.04.1.17 linux-modules-extra-azure-fde-edge - 5.15.0.1038.45~20.04.1.17 linux-image-azure-fde-edge - 5.15.0.1038.45~20.04.1.17 linux-azure-fde - 5.15.0.1038.45~20.04.1.17 linux-cloud-tools-azure-fde - 5.15.0.1038.45~20.04.1.17 linux-azure-fde-edge - 5.15.0.1038.45~20.04.1.17 linux-modules-extra-azure-fde - 5.15.0.1038.45~20.04.1.17 linux-headers-azure-fde - 5.15.0.1038.45~20.04.1.17 No subscription required linux-tools-azure-edge - 5.15.0.1038.45~20.04.28 linux-cloud-tools-azure - 5.15.0.1038.45~20.04.28 linux-tools-azure - 5.15.0.1038.45~20.04.28 linux-image-azure-edge - 5.15.0.1038.45~20.04.28 linux-image-azure-cvm - 5.15.0.1038.45~20.04.28 linux-modules-extra-azure-cvm - 5.15.0.1038.45~20.04.28 linux-tools-azure-cvm - 5.15.0.1038.45~20.04.28 linux-cloud-tools-azure-edge - 5.15.0.1038.45~20.04.28 linux-modules-extra-azure - 5.15.0.1038.45~20.04.28 linux-modules-extra-azure-edge - 5.15.0.1038.45~20.04.28 linux-azure - 5.15.0.1038.45~20.04.28 linux-image-azure - 5.15.0.1038.45~20.04.28 linux-headers-azure-cvm - 5.15.0.1038.45~20.04.28 linux-cloud-tools-azure-cvm - 5.15.0.1038.45~20.04.28 linux-headers-azure-edge - 5.15.0.1038.45~20.04.28 linux-azure-edge - 5.15.0.1038.45~20.04.28 linux-azure-cvm - 5.15.0.1038.45~20.04.28 linux-headers-azure - 5.15.0.1038.45~20.04.28 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-headers-lowlatency-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-image-lowlatency-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-lowlatency-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-lowlatency-64k-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-tools-lowlatency-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-lowlatency-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.30 No subscription required linux-headers-oem-20.04 - 5.15.0.72.79~20.04.33 linux-tools-oem-20.04d - 5.15.0.72.79~20.04.33 linux-tools-oem-20.04b - 5.15.0.72.79~20.04.33 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-virtual-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-headers-virtual-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-oem-20.04b - 5.15.0.72.79~20.04.33 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-headers-generic-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-virtual-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-image-extra-virtual-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-virtual-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-generic-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-headers-generic-64k-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-generic-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-generic-lpae-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-tools-oem-20.04c - 5.15.0.72.79~20.04.33 linux-virtual-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-tools-oem-20.04 - 5.15.0.72.79~20.04.33 linux-oem-20.04 - 5.15.0.72.79~20.04.33 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-tools-generic-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-generic-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-oem-20.04c - 5.15.0.72.79~20.04.33 linux-image-oem-20.04d - 5.15.0.72.79~20.04.33 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-image-oem-20.04 - 5.15.0.72.79~20.04.33 linux-generic-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-oem-20.04c - 5.15.0.72.79~20.04.33 linux-oem-20.04b - 5.15.0.72.79~20.04.33 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-oem-20.04d - 5.15.0.72.79~20.04.33 linux-headers-oem-20.04b - 5.15.0.72.79~20.04.33 linux-generic-lpae-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-modules-iwlwifi-oem-20.04 - 5.15.0.72.79~20.04.33 linux-tools-generic-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-headers-generic-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-image-generic-64k-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-generic-lpae-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-tools-virtual-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-modules-iwlwifi-oem-20.04d - 5.15.0.72.79~20.04.33 linux-tools-generic-64k-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-tools-virtual-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-image-generic-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-generic-64k-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-headers-oem-20.04c - 5.15.0.72.79~20.04.33 linux-headers-virtual-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-headers-oem-20.04d - 5.15.0.72.79~20.04.33 No subscription required Medium CVE-2022-27672 CVE-2022-3707 CVE-2023-0459 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1513 CVE-2023-20938 CVE-2023-2162 CVE-2023-32269 Ubuntu 20.04 LTS It was discovered that EventSource incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6082-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-eventsource - 0.2.1-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2022-1650 Ubuntu 20.04 LTS It was discovered that cups-filters incorrectly handled the beh CUPS backend. A remote attacker could possibly use this issue to cause the backend to stop responding or to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6083-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfontembed-dev - 1.27.4-1ubuntu0.2 libfontembed1 - 1.27.4-1ubuntu0.2 libcupsfilters-dev - 1.27.4-1ubuntu0.2 cups-filters - 1.27.4-1ubuntu0.2 cups-browsed - 1.27.4-1ubuntu0.2 cups-filters-core-drivers - 1.27.4-1ubuntu0.2 libcupsfilters1 - 1.27.4-1ubuntu0.2 No subscription required Medium CVE-2023-24805 Ubuntu 20.04 LTS It was discovered that minimatch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6086-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-minimatch - 3.0.4-4ubuntu0.1 No subscription required Medium CVE-2022-3517 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-28755) It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possily use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM. (CVE-2023-28756) Update Instructions: Run `sudo pro fix USN-6087-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.11 ruby2.7-doc - 2.7.0-5ubuntu1.11 ruby2.7-dev - 2.7.0-5ubuntu1.11 libruby2.7 - 2.7.0-5ubuntu1.11 No subscription required Medium CVE-2023-28755 CVE-2023-28756 Ubuntu 20.04 LTS It was discovered that runC incorrectly made /sys/fs/cgroup writable when in rootless mode. An attacker could possibly use this issue to escalate privileges. (CVE-2023-25809) It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. (CVE-2023-27561) It was discovered that runC incorrectly handled /proc and /sys mounts inside a container. An attacker could possibly use this issue to bypass AppArmor, and potentially SELinux. (CVE-2023-28642) Update Instructions: Run `sudo pro fix USN-6088-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-opencontainers-runc-dev - 1.1.4-0ubuntu1~20.04.3 runc - 1.1.4-0ubuntu1~20.04.3 No subscription required Medium CVE-2023-25809 CVE-2023-27561 CVE-2023-28642 Ubuntu 20.04 LTS It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6090-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-modules-extra-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-buildinfo-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-modules-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-gke-5.15-headers-5.15.0-1033 - 5.15.0-1033.38~20.04.1 linux-modules-iwlwifi-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-image-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-image-unsigned-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-tools-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-gke-5.15-tools-5.15.0-1033 - 5.15.0-1033.38~20.04.1 No subscription required linux-gcp-5.15-headers-5.15.0-1034 - 5.15.0-1034.42~20.04.1 linux-modules-iwlwifi-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-buildinfo-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-image-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-image-unsigned-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-tools-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-modules-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-modules-extra-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-headers-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-gcp-5.15-tools-5.15.0-1034 - 5.15.0-1034.42~20.04.1 No subscription required linux-image-unsigned-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 linux-modules-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 linux-tools-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 linux-modules-extra-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 linux-image-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 linux-oracle-5.15-headers-5.15.0-1035 - 5.15.0-1035.41~20.04.1 linux-buildinfo-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 linux-oracle-5.15-tools-5.15.0-1035 - 5.15.0-1035.41~20.04.1 linux-headers-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 No subscription required linux-tools-gke-edge - 5.15.0.1033.38~20.04.1 linux-image-gke-5.15 - 5.15.0.1033.38~20.04.1 linux-gke-edge - 5.15.0.1033.38~20.04.1 linux-headers-gke-5.15 - 5.15.0.1033.38~20.04.1 linux-tools-gke-5.15 - 5.15.0.1033.38~20.04.1 linux-headers-gke-edge - 5.15.0.1033.38~20.04.1 linux-image-gke-edge - 5.15.0.1033.38~20.04.1 linux-gke-5.15 - 5.15.0.1033.38~20.04.1 No subscription required linux-image-gcp - 5.15.0.1034.42~20.04.1 linux-tools-gcp-edge - 5.15.0.1034.42~20.04.1 linux-tools-gcp - 5.15.0.1034.42~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1034.42~20.04.1 linux-headers-gcp-edge - 5.15.0.1034.42~20.04.1 linux-gcp - 5.15.0.1034.42~20.04.1 linux-headers-gcp - 5.15.0.1034.42~20.04.1 linux-image-gcp-edge - 5.15.0.1034.42~20.04.1 linux-modules-extra-gcp - 5.15.0.1034.42~20.04.1 linux-gcp-edge - 5.15.0.1034.42~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1035.41~20.04.1 linux-headers-oracle-edge - 5.15.0.1035.41~20.04.1 linux-image-oracle - 5.15.0.1035.41~20.04.1 linux-tools-oracle - 5.15.0.1035.41~20.04.1 linux-tools-oracle-edge - 5.15.0.1035.41~20.04.1 linux-oracle-edge - 5.15.0.1035.41~20.04.1 linux-image-oracle-edge - 5.15.0.1035.41~20.04.1 linux-oracle - 5.15.0.1035.41~20.04.1 No subscription required Medium CVE-2022-27672 CVE-2022-3707 CVE-2023-0459 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1513 CVE-2023-20938 CVE-2023-2162 CVE-2023-32269 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3108) It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3903) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit() function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0458) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) Update Instructions: Run `sudo pro fix USN-6093-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1062-bluefield - 5.4.0-1062.68 linux-buildinfo-5.4.0-1062-bluefield - 5.4.0-1062.68 linux-modules-5.4.0-1062-bluefield - 5.4.0-1062.68 linux-headers-5.4.0-1062-bluefield - 5.4.0-1062.68 linux-bluefield-tools-5.4.0-1062 - 5.4.0-1062.68 linux-bluefield-headers-5.4.0-1062 - 5.4.0-1062.68 linux-image-5.4.0-1062-bluefield - 5.4.0-1062.68 linux-image-unsigned-5.4.0-1062-bluefield - 5.4.0-1062.68 No subscription required linux-bluefield - 5.4.0.1062.57 linux-image-bluefield - 5.4.0.1062.57 linux-tools-bluefield - 5.4.0.1062.57 linux-headers-bluefield - 5.4.0.1062.57 No subscription required High CVE-2022-3108 CVE-2022-3903 CVE-2022-4129 CVE-2023-0458 CVE-2023-1073 CVE-2023-1074 CVE-2023-1281 CVE-2023-1829 CVE-2023-26545 Ubuntu 20.04 LTS Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6094-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1049-ibm - 5.4.0-1049.54 linux-buildinfo-5.4.0-1049-ibm - 5.4.0-1049.54 linux-ibm-source-5.4.0 - 5.4.0-1049.54 linux-image-5.4.0-1049-ibm - 5.4.0-1049.54 linux-modules-5.4.0-1049-ibm - 5.4.0-1049.54 linux-ibm-tools-common - 5.4.0-1049.54 linux-headers-5.4.0-1049-ibm - 5.4.0-1049.54 linux-ibm-cloud-tools-common - 5.4.0-1049.54 linux-ibm-headers-5.4.0-1049 - 5.4.0-1049.54 linux-image-unsigned-5.4.0-1049-ibm - 5.4.0-1049.54 linux-ibm-tools-5.4.0-1049 - 5.4.0-1049.54 linux-tools-5.4.0-1049-ibm - 5.4.0-1049.54 No subscription required linux-gkeop-source-5.4.0 - 5.4.0-1069.73 linux-gkeop-headers-5.4.0-1069 - 5.4.0-1069.73 linux-cloud-tools-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-buildinfo-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-gkeop-cloud-tools-5.4.0-1069 - 5.4.0-1069.73 linux-gkeop-tools-5.4.0-1069 - 5.4.0-1069.73 linux-image-unsigned-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-headers-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-modules-extra-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-image-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-tools-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-modules-5.4.0-1069-gkeop - 5.4.0-1069.73 No subscription required linux-headers-5.4.0-1091-kvm - 5.4.0-1091.97 linux-kvm-headers-5.4.0-1091 - 5.4.0-1091.97 linux-modules-5.4.0-1091-kvm - 5.4.0-1091.97 linux-buildinfo-5.4.0-1091-kvm - 5.4.0-1091.97 linux-tools-5.4.0-1091-kvm - 5.4.0-1091.97 linux-image-5.4.0-1091-kvm - 5.4.0-1091.97 linux-kvm-tools-5.4.0-1091 - 5.4.0-1091.97 linux-image-unsigned-5.4.0-1091-kvm - 5.4.0-1091.97 No subscription required linux-gke-tools-5.4.0-1099 - 5.4.0-1099.106 linux-modules-extra-5.4.0-1099-gke - 5.4.0-1099.106 linux-image-5.4.0-1099-gke - 5.4.0-1099.106 linux-modules-5.4.0-1099-gke - 5.4.0-1099.106 linux-headers-5.4.0-1099-gke - 5.4.0-1099.106 linux-tools-5.4.0-1099-gke - 5.4.0-1099.106 linux-image-unsigned-5.4.0-1099-gke - 5.4.0-1099.106 linux-gke-headers-5.4.0-1099 - 5.4.0-1099.106 linux-buildinfo-5.4.0-1099-gke - 5.4.0-1099.106 No subscription required linux-aws-tools-5.4.0-1102 - 5.4.0-1102.110 linux-image-unsigned-5.4.0-1102-aws - 5.4.0-1102.110 linux-aws-headers-5.4.0-1102 - 5.4.0-1102.110 linux-cloud-tools-5.4.0-1102-aws - 5.4.0-1102.110 linux-headers-5.4.0-1102-aws - 5.4.0-1102.110 linux-image-5.4.0-1102-aws - 5.4.0-1102.110 linux-modules-5.4.0-1102-aws - 5.4.0-1102.110 linux-aws-cloud-tools-5.4.0-1102 - 5.4.0-1102.110 linux-tools-5.4.0-1102-aws - 5.4.0-1102.110 linux-buildinfo-5.4.0-1102-aws - 5.4.0-1102.110 linux-modules-extra-5.4.0-1102-aws - 5.4.0-1102.110 No subscription required linux-tools-5.4.0-1105-gcp - 5.4.0-1105.114 linux-gcp-headers-5.4.0-1105 - 5.4.0-1105.114 linux-image-unsigned-5.4.0-1105-gcp - 5.4.0-1105.114 linux-image-5.4.0-1105-gcp - 5.4.0-1105.114 linux-headers-5.4.0-1105-gcp - 5.4.0-1105.114 linux-modules-extra-5.4.0-1105-gcp - 5.4.0-1105.114 linux-gcp-tools-5.4.0-1105 - 5.4.0-1105.114 linux-buildinfo-5.4.0-1105-gcp - 5.4.0-1105.114 linux-modules-5.4.0-1105-gcp - 5.4.0-1105.114 No subscription required linux-image-unsigned-5.4.0-1108-azure - 5.4.0-1108.114 linux-cloud-tools-5.4.0-1108-azure - 5.4.0-1108.114 linux-image-5.4.0-1108-azure - 5.4.0-1108.114 linux-azure-tools-5.4.0-1108 - 5.4.0-1108.114 linux-tools-5.4.0-1108-azure - 5.4.0-1108.114 linux-modules-extra-5.4.0-1108-azure - 5.4.0-1108.114 linux-azure-headers-5.4.0-1108 - 5.4.0-1108.114 linux-modules-5.4.0-1108-azure - 5.4.0-1108.114 linux-buildinfo-5.4.0-1108-azure - 5.4.0-1108.114 linux-headers-5.4.0-1108-azure - 5.4.0-1108.114 linux-azure-cloud-tools-5.4.0-1108 - 5.4.0-1108.114 No subscription required linux-tools-common - 5.4.0-149.166 linux-tools-host - 5.4.0-149.166 linux-cloud-tools-5.4.0-149-generic - 5.4.0-149.166 linux-doc - 5.4.0-149.166 linux-buildinfo-5.4.0-149-generic - 5.4.0-149.166 linux-modules-5.4.0-149-lowlatency - 5.4.0-149.166 linux-libc-dev - 5.4.0-149.166 linux-source-5.4.0 - 5.4.0-149.166 linux-headers-5.4.0-149 - 5.4.0-149.166 linux-image-unsigned-5.4.0-149-generic - 5.4.0-149.166 linux-image-5.4.0-149-generic-lpae - 5.4.0-149.166 linux-image-unsigned-5.4.0-149-lowlatency - 5.4.0-149.166 linux-tools-5.4.0-149-generic - 5.4.0-149.166 linux-image-5.4.0-149-generic - 5.4.0-149.166 linux-modules-5.4.0-149-generic-lpae - 5.4.0-149.166 linux-cloud-tools-5.4.0-149 - 5.4.0-149.166 linux-tools-5.4.0-149-lowlatency - 5.4.0-149.166 linux-cloud-tools-5.4.0-149-lowlatency - 5.4.0-149.166 linux-headers-5.4.0-149-generic - 5.4.0-149.166 linux-modules-5.4.0-149-generic - 5.4.0-149.166 linux-tools-5.4.0-149 - 5.4.0-149.166 linux-modules-extra-5.4.0-149-generic - 5.4.0-149.166 linux-cloud-tools-common - 5.4.0-149.166 linux-buildinfo-5.4.0-149-lowlatency - 5.4.0-149.166 linux-tools-5.4.0-149-generic-lpae - 5.4.0-149.166 linux-image-5.4.0-149-lowlatency - 5.4.0-149.166 linux-headers-5.4.0-149-generic-lpae - 5.4.0-149.166 linux-headers-5.4.0-149-lowlatency - 5.4.0-149.166 linux-buildinfo-5.4.0-149-generic-lpae - 5.4.0-149.166 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1049.75 linux-modules-extra-ibm - 5.4.0.1049.75 linux-image-ibm - 5.4.0.1049.75 linux-headers-ibm-lts-20.04 - 5.4.0.1049.75 linux-tools-ibm - 5.4.0.1049.75 linux-image-ibm-lts-20.04 - 5.4.0.1049.75 linux-ibm-lts-20.04 - 5.4.0.1049.75 linux-ibm - 5.4.0.1049.75 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1049.75 linux-headers-ibm - 5.4.0.1049.75 No subscription required linux-image-gkeop-5.4 - 5.4.0.1069.67 linux-headers-gkeop - 5.4.0.1069.67 linux-cloud-tools-gkeop-5.4 - 5.4.0.1069.67 linux-tools-gkeop - 5.4.0.1069.67 linux-modules-extra-gkeop-5.4 - 5.4.0.1069.67 linux-gkeop-5.4 - 5.4.0.1069.67 linux-image-gkeop - 5.4.0.1069.67 linux-gkeop - 5.4.0.1069.67 linux-cloud-tools-gkeop - 5.4.0.1069.67 linux-headers-gkeop-5.4 - 5.4.0.1069.67 linux-modules-extra-gkeop - 5.4.0.1069.67 linux-tools-gkeop-5.4 - 5.4.0.1069.67 No subscription required linux-tools-kvm - 5.4.0.1091.85 linux-kvm - 5.4.0.1091.85 linux-headers-kvm - 5.4.0.1091.85 linux-image-kvm - 5.4.0.1091.85 No subscription required linux-modules-extra-gke - 5.4.0.1099.104 linux-headers-gke-5.4 - 5.4.0.1099.104 linux-tools-gke-5.4 - 5.4.0.1099.104 linux-modules-extra-gke-5.4 - 5.4.0.1099.104 linux-gke-5.4 - 5.4.0.1099.104 linux-tools-gke - 5.4.0.1099.104 linux-gke - 5.4.0.1099.104 linux-headers-gke - 5.4.0.1099.104 linux-image-gke-5.4 - 5.4.0.1099.104 linux-image-gke - 5.4.0.1099.104 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1102.99 linux-image-aws-lts-20.04 - 5.4.0.1102.99 linux-headers-aws-lts-20.04 - 5.4.0.1102.99 linux-tools-aws-lts-20.04 - 5.4.0.1102.99 linux-aws-lts-20.04 - 5.4.0.1102.99 No subscription required linux-gcp-lts-20.04 - 5.4.0.1105.107 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1105.107 linux-headers-gcp-lts-20.04 - 5.4.0.1105.107 linux-image-gcp-lts-20.04 - 5.4.0.1105.107 linux-tools-gcp-lts-20.04 - 5.4.0.1105.107 No subscription required linux-azure-lts-20.04 - 5.4.0.1108.101 linux-image-azure-lts-20.04 - 5.4.0.1108.101 linux-modules-extra-azure-lts-20.04 - 5.4.0.1108.101 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1108.101 linux-tools-azure-lts-20.04 - 5.4.0.1108.101 linux-headers-azure-lts-20.04 - 5.4.0.1108.101 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.149.147 linux-image-generic-lpae-hwe-18.04 - 5.4.0.149.147 linux-cloud-tools-virtual - 5.4.0.149.147 linux-image-generic-hwe-18.04 - 5.4.0.149.147 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.149.147 linux-headers-generic-lpae - 5.4.0.149.147 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.149.147 linux-image-virtual - 5.4.0.149.147 linux-oem-osp1-tools-host - 5.4.0.149.147 linux-image-generic - 5.4.0.149.147 linux-tools-lowlatency - 5.4.0.149.147 linux-tools-virtual-hwe-18.04 - 5.4.0.149.147 linux-oem-osp1 - 5.4.0.149.147 linux-headers-lowlatency-hwe-18.04 - 5.4.0.149.147 linux-lowlatency-hwe-18.04-edge - 5.4.0.149.147 linux-oem - 5.4.0.149.147 linux-image-oem-osp1 - 5.4.0.149.147 linux-crashdump - 5.4.0.149.147 linux-tools-lowlatency-hwe-18.04 - 5.4.0.149.147 linux-headers-generic-hwe-18.04 - 5.4.0.149.147 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.149.147 linux-headers-virtual-hwe-18.04-edge - 5.4.0.149.147 linux-lowlatency - 5.4.0.149.147 linux-source - 5.4.0.149.147 linux-tools-virtual-hwe-18.04-edge - 5.4.0.149.147 linux-tools-generic-lpae - 5.4.0.149.147 linux-cloud-tools-generic - 5.4.0.149.147 linux-virtual - 5.4.0.149.147 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.149.147 linux-virtual-hwe-18.04 - 5.4.0.149.147 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.149.147 linux-headers-virtual - 5.4.0.149.147 linux-tools-virtual - 5.4.0.149.147 linux-generic-lpae-hwe-18.04-edge - 5.4.0.149.147 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.149.147 linux-generic-lpae - 5.4.0.149.147 linux-headers-oem - 5.4.0.149.147 linux-image-extra-virtual-hwe-18.04 - 5.4.0.149.147 linux-generic - 5.4.0.149.147 linux-tools-oem-osp1 - 5.4.0.149.147 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.149.147 linux-tools-generic-hwe-18.04-edge - 5.4.0.149.147 linux-headers-virtual-hwe-18.04 - 5.4.0.149.147 linux-image-virtual-hwe-18.04 - 5.4.0.149.147 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.149.147 linux-headers-lowlatency - 5.4.0.149.147 linux-image-generic-hwe-18.04-edge - 5.4.0.149.147 linux-generic-hwe-18.04-edge - 5.4.0.149.147 linux-tools-generic-hwe-18.04 - 5.4.0.149.147 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.149.147 linux-image-extra-virtual - 5.4.0.149.147 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.149.147 linux-tools-generic - 5.4.0.149.147 linux-cloud-tools-lowlatency - 5.4.0.149.147 linux-tools-oem - 5.4.0.149.147 linux-headers-oem-osp1 - 5.4.0.149.147 linux-generic-lpae-hwe-18.04 - 5.4.0.149.147 linux-headers-generic-hwe-18.04-edge - 5.4.0.149.147 linux-headers-generic - 5.4.0.149.147 linux-image-generic-lpae - 5.4.0.149.147 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.149.147 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.149.147 linux-image-lowlatency-hwe-18.04 - 5.4.0.149.147 linux-virtual-hwe-18.04-edge - 5.4.0.149.147 linux-image-oem - 5.4.0.149.147 linux-lowlatency-hwe-18.04 - 5.4.0.149.147 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.149.147 linux-image-virtual-hwe-18.04-edge - 5.4.0.149.147 linux-generic-hwe-18.04 - 5.4.0.149.147 linux-image-lowlatency - 5.4.0.149.147 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.149.147 linux-oem-tools-host - 5.4.0.149.147 No subscription required Medium CVE-2022-3707 CVE-2023-0459 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1513 CVE-2023-2162 CVE-2023-32269 Ubuntu 20.04 LTS It was discovered that Linux PTP did not properly perform a length check when forwarding a PTP message between ports. A remote attacker could possibly use this issue to access sensitive information, execute arbitrary code, or cause a denial of service. Update Instructions: Run `sudo pro fix USN-6097-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linuxptp - 1.9.2-1ubuntu0.1 No subscription required Medium CVE-2021-3570 Ubuntu 20.04 LTS It was discovered that Jhead did not properly handle certain crafted images while processing the JFIF markers. An attacker could cause Jhead to crash. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. (CVE-2019-19035) It was discovered that Jhead did not properly handle certain crafted images while processing longitude tags. An attacker could cause Jhead to crash. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-1010301) It was discovered that Jhead did not properly handle certain crafted images while processing IPTC data. An attacker could cause Jhead to crash. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-1010302) Binbin Li discovered that Jhead did not properly handle certain crafted images while processing the DQT data. An attacker could cause Jhead to crash. (CVE-2020-6624) Binbin Li discovered that Jhead did not properly handle certain crafted images while processing longitude data. An attacker could cause Jhead to crash. (CVE-2020-6625) Feng Zhao Yang discovered that Jhead did not properly handle certain crafted images while reading JPEG sections. An attacker could cause Jhead to crash. (CVE-2020-26208) It was discovered that Jhead did not properly handle certain crafted images while processing Canon images. An attacker could cause Jhead to crash. (CVE-2021-28276) It was discovered that Jhead did not properly handle certain crafted images when removing a certain type of sections. An attacker could cause Jhead to crash. (CVE-2021-28278) Update Instructions: Run `sudo pro fix USN-6098-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: jhead - 1:3.04-1ubuntu0.1 No subscription required Medium CVE-2019-1010301 CVE-2019-1010302 CVE-2019-19035 CVE-2020-26208 CVE-2020-6624 CVE-2020-6625 CVE-2021-28276 CVE-2021-28278 Ubuntu 20.04 LTS It was discovered that ncurses was incorrectly performing bounds checks when processing invalid hashcodes. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-17594) It was discovered that ncurses was incorrectly handling end-of-string characters when processing terminfo and termcap files. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-17595) It was discovered that ncurses was incorrectly handling end-of-string characters when converting between termcap and terminfo formats. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-39537) It was discovered that ncurses was incorrectly performing bounds checks when dealing with corrupt terminfo data while reading a terminfo file. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-29458) It was discovered that ncurses was parsing environment variables when running with setuid applications and not properly handling the processing of malformed data when doing so. A local attacker could possibly use this issue to cause a denial of service (application crash) or execute arbitrary code. (CVE-2023-29491) Update Instructions: Run `sudo pro fix USN-6099-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ncurses-examples - 6.2-0ubuntu2.1 lib32ncurses-dev - 6.2-0ubuntu2.1 lib32ncursesw6 - 6.2-0ubuntu2.1 libtinfo-dev - 6.2-0ubuntu2.1 libncursesw5 - 6.2-0ubuntu2.1 libtinfo5 - 6.2-0ubuntu2.1 libtinfo6 - 6.2-0ubuntu2.1 lib32tinfo6 - 6.2-0ubuntu2.1 lib32ncurses6 - 6.2-0ubuntu2.1 ncurses-bin - 6.2-0ubuntu2.1 lib64tinfo6 - 6.2-0ubuntu2.1 lib64ncurses-dev - 6.2-0ubuntu2.1 lib64ncurses6 - 6.2-0ubuntu2.1 libncurses5-dev - 6.2-0ubuntu2.1 libncurses-dev - 6.2-0ubuntu2.1 libncurses6 - 6.2-0ubuntu2.1 libncurses5 - 6.2-0ubuntu2.1 ncurses-base - 6.2-0ubuntu2.1 ncurses-doc - 6.2-0ubuntu2.1 ncurses-term - 6.2-0ubuntu2.1 libncursesw6 - 6.2-0ubuntu2.1 libncursesw5-dev - 6.2-0ubuntu2.1 lib64ncursesw6 - 6.2-0ubuntu2.1 No subscription required Medium CVE-2019-17594 CVE-2019-17595 CVE-2021-39537 CVE-2022-29458 CVE-2023-29491 Ubuntu 20.04 LTS It was discovered that HTML::StripScripts does not properly parse HTML content with certain style attributes. A remote attacker could use this issue to cause a regular expression denial of service (ReDoS). Update Instructions: Run `sudo pro fix USN-6100-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhtml-stripscripts-perl - 1.06-1ubuntu0.20.04.1 No subscription required Medium CVE-2023-24038 Ubuntu 20.04 LTS It was discovered that GNU binutils incorrectly handled certain DWARF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.10. (CVE-2023-1579) It was discovered that GNU binutils did not properly verify the version definitions in zer0-lengthverdef table. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10 and Ubuntu 23.04. (CVE-2023-1972) It was discovered that GNU binutils did not properly validate the size of length parameter in vms-alpha. An attacker could possibly use this issue to cause a crash or access sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-25584) It was discovered that GNU binutils did not properly initialized the file_table field of struct module and the_bfd field of asymbol. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-25585, CVE-2023-25588) Update Instructions: Run `sudo pro fix USN-6101-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils-dev - 2.34-6ubuntu1.5 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.5 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.5 binutils-ia64-linux-gnu - 2.34-6ubuntu1.5 binutils-multiarch - 2.34-6ubuntu1.5 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.5 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.5 binutils-m68k-linux-gnu - 2.34-6ubuntu1.5 binutils-for-build - 2.34-6ubuntu1.5 binutils-s390x-linux-gnu - 2.34-6ubuntu1.5 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.5 binutils-multiarch-dev - 2.34-6ubuntu1.5 binutils-i686-gnu - 2.34-6ubuntu1.5 libctf-nobfd0 - 2.34-6ubuntu1.5 binutils-for-host - 2.34-6ubuntu1.5 binutils-doc - 2.34-6ubuntu1.5 binutils-sh4-linux-gnu - 2.34-6ubuntu1.5 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.5 libctf0 - 2.34-6ubuntu1.5 binutils-source - 2.34-6ubuntu1.5 binutils-i686-linux-gnu - 2.34-6ubuntu1.5 binutils-common - 2.34-6ubuntu1.5 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.5 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.5 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.5 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.5 binutils-hppa-linux-gnu - 2.34-6ubuntu1.5 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.5 libbinutils - 2.34-6ubuntu1.5 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.5 binutils-alpha-linux-gnu - 2.34-6ubuntu1.5 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.5 binutils - 2.34-6ubuntu1.5 No subscription required Medium CVE-2023-1579 CVE-2023-1972 CVE-2023-25584 CVE-2023-25585 CVE-2023-25588 Ubuntu 20.04 LTS It was discovered that xmldom incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause unexpected syntactic changes during XML processing. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-21366) It was discovered that xmldom incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-37616, CVE-2022-39353) Update Instructions: Run `sudo pro fix USN-6102-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-xmldom - 0.1.27+ds-1+deb10u2build0.20.04.1 No subscription required Medium CVE-2021-21366 CVE-2022-37616 CVE-2022-39353 Ubuntu 20.04 LTS It was discovered that JSON Schema incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to exploit JavaScript runtimes and cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6103-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-json-schema - 0.2.3-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2021-3918 Ubuntu 20.04 LTS Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute arbitrary code as the bootstrap supervisor. (CVE-2023-2454) Wolfgang Walther discovered that PostgreSQL incorrectly handled certain row security policies. An authenticated user could possibly use this issue to complete otherwise forbidden reads and modifications. (CVE-2023-2455) Update Instructions: Run `sudo pro fix USN-6104-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.15-0ubuntu0.20.04.1 libecpg6 - 12.15-0ubuntu0.20.04.1 libpq-dev - 12.15-0ubuntu0.20.04.1 libpgtypes3 - 12.15-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.15-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.15-0ubuntu0.20.04.1 libecpg-dev - 12.15-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.15-0ubuntu0.20.04.1 libpq5 - 12.15-0ubuntu0.20.04.1 postgresql-doc-12 - 12.15-0ubuntu0.20.04.1 postgresql-12 - 12.15-0ubuntu0.20.04.1 postgresql-client-12 - 12.15-0ubuntu0.20.04.1 libecpg-compat3 - 12.15-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-2454 CVE-2023-2455 Ubuntu 20.04 LTS The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.60 version of the Mozilla certificate authority bundle. Update Instructions: Run `sudo pro fix USN-6105-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates - 20230311ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2020089 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1872) Update Instructions: Run `sudo pro fix USN-6107-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-buildinfo-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-gcp-5.15-headers-5.15.0-1033 - 5.15.0-1033.41~20.04.1 linux-modules-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-tools-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-modules-iwlwifi-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-headers-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-gcp-5.15-tools-5.15.0-1033 - 5.15.0-1033.41~20.04.1 linux-image-unsigned-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-image-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 No subscription required linux-tools-gcp - 5.15.0.1033.41~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1033.41~20.04.1 linux-image-gcp - 5.15.0.1033.41~20.04.1 linux-modules-extra-gcp - 5.15.0.1033.41~20.04.1 linux-tools-gcp-edge - 5.15.0.1033.41~20.04.1 linux-gcp-edge - 5.15.0.1033.41~20.04.1 linux-headers-gcp-edge - 5.15.0.1033.41~20.04.1 linux-gcp - 5.15.0.1033.41~20.04.1 linux-headers-gcp - 5.15.0.1033.41~20.04.1 linux-image-gcp-edge - 5.15.0.1033.41~20.04.1 No subscription required High CVE-2023-1829 CVE-2023-1872 Ubuntu 20.04 LTS It was discovered that Jhead did not properly handle certain crafted images while rotating them. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. (CVE-2021-34055) Kyle Brown discovered that Jhead did not properly handle certain crafted images while regenerating the Exif thumbnail. An attacker could possibly use this issue to execute arbitrary commands. (CVE-2022-41751) Update Instructions: Run `sudo pro fix USN-6108-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: jhead - 1:3.04-1ubuntu0.2 No subscription required Medium CVE-2021-34055 CVE-2022-41751 Ubuntu 20.04 LTS Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6109-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-raspi-tools-5.4.0-1085 - 5.4.0-1085.96 linux-raspi-headers-5.4.0-1085 - 5.4.0-1085.96 linux-modules-5.4.0-1085-raspi - 5.4.0-1085.96 linux-headers-5.4.0-1085-raspi - 5.4.0-1085.96 linux-buildinfo-5.4.0-1085-raspi - 5.4.0-1085.96 linux-image-5.4.0-1085-raspi - 5.4.0-1085.96 linux-tools-5.4.0-1085-raspi - 5.4.0-1085.96 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1085.115 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1085.115 linux-raspi-hwe-18.04-edge - 5.4.0.1085.115 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1085.115 linux-raspi-hwe-18.04 - 5.4.0.1085.115 linux-tools-raspi - 5.4.0.1085.115 linux-image-raspi - 5.4.0.1085.115 linux-tools-raspi2-hwe-18.04 - 5.4.0.1085.115 linux-raspi2-hwe-18.04 - 5.4.0.1085.115 linux-raspi2 - 5.4.0.1085.115 linux-headers-raspi2 - 5.4.0.1085.115 linux-tools-raspi2 - 5.4.0.1085.115 linux-headers-raspi2-hwe-18.04 - 5.4.0.1085.115 linux-image-raspi2 - 5.4.0.1085.115 linux-image-raspi-hwe-18.04-edge - 5.4.0.1085.115 linux-tools-raspi-hwe-18.04 - 5.4.0.1085.115 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1085.115 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1085.115 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1085.115 linux-raspi - 5.4.0.1085.115 linux-headers-raspi - 5.4.0.1085.115 linux-headers-raspi-hwe-18.04 - 5.4.0.1085.115 linux-image-raspi-hwe-18.04 - 5.4.0.1085.115 linux-image-raspi2-hwe-18.04 - 5.4.0.1085.115 No subscription required Medium CVE-2022-3707 CVE-2023-0459 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1513 CVE-2023-2162 CVE-2023-32269 Ubuntu 20.04 LTS It was discovered that Jhead did not properly handle certain crafted Canon images when processing them. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-3496) It was discovered that Jhead did not properly handle certain crafted images when printing Canon-specific information. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. This issue only affected Ubuntu 20.04. (CVE-2021-28275) It was discovered that Jhead did not properly handle certain crafted images when removing unknown sections. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-28277) Kyle Brown discovered that Jhead did not properly handle certain crafted images when editing their comments. An attacker could possibly use this to crash Jhead, resulting in a denial of service. (LP: #2020068) Update Instructions: Run `sudo pro fix USN-6110-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: jhead - 1:3.04-1ubuntu0.2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-28275 CVE-2021-28277 CVE-2021-3496 https://launchpad.net/bugs/2020068 Ubuntu 20.04 LTS It was discovered that Flask incorrectly handled certain data responses. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6111-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-flask-doc - 1.1.1-2ubuntu0.1 python3-flask - 1.1.1-2ubuntu0.1 No subscription required Medium CVE-2023-30861 Ubuntu 20.04 LTS USN-6112-1 fixed vulnerabilities in Perl. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. Original advisory details: It was discovered that Perl was not properly verifying TLS certificates when using CPAN together with HTTP::Tiny to download modules over HTTPS. If a remote attacker were able to intercept communications, this flaw could potentially be used to install altered modules. Update Instructions: Run `sudo pro fix USN-6112-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: perl-modules-5.30 - 5.30.0-9ubuntu0.4 libperl-dev - 5.30.0-9ubuntu0.4 perl-doc - 5.30.0-9ubuntu0.4 perl - 5.30.0-9ubuntu0.4 perl-base - 5.30.0-9ubuntu0.4 libperl5.30 - 5.30.0-9ubuntu0.4 perl-debug - 5.30.0-9ubuntu0.4 No subscription required Medium CVE-2023-31484 Ubuntu 20.04 LTS Yeting Li discovered that nth-check incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6114-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-nth-check - 1.0.1-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2021-3803 Ubuntu 20.04 LTS Max Chernoff discovered that LuaTeX (TeX Live) did not properly disable shell escape. An attacker could possibly use this issue to execute arbitrary shell commands. Update Instructions: Run `sudo pro fix USN-6115-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libptexenc-dev - 2019.20190605.51237-3ubuntu0.1 libkpathsea-dev - 2019.20190605.51237-3ubuntu0.1 texlive-binaries - 2019.20190605.51237-3ubuntu0.1 libsynctex2 - 2019.20190605.51237-3ubuntu0.1 libtexlua53-dev - 2019.20190605.51237-3ubuntu0.1 libtexluajit2 - 2019.20190605.51237-3ubuntu0.1 libtexluajit-dev - 2019.20190605.51237-3ubuntu0.1 libptexenc1 - 2019.20190605.51237-3ubuntu0.1 libtexlua53 - 2019.20190605.51237-3ubuntu0.1 libsynctex-dev - 2019.20190605.51237-3ubuntu0.1 libkpathsea6 - 2019.20190605.51237-3ubuntu0.1 No subscription required Medium CVE-2023-32700 Ubuntu 20.04 LTS It was discovered that hawk incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6116-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-hawk - 7.1.2+dfsg-1ubuntu0.1 No subscription required Medium CVE-2022-29167 Ubuntu 20.04 LTS It was discovered that Apache Batik incorrectly handled certain inputs. An attacker could possibly use this to perform a cross site request forgery attack. (CVE-2019-17566, CVE-2020-11987, CVE-2022-38398, CVE-2022-38648) It was discovered that Apache Batik incorrectly handled Jar URLs in some situations. A remote attacker could use this issue to access files on the server. (CVE-2022-40146) It was discovered that Apache Batik allowed running untrusted Java code from an SVG. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-41704, CVE-2022-42890) Update Instructions: Run `sudo pro fix USN-6117-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbatik-java - 1.12-1ubuntu0.1 No subscription required Medium CVE-2019-17566 CVE-2020-11987 CVE-2022-38398 CVE-2022-38648 CVE-2022-40146 CVE-2022-41704 CVE-2022-42890 Ubuntu 20.04 LTS Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6118-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1101-oracle - 5.4.0-1101.110 linux-tools-5.4.0-1101-oracle - 5.4.0-1101.110 linux-image-unsigned-5.4.0-1101-oracle - 5.4.0-1101.110 linux-oracle-tools-5.4.0-1101 - 5.4.0-1101.110 linux-modules-5.4.0-1101-oracle - 5.4.0-1101.110 linux-oracle-headers-5.4.0-1101 - 5.4.0-1101.110 linux-modules-extra-5.4.0-1101-oracle - 5.4.0-1101.110 linux-buildinfo-5.4.0-1101-oracle - 5.4.0-1101.110 linux-headers-5.4.0-1101-oracle - 5.4.0-1101.110 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1101.94 linux-image-oracle-lts-20.04 - 5.4.0.1101.94 linux-headers-oracle-lts-20.04 - 5.4.0.1101.94 linux-oracle-lts-20.04 - 5.4.0.1101.94 No subscription required Medium CVE-2022-3707 CVE-2023-0459 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1513 CVE-2023-2162 CVE-2023-32269 Ubuntu 20.04 LTS Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. (CVE-2023-2650) Anton Romanov discovered that OpenSSL incorrectly handled AES-XTS cipher decryption on 64-bit ARM platforms. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-1255) Update Instructions: Run `sudo pro fix USN-6119-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.19 libssl-dev - 1.1.1f-1ubuntu2.19 openssl - 1.1.1f-1ubuntu2.19 libssl-doc - 1.1.1f-1ubuntu2.19 No subscription required Medium CVE-2023-1255 CVE-2023-2650 Ubuntu 20.04 LTS It was discovered that Nanopb incorrectly handled certain decode messages. An attacker could possibly use this cause a denial of service or expose sensitive information. (CVE-2020-26243) It was discovered that Nanopb incorrectly handled certain decode messages. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-21401) Update Instructions: Run `sudo pro fix USN-6121-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnanopb-dev - 0.4.1-1ubuntu0.1~esm1 nanopb - 0.4.1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-26243 CVE-2021-21401 Ubuntu 20.04 LTS It was discovered that the snap sandbox did not restrict the use of the ioctl system call with a TIOCLINUX request. This could be exploited by a malicious snap to inject commands into the controlling terminal which would then be executed outside of the snap sandbox once the snap had exited. This could allow an attacker to execute arbitrary commands outside of the confined snap sandbox. Note: graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console. Update Instructions: Run `sudo pro fix USN-6125-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.58+20.04.1 ubuntu-core-launcher - 2.58+20.04.1 snap-confine - 2.58+20.04.1 ubuntu-snappy-cli - 2.58+20.04.1 golang-github-snapcore-snapd-dev - 2.58+20.04.1 snapd-xdg-open - 2.58+20.04.1 snapd - 2.58+20.04.1 golang-github-ubuntu-core-snappy-dev - 2.58+20.04.1 ubuntu-snappy - 2.58+20.04.1 No subscription required Medium CVE-2023-1523 Ubuntu 20.04 LTS Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Update Instructions: Run `sudo pro fix USN-6127-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-image-unsigned-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-gke-5.15-headers-5.15.0-1034 - 5.15.0-1034.39~20.04.1 linux-tools-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-modules-iwlwifi-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-gke-5.15-tools-5.15.0-1034 - 5.15.0-1034.39~20.04.1 linux-buildinfo-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-headers-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-modules-extra-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-modules-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 No subscription required linux-headers-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-image-unsigned-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-modules-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-modules-extra-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-tools-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-modules-iwlwifi-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-buildinfo-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-gcp-5.15-tools-5.15.0-1035 - 5.15.0-1035.43~20.04.1 linux-gcp-5.15-headers-5.15.0-1035 - 5.15.0-1035.43~20.04.1 linux-image-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 No subscription required linux-modules-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 linux-buildinfo-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 linux-oracle-5.15-headers-5.15.0-1036 - 5.15.0-1036.42~20.04.1 linux-oracle-5.15-tools-5.15.0-1036 - 5.15.0-1036.42~20.04.1 linux-tools-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 linux-modules-extra-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 linux-image-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 linux-image-unsigned-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 linux-headers-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 No subscription required linux-modules-extra-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-aws-5.15-headers-5.15.0-1037 - 5.15.0-1037.41~20.04.1 linux-image-unsigned-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-tools-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1037 - 5.15.0-1037.41~20.04.1 linux-modules-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-image-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-buildinfo-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-aws-5.15-tools-5.15.0-1037 - 5.15.0-1037.41~20.04.1 linux-headers-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-cloud-tools-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1039 - 5.15.0-1039.46~20.04.1 linux-image-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-headers-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-modules-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-image-unsigned-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-modules-extra-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-azure-5.15-headers-5.15.0-1039 - 5.15.0-1039.46~20.04.1 linux-cloud-tools-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1039 - 5.15.0-1039.46~20.04.1 linux-tools-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-buildinfo-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 No subscription required linux-buildinfo-5.15.0-73-lowlatency-64k - 5.15.0-73.80~20.04.1 linux-image-unsigned-5.15.0-73-generic-64k - 5.15.0-73.80~20.04.1 linux-hwe-5.15-headers-5.15.0-73 - 5.15.0-73.80~20.04.1 linux-image-unsigned-5.15.0-73-lowlatency-64k - 5.15.0-73.80~20.04.1 linux-cloud-tools-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-image-unsigned-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-tools-5.15.0-73-generic-lpae - 5.15.0-73.80~20.04.1 linux-modules-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-modules-5.15.0-73-lowlatency-64k - 5.15.0-73.80~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-73.80~20.04.1 linux-tools-5.15.0-73-lowlatency-64k - 5.15.0-73.80~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-73.80~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-73 - 5.15.0-73.80~20.04.1 linux-tools-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-73.80~20.04.1 linux-image-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-image-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-cloud-tools-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-modules-5.15.0-73-generic-64k - 5.15.0-73.80~20.04.1 linux-image-unsigned-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-modules-extra-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-headers-5.15.0-73-generic-lpae - 5.15.0-73.80~20.04.1 linux-buildinfo-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-73 - 5.15.0-73.80~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-73 - 5.15.0-73.80~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-73.80~20.04.1 linux-buildinfo-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-tools-5.15.0-73-generic-64k - 5.15.0-73.80~20.04.1 linux-image-5.15.0-73-generic-lpae - 5.15.0-73.80~20.04.1 linux-image-5.15.0-73-generic-64k - 5.15.0-73.80~20.04.1 linux-modules-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-73.80~20.04.1 linux-image-5.15.0-73-lowlatency-64k - 5.15.0-73.80~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-73 - 5.15.0-73.80~20.04.1 linux-headers-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-modules-iwlwifi-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-buildinfo-5.15.0-73-generic-lpae - 5.15.0-73.80~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-73.80~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-73.80~20.04.1 linux-headers-5.15.0-73-lowlatency-64k - 5.15.0-73.80~20.04.1 linux-buildinfo-5.15.0-73-generic-64k - 5.15.0-73.80~20.04.1 linux-tools-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-modules-iwlwifi-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-modules-5.15.0-73-generic-lpae - 5.15.0-73.80~20.04.1 linux-headers-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-hwe-5.15-tools-5.15.0-73 - 5.15.0-73.80~20.04.1 linux-headers-5.15.0-73-generic-64k - 5.15.0-73.80~20.04.1 No subscription required linux-tools-gke-5.15 - 5.15.0.1034.39~20.04.1 linux-headers-gke-edge - 5.15.0.1034.39~20.04.1 linux-gke-5.15 - 5.15.0.1034.39~20.04.1 linux-image-gke-5.15 - 5.15.0.1034.39~20.04.1 linux-tools-gke-edge - 5.15.0.1034.39~20.04.1 linux-image-gke-edge - 5.15.0.1034.39~20.04.1 linux-gke-edge - 5.15.0.1034.39~20.04.1 linux-headers-gke-5.15 - 5.15.0.1034.39~20.04.1 No subscription required linux-modules-extra-gcp-edge - 5.15.0.1035.43~20.04.1 linux-image-gcp-edge - 5.15.0.1035.43~20.04.1 linux-headers-gcp-edge - 5.15.0.1035.43~20.04.1 linux-tools-gcp - 5.15.0.1035.43~20.04.1 linux-tools-gcp-edge - 5.15.0.1035.43~20.04.1 linux-headers-gcp - 5.15.0.1035.43~20.04.1 linux-gcp - 5.15.0.1035.43~20.04.1 linux-image-gcp - 5.15.0.1035.43~20.04.1 linux-modules-extra-gcp - 5.15.0.1035.43~20.04.1 linux-gcp-edge - 5.15.0.1035.43~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1036.42~20.04.1 linux-tools-oracle - 5.15.0.1036.42~20.04.1 linux-tools-oracle-edge - 5.15.0.1036.42~20.04.1 linux-oracle-edge - 5.15.0.1036.42~20.04.1 linux-image-oracle-edge - 5.15.0.1036.42~20.04.1 linux-oracle - 5.15.0.1036.42~20.04.1 linux-headers-oracle-edge - 5.15.0.1036.42~20.04.1 linux-image-oracle - 5.15.0.1036.42~20.04.1 No subscription required linux-headers-aws - 5.15.0.1037.41~20.04.26 linux-image-aws - 5.15.0.1037.41~20.04.26 linux-modules-extra-aws-edge - 5.15.0.1037.41~20.04.26 linux-image-aws-edge - 5.15.0.1037.41~20.04.26 linux-aws-edge - 5.15.0.1037.41~20.04.26 linux-aws - 5.15.0.1037.41~20.04.26 linux-headers-aws-edge - 5.15.0.1037.41~20.04.26 linux-tools-aws - 5.15.0.1037.41~20.04.26 linux-modules-extra-aws - 5.15.0.1037.41~20.04.26 linux-tools-aws-edge - 5.15.0.1037.41~20.04.26 No subscription required linux-tools-azure-edge - 5.15.0.1039.46~20.04.29 linux-cloud-tools-azure - 5.15.0.1039.46~20.04.29 linux-tools-azure - 5.15.0.1039.46~20.04.29 linux-image-azure-edge - 5.15.0.1039.46~20.04.29 linux-image-azure-cvm - 5.15.0.1039.46~20.04.29 linux-modules-extra-azure-cvm - 5.15.0.1039.46~20.04.29 linux-tools-azure-cvm - 5.15.0.1039.46~20.04.29 linux-cloud-tools-azure-edge - 5.15.0.1039.46~20.04.29 linux-modules-extra-azure - 5.15.0.1039.46~20.04.29 linux-azure - 5.15.0.1039.46~20.04.29 linux-image-azure - 5.15.0.1039.46~20.04.29 linux-headers-azure-cvm - 5.15.0.1039.46~20.04.29 linux-cloud-tools-azure-cvm - 5.15.0.1039.46~20.04.29 linux-headers-azure-edge - 5.15.0.1039.46~20.04.29 linux-azure-edge - 5.15.0.1039.46~20.04.29 linux-azure-cvm - 5.15.0.1039.46~20.04.29 linux-modules-extra-azure-edge - 5.15.0.1039.46~20.04.29 linux-headers-azure - 5.15.0.1039.46~20.04.29 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-headers-lowlatency-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-image-lowlatency-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-lowlatency-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-lowlatency-64k-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-tools-lowlatency-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-lowlatency-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.73.80~20.04.31 No subscription required linux-headers-oem-20.04 - 5.15.0.73.80~20.04.34 linux-tools-oem-20.04d - 5.15.0.73.80~20.04.34 linux-tools-oem-20.04b - 5.15.0.73.80~20.04.34 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-image-virtual-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-modules-iwlwifi-oem-20.04d - 5.15.0.73.80~20.04.34 linux-headers-virtual-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-headers-generic-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-image-virtual-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-tools-generic-64k-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-image-extra-virtual-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-virtual-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-tools-oem-20.04 - 5.15.0.73.80~20.04.34 linux-tools-oem-20.04c - 5.15.0.73.80~20.04.34 linux-image-generic-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-headers-generic-64k-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-generic-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-generic-lpae-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-tools-virtual-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-virtual-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-tools-generic-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-generic-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-image-oem-20.04c - 5.15.0.73.80~20.04.34 linux-image-oem-20.04b - 5.15.0.73.80~20.04.34 linux-image-oem-20.04d - 5.15.0.73.80~20.04.34 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-oem-20.04 - 5.15.0.73.80~20.04.34 linux-image-oem-20.04 - 5.15.0.73.80~20.04.34 linux-generic-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-oem-20.04c - 5.15.0.73.80~20.04.34 linux-oem-20.04b - 5.15.0.73.80~20.04.34 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-oem-20.04d - 5.15.0.73.80~20.04.34 linux-generic-lpae-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-modules-iwlwifi-oem-20.04 - 5.15.0.73.80~20.04.34 linux-tools-generic-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-headers-generic-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-image-generic-64k-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-image-generic-lpae-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-tools-virtual-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-image-generic-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-generic-64k-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-headers-oem-20.04b - 5.15.0.73.80~20.04.34 linux-headers-oem-20.04c - 5.15.0.73.80~20.04.34 linux-headers-virtual-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-headers-oem-20.04d - 5.15.0.73.80~20.04.34 No subscription required High CVE-2023-1380 CVE-2023-2612 CVE-2023-30456 CVE-2023-31436 CVE-2023-32233 Ubuntu 20.04 LTS It was discovered that CUPS incorrectly handled logging. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6128-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcups2-dev - 2.3.1-9ubuntu1.3 cups-bsd - 2.3.1-9ubuntu1.3 cups-common - 2.3.1-9ubuntu1.3 cups-core-drivers - 2.3.1-9ubuntu1.3 cups-server-common - 2.3.1-9ubuntu1.3 libcupsimage2 - 2.3.1-9ubuntu1.3 cups-client - 2.3.1-9ubuntu1.3 cups-ipp-utils - 2.3.1-9ubuntu1.3 libcups2 - 2.3.1-9ubuntu1.3 cups-ppdc - 2.3.1-9ubuntu1.3 cups - 2.3.1-9ubuntu1.3 libcupsimage2-dev - 2.3.1-9ubuntu1.3 cups-daemon - 2.3.1-9ubuntu1.3 No subscription required Medium CVE-2023-32324 Ubuntu 20.04 LTS It was discovered that Avahi incorrectly handled certain DBus messages. A local attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6129-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavahi-compat-libdnssd-dev - 0.7-4ubuntu7.2 libavahi-ui-gtk3-0 - 0.7-4ubuntu7.2 libavahi-core7 - 0.7-4ubuntu7.2 libavahi-client3 - 0.7-4ubuntu7.2 libavahi-core-dev - 0.7-4ubuntu7.2 libavahi-client-dev - 0.7-4ubuntu7.2 avahi-ui-utils - 0.7-4ubuntu7.2 libavahi-gobject-dev - 0.7-4ubuntu7.2 avahi-dnsconfd - 0.7-4ubuntu7.2 libavahi-compat-libdnssd1 - 0.7-4ubuntu7.2 libavahi-common3 - 0.7-4ubuntu7.2 avahi-daemon - 0.7-4ubuntu7.2 avahi-discover - 0.7-4ubuntu7.2 libavahi-common-dev - 0.7-4ubuntu7.2 libavahi-common-data - 0.7-4ubuntu7.2 avahi-utils - 0.7-4ubuntu7.2 libavahi-ui-gtk3-dev - 0.7-4ubuntu7.2 libavahi-glib-dev - 0.7-4ubuntu7.2 libavahi-gobject0 - 0.7-4ubuntu7.2 gir1.2-avahi-0.6 - 0.7-4ubuntu7.2 avahi-autoipd - 0.7-4ubuntu7.2 python-avahi - 0.7-4ubuntu7.2 libavahi-glib1 - 0.7-4ubuntu7.2 No subscription required Medium CVE-2023-1981 Ubuntu 20.04 LTS Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Update Instructions: Run `sudo pro fix USN-6131-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1050-ibm - 5.4.0-1050.55 linux-image-5.4.0-1050-ibm - 5.4.0-1050.55 linux-ibm-headers-5.4.0-1050 - 5.4.0-1050.55 linux-modules-extra-5.4.0-1050-ibm - 5.4.0-1050.55 linux-buildinfo-5.4.0-1050-ibm - 5.4.0-1050.55 linux-tools-5.4.0-1050-ibm - 5.4.0-1050.55 linux-ibm-source-5.4.0 - 5.4.0-1050.55 linux-ibm-cloud-tools-common - 5.4.0-1050.55 linux-ibm-tools-common - 5.4.0-1050.55 linux-ibm-tools-5.4.0-1050 - 5.4.0-1050.55 linux-modules-5.4.0-1050-ibm - 5.4.0-1050.55 linux-image-unsigned-5.4.0-1050-ibm - 5.4.0-1050.55 No subscription required linux-tools-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-cloud-tools-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-gkeop-source-5.4.0 - 5.4.0-1070.74 linux-gkeop-cloud-tools-5.4.0-1070 - 5.4.0-1070.74 linux-gkeop-tools-5.4.0-1070 - 5.4.0-1070.74 linux-image-unsigned-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-headers-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-gkeop-headers-5.4.0-1070 - 5.4.0-1070.74 linux-buildinfo-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-modules-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-image-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-modules-extra-5.4.0-1070-gkeop - 5.4.0-1070.74 No subscription required linux-modules-5.4.0-1092-kvm - 5.4.0-1092.98 linux-buildinfo-5.4.0-1092-kvm - 5.4.0-1092.98 linux-kvm-tools-5.4.0-1092 - 5.4.0-1092.98 linux-image-unsigned-5.4.0-1092-kvm - 5.4.0-1092.98 linux-kvm-headers-5.4.0-1092 - 5.4.0-1092.98 linux-headers-5.4.0-1092-kvm - 5.4.0-1092.98 linux-tools-5.4.0-1092-kvm - 5.4.0-1092.98 linux-image-5.4.0-1092-kvm - 5.4.0-1092.98 No subscription required linux-gke-tools-5.4.0-1100 - 5.4.0-1100.107 linux-gke-headers-5.4.0-1100 - 5.4.0-1100.107 linux-modules-extra-5.4.0-1100-gke - 5.4.0-1100.107 linux-tools-5.4.0-1100-gke - 5.4.0-1100.107 linux-modules-5.4.0-1100-gke - 5.4.0-1100.107 linux-headers-5.4.0-1100-gke - 5.4.0-1100.107 linux-buildinfo-5.4.0-1100-gke - 5.4.0-1100.107 linux-image-unsigned-5.4.0-1100-gke - 5.4.0-1100.107 linux-image-5.4.0-1100-gke - 5.4.0-1100.107 No subscription required linux-modules-extra-5.4.0-1102-oracle - 5.4.0-1102.111 linux-image-5.4.0-1102-oracle - 5.4.0-1102.111 linux-oracle-headers-5.4.0-1102 - 5.4.0-1102.111 linux-oracle-tools-5.4.0-1102 - 5.4.0-1102.111 linux-modules-5.4.0-1102-oracle - 5.4.0-1102.111 linux-headers-5.4.0-1102-oracle - 5.4.0-1102.111 linux-tools-5.4.0-1102-oracle - 5.4.0-1102.111 linux-buildinfo-5.4.0-1102-oracle - 5.4.0-1102.111 linux-image-unsigned-5.4.0-1102-oracle - 5.4.0-1102.111 No subscription required linux-buildinfo-5.4.0-1103-aws - 5.4.0-1103.111 linux-cloud-tools-5.4.0-1103-aws - 5.4.0-1103.111 linux-image-5.4.0-1103-aws - 5.4.0-1103.111 linux-aws-headers-5.4.0-1103 - 5.4.0-1103.111 linux-aws-tools-5.4.0-1103 - 5.4.0-1103.111 linux-modules-5.4.0-1103-aws - 5.4.0-1103.111 linux-tools-5.4.0-1103-aws - 5.4.0-1103.111 linux-aws-cloud-tools-5.4.0-1103 - 5.4.0-1103.111 linux-image-unsigned-5.4.0-1103-aws - 5.4.0-1103.111 linux-modules-extra-5.4.0-1103-aws - 5.4.0-1103.111 linux-headers-5.4.0-1103-aws - 5.4.0-1103.111 No subscription required linux-image-5.4.0-1106-gcp - 5.4.0-1106.115 linux-headers-5.4.0-1106-gcp - 5.4.0-1106.115 linux-gcp-headers-5.4.0-1106 - 5.4.0-1106.115 linux-image-unsigned-5.4.0-1106-gcp - 5.4.0-1106.115 linux-modules-5.4.0-1106-gcp - 5.4.0-1106.115 linux-tools-5.4.0-1106-gcp - 5.4.0-1106.115 linux-modules-extra-5.4.0-1106-gcp - 5.4.0-1106.115 linux-gcp-tools-5.4.0-1106 - 5.4.0-1106.115 linux-buildinfo-5.4.0-1106-gcp - 5.4.0-1106.115 No subscription required linux-modules-5.4.0-1109-azure - 5.4.0-1109.115 linux-buildinfo-5.4.0-1109-azure - 5.4.0-1109.115 linux-image-5.4.0-1109-azure - 5.4.0-1109.115 linux-azure-tools-5.4.0-1109 - 5.4.0-1109.115 linux-tools-5.4.0-1109-azure - 5.4.0-1109.115 linux-image-unsigned-5.4.0-1109-azure - 5.4.0-1109.115 linux-modules-extra-5.4.0-1109-azure - 5.4.0-1109.115 linux-azure-headers-5.4.0-1109 - 5.4.0-1109.115 linux-headers-5.4.0-1109-azure - 5.4.0-1109.115 linux-cloud-tools-5.4.0-1109-azure - 5.4.0-1109.115 linux-azure-cloud-tools-5.4.0-1109 - 5.4.0-1109.115 No subscription required linux-tools-common - 5.4.0-150.167 linux-cloud-tools-5.4.0-150-generic - 5.4.0-150.167 linux-modules-5.4.0-150-generic - 5.4.0-150.167 linux-doc - 5.4.0-150.167 linux-headers-5.4.0-150-generic-lpae - 5.4.0-150.167 linux-headers-5.4.0-150-lowlatency - 5.4.0-150.167 linux-buildinfo-5.4.0-150-generic - 5.4.0-150.167 linux-tools-5.4.0-150-generic - 5.4.0-150.167 linux-image-unsigned-5.4.0-150-lowlatency - 5.4.0-150.167 linux-buildinfo-5.4.0-150-lowlatency - 5.4.0-150.167 linux-libc-dev - 5.4.0-150.167 linux-source-5.4.0 - 5.4.0-150.167 linux-cloud-tools-common - 5.4.0-150.167 linux-image-unsigned-5.4.0-150-generic - 5.4.0-150.167 linux-image-5.4.0-150-lowlatency - 5.4.0-150.167 linux-tools-host - 5.4.0-150.167 linux-cloud-tools-5.4.0-150-lowlatency - 5.4.0-150.167 linux-tools-5.4.0-150-generic-lpae - 5.4.0-150.167 linux-cloud-tools-5.4.0-150 - 5.4.0-150.167 linux-image-5.4.0-150-generic - 5.4.0-150.167 linux-tools-5.4.0-150 - 5.4.0-150.167 linux-modules-5.4.0-150-lowlatency - 5.4.0-150.167 linux-headers-5.4.0-150-generic - 5.4.0-150.167 linux-modules-extra-5.4.0-150-generic - 5.4.0-150.167 linux-modules-5.4.0-150-generic-lpae - 5.4.0-150.167 linux-buildinfo-5.4.0-150-generic-lpae - 5.4.0-150.167 linux-headers-5.4.0-150 - 5.4.0-150.167 linux-image-5.4.0-150-generic-lpae - 5.4.0-150.167 linux-tools-5.4.0-150-lowlatency - 5.4.0-150.167 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1050.76 linux-modules-extra-ibm - 5.4.0.1050.76 linux-image-ibm - 5.4.0.1050.76 linux-headers-ibm-lts-20.04 - 5.4.0.1050.76 linux-tools-ibm - 5.4.0.1050.76 linux-ibm-lts-20.04 - 5.4.0.1050.76 linux-image-ibm-lts-20.04 - 5.4.0.1050.76 linux-ibm - 5.4.0.1050.76 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1050.76 linux-headers-ibm - 5.4.0.1050.76 No subscription required linux-headers-gkeop - 5.4.0.1070.68 linux-modules-extra-gkeop-5.4 - 5.4.0.1070.68 linux-gkeop-5.4 - 5.4.0.1070.68 linux-cloud-tools-gkeop-5.4 - 5.4.0.1070.68 linux-image-gkeop-5.4 - 5.4.0.1070.68 linux-modules-extra-gkeop - 5.4.0.1070.68 linux-tools-gkeop - 5.4.0.1070.68 linux-image-gkeop - 5.4.0.1070.68 linux-gkeop - 5.4.0.1070.68 linux-cloud-tools-gkeop - 5.4.0.1070.68 linux-headers-gkeop-5.4 - 5.4.0.1070.68 linux-tools-gkeop-5.4 - 5.4.0.1070.68 No subscription required linux-kvm - 5.4.0.1092.87 linux-headers-kvm - 5.4.0.1092.87 linux-tools-kvm - 5.4.0.1092.87 linux-image-kvm - 5.4.0.1092.87 No subscription required linux-modules-extra-gke - 5.4.0.1100.105 linux-headers-gke-5.4 - 5.4.0.1100.105 linux-modules-extra-gke-5.4 - 5.4.0.1100.105 linux-gke-5.4 - 5.4.0.1100.105 linux-tools-gke - 5.4.0.1100.105 linux-gke - 5.4.0.1100.105 linux-headers-gke - 5.4.0.1100.105 linux-tools-gke-5.4 - 5.4.0.1100.105 linux-image-gke-5.4 - 5.4.0.1100.105 linux-image-gke - 5.4.0.1100.105 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1102.95 linux-headers-oracle-lts-20.04 - 5.4.0.1102.95 linux-oracle-lts-20.04 - 5.4.0.1102.95 linux-image-oracle-lts-20.04 - 5.4.0.1102.95 No subscription required linux-tools-aws-lts-20.04 - 5.4.0.1103.100 linux-image-aws-lts-20.04 - 5.4.0.1103.100 linux-headers-aws-lts-20.04 - 5.4.0.1103.100 linux-modules-extra-aws-lts-20.04 - 5.4.0.1103.100 linux-aws-lts-20.04 - 5.4.0.1103.100 No subscription required linux-image-gcp-lts-20.04 - 5.4.0.1106.108 linux-gcp-lts-20.04 - 5.4.0.1106.108 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1106.108 linux-headers-gcp-lts-20.04 - 5.4.0.1106.108 linux-tools-gcp-lts-20.04 - 5.4.0.1106.108 No subscription required linux-azure-lts-20.04 - 5.4.0.1109.102 linux-image-azure-lts-20.04 - 5.4.0.1109.102 linux-modules-extra-azure-lts-20.04 - 5.4.0.1109.102 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1109.102 linux-tools-azure-lts-20.04 - 5.4.0.1109.102 linux-headers-azure-lts-20.04 - 5.4.0.1109.102 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.150.148 linux-cloud-tools-virtual - 5.4.0.150.148 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.150.148 linux-image-virtual - 5.4.0.150.148 linux-oem-osp1-tools-host - 5.4.0.150.148 linux-image-generic - 5.4.0.150.148 linux-tools-lowlatency - 5.4.0.150.148 linux-virtual-hwe-18.04-edge - 5.4.0.150.148 linux-image-oem - 5.4.0.150.148 linux-tools-virtual-hwe-18.04 - 5.4.0.150.148 linux-virtual - 5.4.0.150.148 linux-headers-lowlatency-hwe-18.04 - 5.4.0.150.148 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.150.148 linux-oem - 5.4.0.150.148 linux-image-oem-osp1 - 5.4.0.150.148 linux-image-generic-hwe-18.04 - 5.4.0.150.148 linux-image-generic-lpae-hwe-18.04 - 5.4.0.150.148 linux-crashdump - 5.4.0.150.148 linux-headers-generic-hwe-18.04 - 5.4.0.150.148 linux-headers-virtual-hwe-18.04-edge - 5.4.0.150.148 linux-headers-generic-lpae - 5.4.0.150.148 linux-lowlatency - 5.4.0.150.148 linux-cloud-tools-generic - 5.4.0.150.148 linux-headers-virtual-hwe-18.04 - 5.4.0.150.148 linux-virtual-hwe-18.04 - 5.4.0.150.148 linux-tools-generic-lpae - 5.4.0.150.148 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.150.148 linux-tools-virtual - 5.4.0.150.148 linux-generic-lpae-hwe-18.04-edge - 5.4.0.150.148 linux-lowlatency-hwe-18.04-edge - 5.4.0.150.148 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.150.148 linux-tools-oem-osp1 - 5.4.0.150.148 linux-generic-lpae - 5.4.0.150.148 linux-image-generic-hwe-18.04-edge - 5.4.0.150.148 linux-headers-oem - 5.4.0.150.148 linux-image-extra-virtual-hwe-18.04 - 5.4.0.150.148 linux-generic - 5.4.0.150.148 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.150.148 linux-tools-generic-hwe-18.04-edge - 5.4.0.150.148 linux-image-virtual-hwe-18.04 - 5.4.0.150.148 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.150.148 linux-headers-lowlatency - 5.4.0.150.148 linux-generic-hwe-18.04-edge - 5.4.0.150.148 linux-tools-generic-hwe-18.04 - 5.4.0.150.148 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.150.148 linux-source - 5.4.0.150.148 linux-image-extra-virtual - 5.4.0.150.148 linux-oem-tools-host - 5.4.0.150.148 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.150.148 linux-tools-generic - 5.4.0.150.148 linux-cloud-tools-lowlatency - 5.4.0.150.148 linux-tools-oem - 5.4.0.150.148 linux-headers-oem-osp1 - 5.4.0.150.148 linux-tools-virtual-hwe-18.04-edge - 5.4.0.150.148 linux-generic-lpae-hwe-18.04 - 5.4.0.150.148 linux-headers-generic-hwe-18.04-edge - 5.4.0.150.148 linux-headers-generic - 5.4.0.150.148 linux-oem-osp1 - 5.4.0.150.148 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.150.148 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.150.148 linux-image-lowlatency-hwe-18.04 - 5.4.0.150.148 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.150.148 linux-headers-virtual - 5.4.0.150.148 linux-lowlatency-hwe-18.04 - 5.4.0.150.148 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.150.148 linux-image-virtual-hwe-18.04-edge - 5.4.0.150.148 linux-generic-hwe-18.04 - 5.4.0.150.148 linux-image-generic-lpae - 5.4.0.150.148 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.150.148 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.150.148 linux-tools-lowlatency-hwe-18.04 - 5.4.0.150.148 linux-image-lowlatency - 5.4.0.150.148 No subscription required High CVE-2023-1380 CVE-2023-2612 CVE-2023-30456 CVE-2023-31436 CVE-2023-32233 Ubuntu 20.04 LTS Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6132-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1064-bluefield - 5.4.0-1064.70 linux-image-5.4.0-1064-bluefield - 5.4.0-1064.70 linux-headers-5.4.0-1064-bluefield - 5.4.0-1064.70 linux-bluefield-headers-5.4.0-1064 - 5.4.0-1064.70 linux-tools-5.4.0-1064-bluefield - 5.4.0-1064.70 linux-bluefield-tools-5.4.0-1064 - 5.4.0-1064.70 linux-buildinfo-5.4.0-1064-bluefield - 5.4.0-1064.70 linux-image-unsigned-5.4.0-1064-bluefield - 5.4.0-1064.70 No subscription required linux-bluefield - 5.4.0.1064.59 linux-tools-bluefield - 5.4.0.1064.59 linux-image-bluefield - 5.4.0.1064.59 linux-headers-bluefield - 5.4.0.1064.59 No subscription required High CVE-2022-3707 CVE-2023-0459 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1380 CVE-2023-1513 CVE-2023-2162 CVE-2023-2612 CVE-2023-30456 CVE-2023-31436 CVE-2023-32233 CVE-2023-32269 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-0386) It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-4842) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit() function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0458) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that the NFS implementation in the Linux kernel did not properly handle pending tasks in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1652) It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1872) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) It was discovered that the ARM64 EFI runtime services implementation in the Linux kernel did not properly manage concurrency calls. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21102) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6134-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1030 - 5.15.0-1030.35~20.04.1 linux-buildinfo-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1030.35~20.04.1 linux-headers-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1030.35~20.04.1 linux-modules-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-modules-extra-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-modules-iwlwifi-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-cloud-tools-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-image-unsigned-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1030.35~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1030 - 5.15.0-1030.35~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1030 - 5.15.0-1030.35~20.04.1 linux-image-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1030.35~20.04.22 linux-tools-intel - 5.15.0.1030.35~20.04.22 linux-intel-iotg - 5.15.0.1030.35~20.04.22 linux-image-intel-iotg - 5.15.0.1030.35~20.04.22 linux-tools-intel-iotg-edge - 5.15.0.1030.35~20.04.22 linux-intel - 5.15.0.1030.35~20.04.22 linux-headers-intel - 5.15.0.1030.35~20.04.22 linux-intel-iotg-edge - 5.15.0.1030.35~20.04.22 linux-image-intel-iotg-edge - 5.15.0.1030.35~20.04.22 linux-headers-intel-iotg - 5.15.0.1030.35~20.04.22 linux-image-intel - 5.15.0.1030.35~20.04.22 linux-headers-intel-iotg-edge - 5.15.0.1030.35~20.04.22 linux-tools-intel-iotg - 5.15.0.1030.35~20.04.22 No subscription required High CVE-2022-27672 CVE-2022-3707 CVE-2022-4129 CVE-2022-47929 CVE-2022-4842 CVE-2023-0386 CVE-2023-0394 CVE-2023-0458 CVE-2023-0459 CVE-2023-1073 CVE-2023-1074 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1281 CVE-2023-1513 CVE-2023-1652 CVE-2023-1829 CVE-2023-1872 CVE-2023-20938 CVE-2023-21102 CVE-2023-2162 CVE-2023-26545 CVE-2023-32269 Ubuntu 20.04 LTS Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Update Instructions: Run `sudo pro fix USN-6135-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.15.0-1039-azure-fde - 5.15.0-1039.46~20.04.1.1 linux-image-5.15.0-1039-azure-fde - 5.15.0-1039.46~20.04.1.1 No subscription required linux-azure-fde - 5.15.0.1039.46~20.04.1.18 linux-modules-extra-azure-fde - 5.15.0.1039.46~20.04.1.18 linux-headers-azure-fde-edge - 5.15.0.1039.46~20.04.1.18 linux-azure-fde-edge - 5.15.0.1039.46~20.04.1.18 linux-image-azure-fde - 5.15.0.1039.46~20.04.1.18 linux-modules-extra-azure-fde-edge - 5.15.0.1039.46~20.04.1.18 linux-tools-azure-fde-edge - 5.15.0.1039.46~20.04.1.18 linux-image-azure-fde-edge - 5.15.0.1039.46~20.04.1.18 linux-cloud-tools-azure-fde-edge - 5.15.0.1039.46~20.04.1.18 linux-cloud-tools-azure-fde - 5.15.0.1039.46~20.04.1.18 linux-tools-azure-fde - 5.15.0.1039.46~20.04.1.18 linux-headers-azure-fde - 5.15.0.1039.46~20.04.1.18 No subscription required High CVE-2023-1380 CVE-2023-2612 CVE-2023-30456 CVE-2023-31436 CVE-2023-32233 Ubuntu 20.04 LTS It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6137-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libraw-doc - 0.19.5-1ubuntu1.2 libraw-bin - 0.19.5-1ubuntu1.2 libraw19 - 0.19.5-1ubuntu1.2 libraw-dev - 0.19.5-1ubuntu1.2 No subscription required Medium CVE-2021-32142 CVE-2023-1729 Ubuntu 20.04 LTS Philip Turnbull discovered that libssh incorrectly handled rekeying with algorithm guessing. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-1667) Kevin Backhouse discovered that libssh incorrectly handled verifying data signatures. A remote attacker could possibly use this issue to bypass authorization. (CVE-2023-2283) Update Instructions: Run `sudo pro fix USN-6138-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh-gcrypt-dev - 0.9.3-2ubuntu2.3 libssh-4 - 0.9.3-2ubuntu2.3 libssh-gcrypt-4 - 0.9.3-2ubuntu2.3 libssh-dev - 0.9.3-2ubuntu2.3 libssh-doc - 0.9.3-2ubuntu2.3 No subscription required Medium CVE-2023-1667 CVE-2023-2283 Ubuntu 20.04 LTS Yebo Cao discovered that Python incorrectly handled certain URLs. An attacker could use this issue to bypass blockinglisting methods. This issue was first addressed in USN-5960-1, but was incomplete. Here we address an additional fix to that issue. (CVE-2023-24329) Update Instructions: Run `sudo pro fix USN-6139-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.10-0ubuntu1~20.04.8 python3.8-full - 3.8.10-0ubuntu1~20.04.8 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.8 python3.8-examples - 3.8.10-0ubuntu1~20.04.8 python3.8-dev - 3.8.10-0ubuntu1~20.04.8 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.8 python3.8-venv - 3.8.10-0ubuntu1~20.04.8 libpython3.8 - 3.8.10-0ubuntu1~20.04.8 idle-python3.8 - 3.8.10-0ubuntu1~20.04.8 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.8 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.8 python3.8 - 3.8.10-0ubuntu1~20.04.8 python3.8-doc - 3.8.10-0ubuntu1~20.04.8 No subscription required Medium CVE-2023-24329 Ubuntu 20.04 LTS Gal Goldshtein discovered that nghttp2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6142-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnghttp2-14 - 1.40.0-1ubuntu0.1 libnghttp2-doc - 1.40.0-1ubuntu0.1 libnghttp2-dev - 1.40.0-1ubuntu0.1 nghttp2-proxy - 1.40.0-1ubuntu0.1 nghttp2 - 1.40.0-1ubuntu0.1 nghttp2-client - 1.40.0-1ubuntu0.1 nghttp2-server - 1.40.0-1ubuntu0.1 No subscription required Medium CVE-2020-11080 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-34414, CVE-2023-34416, CVE-2023-34417) Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks. (CVE-2023-34415) Update Instructions: Run `sudo pro fix USN-6143-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-szl - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 114.0+build3-0ubuntu0.20.04.1 firefox - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 114.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 114.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-tg - 114.0+build3-0ubuntu0.20.04.1 firefox-dev - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 114.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-34414 CVE-2023-34415 CVE-2023-34416 CVE-2023-34417 Ubuntu 20.04 LTS USN-6143-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-34414, CVE-2023-34416, CVE-2023-34417) Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks. (CVE-2023-34415) Update Instructions: Run `sudo pro fix USN-6143-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 114.0.1+build1-0ubuntu0.20.04.1 firefox - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 114.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 114.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 114.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 114.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2023610 Ubuntu 20.04 LTS USN-6143-1 fixed vulnerabilities and USN-6143-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-34414, CVE-2023-34416, CVE-2023-34417) Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks. (CVE-2023-34415) Update Instructions: Run `sudo pro fix USN-6143-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 114.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 114.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nl - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tg - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 114.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 114.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2024513 Ubuntu 20.04 LTS It was discovered that LibreOffice did not properly validate the number of parameters passed to the formula interpreter, leading to an array index underflow attack. If a user were tricked into opening a specially crafted spreadsheet file, an attacker could possibly use this issue to execute arbitrary code. (CVE-2023-0950) Amel Bouziane-Leblond discovered that LibreOffice did not prompt the user before loading the host document inside an IFrame. If a user were tricked into opening a specially crafted input file, an attacker could possibly use this issue to cause information disclosure or execute arbitrary code. (CVE-2023-2255) Update Instructions: Run `sudo pro fix USN-6144-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.8 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.8 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.8 python3-uno - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.8 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.8 libreoffice - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.8 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.8 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.8 python3-access2base - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.8 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.8 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.8 libridl-java - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.8 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.8 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.8 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.8 libunoil-java - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.8 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.8 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.8 libjurt-java - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.8 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.8 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.8 ure - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.8 libjuh-java - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.8 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.8 No subscription required Medium CVE-2023-0950 CVE-2023-2255 Ubuntu 20.04 LTS It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only fixed for Ubuntu 16.04 LTS. (CVE-2022-39377) It was discovered that Sysstat incorrectly handled certain arithmetic multiplications in 64-bit systems, as a result of an incomplete fix for CVE-2022-39377. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-33204) Update Instructions: Run `sudo pro fix USN-6145-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: isag - 12.2.0-2ubuntu0.3 sysstat - 12.2.0-2ubuntu0.3 No subscription required Medium CVE-2022-39377 CVE-2023-33204 Ubuntu 20.04 LTS It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. A remote attacker could possibly use this issue to execute arbitrary code with the privileges of the user invoking the programs. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2021-31439) It was discovered that Netatalk did not properly validate the length of user-supplied data in the ad_addcomment function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0194) It was discovered that Netatalk did not properly handle errors when parsing AppleDouble entries. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23121) It was discovered that Netatalk did not properly validate the length of user-supplied data in the setfilparams function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23122) It was discovered that Netatalk did not properly validate the length of user-supplied data in the getdirparams function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23123) It was discovered that Netatalk did not properly validate the length of user-supplied data in the get_finderinfo function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23124) It was discovered that Netatalk did not properly validate the length of user-supplied data in the copyapplfile function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23125) It was discovered that Netatalk did not properly validate the length of user-supplied data in the dsi_writeinit function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-43634) It was discovered that Netatalk did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted .appl file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2022-45188) Update Instructions: Run `sudo pro fix USN-6146-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: netatalk - 3.1.12~ds-4ubuntu0.20.04.1 No subscription required High CVE-2021-31439 CVE-2022-0194 CVE-2022-23121 CVE-2022-23122 CVE-2022-23123 CVE-2022-23124 CVE-2022-23125 CVE-2022-43634 CVE-2022-45188 Ubuntu 20.04 LTS It was discovered that SNI Proxy did not properly handle wildcard backend hosts. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service, or arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6148-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sniproxy - 0.6.0-1ubuntu0.1 No subscription required High CVE-2023-25076 Ubuntu 20.04 LTS Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Update Instructions: Run `sudo pro fix USN-6150-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-raspi-tools-5.4.0-1086 - 5.4.0-1086.97 linux-raspi-headers-5.4.0-1086 - 5.4.0-1086.97 linux-image-5.4.0-1086-raspi - 5.4.0-1086.97 linux-tools-5.4.0-1086-raspi - 5.4.0-1086.97 linux-buildinfo-5.4.0-1086-raspi - 5.4.0-1086.97 linux-modules-5.4.0-1086-raspi - 5.4.0-1086.97 linux-headers-5.4.0-1086-raspi - 5.4.0-1086.97 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1086.116 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1086.116 linux-raspi-hwe-18.04-edge - 5.4.0.1086.116 linux-tools-raspi - 5.4.0.1086.116 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1086.116 linux-raspi-hwe-18.04 - 5.4.0.1086.116 linux-image-raspi - 5.4.0.1086.116 linux-tools-raspi2-hwe-18.04 - 5.4.0.1086.116 linux-raspi2-hwe-18.04 - 5.4.0.1086.116 linux-image-raspi-hwe-18.04-edge - 5.4.0.1086.116 linux-raspi2 - 5.4.0.1086.116 linux-headers-raspi2 - 5.4.0.1086.116 linux-tools-raspi2 - 5.4.0.1086.116 linux-headers-raspi2-hwe-18.04 - 5.4.0.1086.116 linux-image-raspi2 - 5.4.0.1086.116 linux-tools-raspi-hwe-18.04 - 5.4.0.1086.116 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1086.116 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1086.116 linux-image-raspi-hwe-18.04 - 5.4.0.1086.116 linux-raspi - 5.4.0.1086.116 linux-headers-raspi - 5.4.0.1086.116 linux-headers-raspi-hwe-18.04 - 5.4.0.1086.116 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1086.116 linux-image-raspi2-hwe-18.04 - 5.4.0.1086.116 No subscription required High CVE-2023-1380 CVE-2023-2612 CVE-2023-30456 CVE-2023-31436 CVE-2023-32233 Ubuntu 20.04 LTS It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4382) It was discovered that the RNDIS USB driver in the Linux kernel contained an integer overflow vulnerability. A local attacker with physical access could plug in a malicious USB device to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-23559) Update Instructions: Run `sudo pro fix USN-6151-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-xilinx-zynqmp-tools-5.4.0-1023 - 5.4.0-1023.27 linux-headers-5.4.0-1023-xilinx-zynqmp - 5.4.0-1023.27 linux-xilinx-zynqmp-headers-5.4.0-1023 - 5.4.0-1023.27 linux-image-5.4.0-1023-xilinx-zynqmp - 5.4.0-1023.27 linux-tools-5.4.0-1023-xilinx-zynqmp - 5.4.0-1023.27 linux-buildinfo-5.4.0-1023-xilinx-zynqmp - 5.4.0-1023.27 linux-modules-5.4.0-1023-xilinx-zynqmp - 5.4.0-1023.27 No subscription required linux-tools-xilinx-zynqmp - 5.4.0.1023.26 linux-headers-xilinx-zynqmp - 5.4.0.1023.26 linux-xilinx-zynqmp - 5.4.0.1023.26 linux-image-xilinx-zynqmp - 5.4.0.1023.26 No subscription required Medium CVE-2021-3669 CVE-2022-2196 CVE-2022-4382 CVE-2023-23559 Ubuntu 20.04 LTS It was discovered that NFS client's access cache implementation in the Linux kernel caused a severe NFS performance degradation in certain conditions. This updated makes the NFS file-access stale cache behavior to be optional. Update Instructions: Run `sudo pro fix USN-6152-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gke-headers-5.4.0-1101 - 5.4.0-1101.108 linux-tools-5.4.0-1101-gke - 5.4.0-1101.108 linux-image-5.4.0-1101-gke - 5.4.0-1101.108 linux-headers-5.4.0-1101-gke - 5.4.0-1101.108 linux-buildinfo-5.4.0-1101-gke - 5.4.0-1101.108 linux-gke-tools-5.4.0-1101 - 5.4.0-1101.108 linux-modules-extra-5.4.0-1101-gke - 5.4.0-1101.108 linux-image-unsigned-5.4.0-1101-gke - 5.4.0-1101.108 linux-modules-5.4.0-1101-gke - 5.4.0-1101.108 No subscription required linux-modules-extra-gke - 5.4.0.1101.106 linux-gke-5.4 - 5.4.0.1101.106 linux-image-gke - 5.4.0.1101.106 linux-image-gke-5.4 - 5.4.0.1101.106 linux-tools-gke-5.4 - 5.4.0.1101.106 linux-modules-extra-gke-5.4 - 5.4.0.1101.106 linux-headers-gke - 5.4.0.1101.106 linux-gke - 5.4.0.1101.106 linux-tools-gke - 5.4.0.1101.106 linux-headers-gke-5.4 - 5.4.0.1101.106 No subscription required None https://launchpad.net/bugs/2022098 Ubuntu 20.04 LTS It was discovered that Jupyter Core executed untrusted files in the current working directory. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6153-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-jupyter-core-doc - 4.6.3-3ubuntu0.1~esm1 jupyter - 4.6.3-3ubuntu0.1~esm1 jupyter-core - 4.6.3-3ubuntu0.1~esm1 python3-jupyter-core - 4.6.3-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-39286 Ubuntu 20.04 LTS It was discovered that Vim was using uninitialized memory when fuzzy matching, which could lead to invalid memory access. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10 and Ubuntu 23.04. (CVE-2023-2426) It was discovered that Vim was not properly performing bounds checks when processing register contents, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-2609) It was discovered that Vim was not properly limiting the length of substitution expression strings, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-2610) Update Instructions: Run `sudo pro fix USN-6154-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.15 vim-athena - 2:8.1.2269-1ubuntu5.15 xxd - 2:8.1.2269-1ubuntu5.15 vim-gtk - 2:8.1.2269-1ubuntu5.15 vim-gui-common - 2:8.1.2269-1ubuntu5.15 vim - 2:8.1.2269-1ubuntu5.15 vim-doc - 2:8.1.2269-1ubuntu5.15 vim-tiny - 2:8.1.2269-1ubuntu5.15 vim-runtime - 2:8.1.2269-1ubuntu5.15 vim-gtk3 - 2:8.1.2269-1ubuntu5.15 vim-nox - 2:8.1.2269-1ubuntu5.15 No subscription required Medium CVE-2023-2426 CVE-2023-2609 CVE-2023-2610 Ubuntu 20.04 LTS Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6155-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-requests - 2.22.0-2ubuntu1.1 No subscription required Medium CVE-2023-32681 Ubuntu 20.04 LTS It was discovered that SSSD incorrrectly sanitized certificate data used in LDAP filters. When using this issue in combination with FreeIPA, a remote attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-6156-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsss-certmap-dev - 2.2.3-3ubuntu0.11 libipa-hbac-dev - 2.2.3-3ubuntu0.11 sssd-ad - 2.2.3-3ubuntu0.11 libsss-sudo - 2.2.3-3ubuntu0.11 libsss-nss-idmap0 - 2.2.3-3ubuntu0.11 libnss-sss - 2.2.3-3ubuntu0.11 sssd-ipa - 2.2.3-3ubuntu0.11 libsss-simpleifp0 - 2.2.3-3ubuntu0.11 libsss-idmap-dev - 2.2.3-3ubuntu0.11 python3-libsss-nss-idmap - 2.2.3-3ubuntu0.11 libsss-certmap0 - 2.2.3-3ubuntu0.11 python3-sss - 2.2.3-3ubuntu0.11 libpam-sss - 2.2.3-3ubuntu0.11 sssd-kcm - 2.2.3-3ubuntu0.11 libsss-idmap0 - 2.2.3-3ubuntu0.11 sssd-ldap - 2.2.3-3ubuntu0.11 libsss-nss-idmap-dev - 2.2.3-3ubuntu0.11 libsss-simpleifp-dev - 2.2.3-3ubuntu0.11 sssd - 2.2.3-3ubuntu0.11 libwbclient-sssd - 2.2.3-3ubuntu0.11 libwbclient-sssd-dev - 2.2.3-3ubuntu0.11 sssd-common - 2.2.3-3ubuntu0.11 python3-libipa-hbac - 2.2.3-3ubuntu0.11 libipa-hbac0 - 2.2.3-3ubuntu0.11 sssd-tools - 2.2.3-3ubuntu0.11 sssd-ad-common - 2.2.3-3ubuntu0.11 sssd-krb5-common - 2.2.3-3ubuntu0.11 sssd-dbus - 2.2.3-3ubuntu0.11 sssd-krb5 - 2.2.3-3ubuntu0.11 sssd-proxy - 2.2.3-3ubuntu0.11 No subscription required Medium CVE-2022-4254 Ubuntu 20.04 LTS USN-6156-1 fixed a vulnerability in SSSD. In certain environments, not all packages ended up being upgraded at the same time, resulting in authentication failures when the PAM module was being used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that SSSD incorrrectly sanitized certificate data used in LDAP filters. When using this issue in combination with FreeIPA, a remote attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-6156-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsss-certmap-dev - 2.2.3-3ubuntu0.12 libipa-hbac-dev - 2.2.3-3ubuntu0.12 sssd-ad - 2.2.3-3ubuntu0.12 libsss-sudo - 2.2.3-3ubuntu0.12 libsss-nss-idmap0 - 2.2.3-3ubuntu0.12 libnss-sss - 2.2.3-3ubuntu0.12 sssd-ipa - 2.2.3-3ubuntu0.12 libsss-simpleifp0 - 2.2.3-3ubuntu0.12 libsss-idmap-dev - 2.2.3-3ubuntu0.12 python3-libsss-nss-idmap - 2.2.3-3ubuntu0.12 libsss-certmap0 - 2.2.3-3ubuntu0.12 python3-sss - 2.2.3-3ubuntu0.12 libpam-sss - 2.2.3-3ubuntu0.12 sssd-kcm - 2.2.3-3ubuntu0.12 libsss-idmap0 - 2.2.3-3ubuntu0.12 sssd-ldap - 2.2.3-3ubuntu0.12 libsss-nss-idmap-dev - 2.2.3-3ubuntu0.12 libsss-simpleifp-dev - 2.2.3-3ubuntu0.12 sssd - 2.2.3-3ubuntu0.12 libwbclient-sssd - 2.2.3-3ubuntu0.12 libwbclient-sssd-dev - 2.2.3-3ubuntu0.12 sssd-common - 2.2.3-3ubuntu0.12 python3-libipa-hbac - 2.2.3-3ubuntu0.12 libipa-hbac0 - 2.2.3-3ubuntu0.12 sssd-tools - 2.2.3-3ubuntu0.12 sssd-ad-common - 2.2.3-3ubuntu0.12 sssd-krb5-common - 2.2.3-3ubuntu0.12 sssd-dbus - 2.2.3-3ubuntu0.12 sssd-krb5 - 2.2.3-3ubuntu0.12 sssd-proxy - 2.2.3-3ubuntu0.12 No subscription required None https://launchpad.net/bugs/2023598 Ubuntu 20.04 LTS It was discovered that Node Fetch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6158-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-fetch - 1.7.3-2ubuntu0.1 No subscription required Medium CVE-2022-0235 Ubuntu 20.04 LTS It was discovered that GNU binutils incorrectly performed bounds checking operations when parsing stabs debugging information. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6160-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils-dev - 2.34-6ubuntu1.6 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.6 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.6 binutils-ia64-linux-gnu - 2.34-6ubuntu1.6 binutils-multiarch - 2.34-6ubuntu1.6 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.6 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.6 binutils-m68k-linux-gnu - 2.34-6ubuntu1.6 binutils-for-build - 2.34-6ubuntu1.6 binutils-s390x-linux-gnu - 2.34-6ubuntu1.6 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.6 binutils-multiarch-dev - 2.34-6ubuntu1.6 binutils-i686-gnu - 2.34-6ubuntu1.6 libctf-nobfd0 - 2.34-6ubuntu1.6 binutils-for-host - 2.34-6ubuntu1.6 binutils-doc - 2.34-6ubuntu1.6 binutils-sh4-linux-gnu - 2.34-6ubuntu1.6 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.6 libctf0 - 2.34-6ubuntu1.6 binutils-source - 2.34-6ubuntu1.6 binutils-i686-linux-gnu - 2.34-6ubuntu1.6 binutils-common - 2.34-6ubuntu1.6 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.6 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.6 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.6 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.6 binutils-hppa-linux-gnu - 2.34-6ubuntu1.6 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.6 libbinutils - 2.34-6ubuntu1.6 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.6 binutils-alpha-linux-gnu - 2.34-6ubuntu1.6 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.6 binutils - 2.34-6ubuntu1.6 No subscription required Low CVE-2021-45078 Ubuntu 20.04 LTS Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Update Instructions: Run `sudo pro fix USN-6162-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-headers-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-modules-iwlwifi-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1031.36~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1031 - 5.15.0-1031.36~20.04.1 linux-cloud-tools-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1031.36~20.04.1 linux-image-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-image-unsigned-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-modules-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-buildinfo-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1031.36~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1031 - 5.15.0-1031.36~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1031 - 5.15.0-1031.36~20.04.1 linux-tools-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1031.36~20.04.23 linux-tools-intel - 5.15.0.1031.36~20.04.23 linux-intel-iotg - 5.15.0.1031.36~20.04.23 linux-image-intel-iotg - 5.15.0.1031.36~20.04.23 linux-tools-intel-iotg-edge - 5.15.0.1031.36~20.04.23 linux-intel - 5.15.0.1031.36~20.04.23 linux-headers-intel - 5.15.0.1031.36~20.04.23 linux-intel-iotg-edge - 5.15.0.1031.36~20.04.23 linux-image-intel-iotg-edge - 5.15.0.1031.36~20.04.23 linux-headers-intel-iotg - 5.15.0.1031.36~20.04.23 linux-image-intel - 5.15.0.1031.36~20.04.23 linux-headers-intel-iotg-edge - 5.15.0.1031.36~20.04.23 linux-tools-intel-iotg - 5.15.0.1031.36~20.04.23 No subscription required High CVE-2023-1380 CVE-2023-2612 CVE-2023-30456 CVE-2023-31436 CVE-2023-32233 Ubuntu 20.04 LTS It was discovered that pano13 did not properly validate the prefix provided for PTcrop's output. An attacker could use this issue to cause pano13 to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-20307) It was discovered that pano13 did not properly handle certain crafted TIFF images. An attacker could use this issue to cause pano13 to crash, resulting in a denial of service. (CVE-2021-33293) Update Instructions: Run `sudo pro fix USN-6163-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpano13-dev - 2.9.19+dfsg-3ubuntu0.20.04.1 libpano13-bin - 2.9.19+dfsg-3ubuntu0.20.04.1 libpano13-3 - 2.9.19+dfsg-3ubuntu0.20.04.1 No subscription required Medium CVE-2021-20307 CVE-2021-33293 Ubuntu 20.04 LTS Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-31130) Xiang Li discovered that c-ares incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause c-res to crash, resulting in a denial of service. (CVE-2023-32067) Update Instructions: Run `sudo pro fix USN-6164-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc-ares2 - 1.15.0-1ubuntu0.3 libc-ares-dev - 1.15.0-1ubuntu0.3 No subscription required Medium CVE-2023-31130 CVE-2023-32067 Ubuntu 20.04 LTS It was discovered that GLib incorrectly handled non-normal GVariants. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or perform other unknown attacks. Update Instructions: Run `sudo pro fix USN-6165-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libglib2.0-0 - 2.64.6-1~ubuntu20.04.6 libglib2.0-data - 2.64.6-1~ubuntu20.04.6 libglib2.0-tests - 2.64.6-1~ubuntu20.04.6 libglib2.0-doc - 2.64.6-1~ubuntu20.04.6 libglib2.0-bin - 2.64.6-1~ubuntu20.04.6 libglib2.0-dev - 2.64.6-1~ubuntu20.04.6 libglib2.0-dev-bin - 2.64.6-1~ubuntu20.04.6 No subscription required Medium CVE-2023-29499 CVE-2023-32611 CVE-2023-32636 CVE-2023-32643 CVE-2023-32665 Ubuntu 20.04 LTS David Gstir discovered that libcap2 incorrectly handled certain return codes. An attacker could possibly use this issue to cause libcap2 to consume memory, leading to a denial of service. (CVE-2023-2602) Richard Weinberger discovered that libcap2 incorrectly handled certain long input strings. An attacker could use this issue to cause libcap2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-2603) Update Instructions: Run `sudo pro fix USN-6166-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcap2 - 1:2.32-1ubuntu0.1 libcap2-bin - 1:2.32-1ubuntu0.1 libpam-cap - 1:2.32-1ubuntu0.1 libcap-dev - 1:2.32-1ubuntu0.1 No subscription required Medium CVE-2023-2602 CVE-2023-2603 Ubuntu 20.04 LTS It was discovered that QEMU did not properly manage the guest drivers when shared buffers are not allocated. A malicious guest driver could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-1050) It was discovered that QEMU did not properly check the size of the structure pointed to by the guest physical address pqxl. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-4144) It was discovered that QEMU did not properly manage memory in the ACPI Error Record Serialization Table (ERST) device. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 22.10. (CVE-2022-4172) It was discovered that QEMU did not properly manage memory when DMA memory writes happen repeatedly in the lsi53c895a device. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2023-0330) Update Instructions: Run `sudo pro fix USN-6167-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.27 qemu-system-common - 1:4.2-3ubuntu6.27 qemu-system-data - 1:4.2-3ubuntu6.27 qemu-system-misc - 1:4.2-3ubuntu6.27 qemu-utils - 1:4.2-3ubuntu6.27 qemu-block-extra - 1:4.2-3ubuntu6.27 qemu-system-s390x - 1:4.2-3ubuntu6.27 qemu-kvm - 1:4.2-3ubuntu6.27 qemu-user - 1:4.2-3ubuntu6.27 qemu-guest-agent - 1:4.2-3ubuntu6.27 qemu-system - 1:4.2-3ubuntu6.27 qemu-system-x86-xen - 1:4.2-3ubuntu6.27 qemu-user-static - 1:4.2-3ubuntu6.27 qemu - 1:4.2-3ubuntu6.27 qemu-user-binfmt - 1:4.2-3ubuntu6.27 qemu-system-x86 - 1:4.2-3ubuntu6.27 qemu-system-sparc - 1:4.2-3ubuntu6.27 qemu-system-gui - 1:4.2-3ubuntu6.27 qemu-system-arm - 1:4.2-3ubuntu6.27 qemu-system-ppc - 1:4.2-3ubuntu6.27 qemu-system-mips - 1:4.2-3ubuntu6.27 No subscription required Medium CVE-2022-1050 CVE-2022-4144 CVE-2022-4172 CVE-2023-0330 Ubuntu 20.04 LTS Gregory James Duck discovered that libx11 incorrectly handled certain Request, Event, or Error IDs. If a user were tricked into connecting to a malicious X Server, a remote attacker could possibly use this issue to cause libx11 to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6168-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libx11-6 - 2:1.6.9-2ubuntu1.5 libx11-data - 2:1.6.9-2ubuntu1.5 libx11-xcb-dev - 2:1.6.9-2ubuntu1.5 libx11-xcb1 - 2:1.6.9-2ubuntu1.5 libx11-doc - 2:1.6.9-2ubuntu1.5 libx11-dev - 2:1.6.9-2ubuntu1.5 No subscription required Medium CVE-2023-3138 Ubuntu 20.04 LTS It was discovered that GNU SASL's GSSAPI server could make an out-of-bounds reads if given specially crafted GSS-API authentication data. A remote attacker could possibly use this issue to cause a denial of service or to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6169-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgsasl7 - 1.8.1-1ubuntu0.1~esm1 libgsasl7-dev - 1.8.1-1ubuntu0.1~esm1 gsasl - 1.8.1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Low CVE-2022-2469 Ubuntu 20.04 LTS It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1076) It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1077) It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1670) It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2023-1859) Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2 mitigations with prctl syscall were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-1998) It was discovered that the BigBen Interactive Kids' gamepad driver in the Linux kernel did not properly handle device removal, leading to a use- after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-25012) It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2985) Update Instructions: Run `sudo pro fix USN-6172-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-iwlwifi-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-modules-extra-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-modules-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-gke-5.15-headers-5.15.0-1036 - 5.15.0-1036.41~20.04.1 linux-gke-5.15-tools-5.15.0-1036 - 5.15.0-1036.41~20.04.1 linux-tools-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-headers-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-buildinfo-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-image-unsigned-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-image-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 No subscription required linux-image-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-modules-extra-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-gcp-5.15-tools-5.15.0-1036 - 5.15.0-1036.44~20.04.1 linux-image-unsigned-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-modules-iwlwifi-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-tools-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-headers-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-gcp-5.15-headers-5.15.0-1036 - 5.15.0-1036.44~20.04.1 linux-buildinfo-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-modules-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 No subscription required linux-buildinfo-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 linux-image-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 linux-oracle-5.15-headers-5.15.0-1037 - 5.15.0-1037.43~20.04.1 linux-modules-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 linux-modules-extra-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 linux-oracle-5.15-tools-5.15.0-1037 - 5.15.0-1037.43~20.04.1 linux-tools-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 linux-headers-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 linux-image-unsigned-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 No subscription required linux-image-unsigned-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-aws-5.15-headers-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-image-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-cloud-tools-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-buildinfo-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-tools-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-headers-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-aws-5.15-tools-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-modules-extra-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-modules-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 No subscription required linux-buildinfo-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-headers-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-tools-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-modules-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-azure-5.15-tools-5.15.0-1040 - 5.15.0-1040.47~20.04.1 linux-cloud-tools-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-image-unsigned-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-azure-5.15-headers-5.15.0-1040 - 5.15.0-1040.47~20.04.1 linux-image-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-modules-extra-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1040 - 5.15.0-1040.47~20.04.1 No subscription required linux-image-5.15.0-1040-azure-fde - 5.15.0-1040.47~20.04.1.1 linux-image-unsigned-5.15.0-1040-azure-fde - 5.15.0-1040.47~20.04.1.1 No subscription required linux-buildinfo-5.15.0-75-generic-lpae - 5.15.0-75.82~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-75.82~20.04.1 linux-image-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-image-unsigned-5.15.0-75-generic-64k - 5.15.0-75.82~20.04.1 linux-tools-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-75 - 5.15.0-75.82~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-75.82~20.04.1 linux-modules-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-headers-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-75.82~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-75 - 5.15.0-75.82~20.04.1 linux-tools-5.15.0-75-generic-64k - 5.15.0-75.82~20.04.1 linux-buildinfo-5.15.0-75-generic-64k - 5.15.0-75.82~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-75 - 5.15.0-75.82~20.04.1 linux-modules-iwlwifi-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-headers-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-modules-iwlwifi-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-image-5.15.0-75-generic-lpae - 5.15.0-75.82~20.04.1 linux-image-5.15.0-75-generic-64k - 5.15.0-75.82~20.04.1 linux-headers-5.15.0-75-generic-64k - 5.15.0-75.82~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-75.82~20.04.1 linux-image-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-headers-5.15.0-75-lowlatency-64k - 5.15.0-75.82~20.04.1 linux-image-unsigned-5.15.0-75-lowlatency-64k - 5.15.0-75.82~20.04.1 linux-tools-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-image-5.15.0-75-lowlatency-64k - 5.15.0-75.82~20.04.1 linux-modules-5.15.0-75-lowlatency-64k - 5.15.0-75.82~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-75 - 5.15.0-75.82~20.04.1 linux-hwe-5.15-headers-5.15.0-75 - 5.15.0-75.82~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-75.82~20.04.1 linux-headers-5.15.0-75-generic-lpae - 5.15.0-75.82~20.04.1 linux-buildinfo-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-hwe-5.15-tools-5.15.0-75 - 5.15.0-75.82~20.04.1 linux-buildinfo-5.15.0-75-lowlatency-64k - 5.15.0-75.82~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-75.82~20.04.1 linux-buildinfo-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-image-unsigned-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-modules-5.15.0-75-generic-lpae - 5.15.0-75.82~20.04.1 linux-tools-5.15.0-75-lowlatency-64k - 5.15.0-75.82~20.04.1 linux-tools-5.15.0-75-generic-lpae - 5.15.0-75.82~20.04.1 linux-cloud-tools-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-modules-extra-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-75.82~20.04.1 linux-image-unsigned-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-cloud-tools-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-modules-5.15.0-75-generic-64k - 5.15.0-75.82~20.04.1 linux-modules-5.15.0-75-generic - 5.15.0-75.82~20.04.1 No subscription required linux-image-gke-edge - 5.15.0.1036.41~20.04.1 linux-headers-gke-5.15 - 5.15.0.1036.41~20.04.1 linux-image-gke-5.15 - 5.15.0.1036.41~20.04.1 linux-tools-gke-5.15 - 5.15.0.1036.41~20.04.1 linux-headers-gke-edge - 5.15.0.1036.41~20.04.1 linux-gke-5.15 - 5.15.0.1036.41~20.04.1 linux-tools-gke-edge - 5.15.0.1036.41~20.04.1 linux-gke-edge - 5.15.0.1036.41~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1036.44~20.04.1 linux-headers-gcp-edge - 5.15.0.1036.44~20.04.1 linux-modules-extra-gcp - 5.15.0.1036.44~20.04.1 linux-gcp - 5.15.0.1036.44~20.04.1 linux-tools-gcp - 5.15.0.1036.44~20.04.1 linux-image-gcp - 5.15.0.1036.44~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1036.44~20.04.1 linux-tools-gcp-edge - 5.15.0.1036.44~20.04.1 linux-headers-gcp - 5.15.0.1036.44~20.04.1 linux-gcp-edge - 5.15.0.1036.44~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1037.43~20.04.1 linux-tools-oracle - 5.15.0.1037.43~20.04.1 linux-tools-oracle-edge - 5.15.0.1037.43~20.04.1 linux-oracle-edge - 5.15.0.1037.43~20.04.1 linux-image-oracle-edge - 5.15.0.1037.43~20.04.1 linux-image-oracle - 5.15.0.1037.43~20.04.1 linux-headers-oracle-edge - 5.15.0.1037.43~20.04.1 linux-oracle - 5.15.0.1037.43~20.04.1 No subscription required linux-image-aws - 5.15.0.1038.43~20.04.27 linux-aws-edge - 5.15.0.1038.43~20.04.27 linux-headers-aws - 5.15.0.1038.43~20.04.27 linux-modules-extra-aws-edge - 5.15.0.1038.43~20.04.27 linux-image-aws-edge - 5.15.0.1038.43~20.04.27 linux-headers-aws-edge - 5.15.0.1038.43~20.04.27 linux-modules-extra-aws - 5.15.0.1038.43~20.04.27 linux-tools-aws - 5.15.0.1038.43~20.04.27 linux-tools-aws-edge - 5.15.0.1038.43~20.04.27 linux-aws - 5.15.0.1038.43~20.04.27 No subscription required linux-cloud-tools-azure-fde-edge - 5.15.0.1040.47~20.04.1.19 linux-headers-azure-fde-edge - 5.15.0.1040.47~20.04.1.19 linux-tools-azure-fde - 5.15.0.1040.47~20.04.1.19 linux-modules-extra-azure-fde-edge - 5.15.0.1040.47~20.04.1.19 linux-image-azure-fde-edge - 5.15.0.1040.47~20.04.1.19 linux-cloud-tools-azure-fde - 5.15.0.1040.47~20.04.1.19 linux-headers-azure-fde - 5.15.0.1040.47~20.04.1.19 linux-tools-azure-fde-edge - 5.15.0.1040.47~20.04.1.19 linux-image-azure-fde - 5.15.0.1040.47~20.04.1.19 linux-azure-fde - 5.15.0.1040.47~20.04.1.19 linux-modules-extra-azure-fde - 5.15.0.1040.47~20.04.1.19 linux-azure-fde-edge - 5.15.0.1040.47~20.04.1.19 No subscription required linux-cloud-tools-azure - 5.15.0.1040.47~20.04.30 linux-modules-extra-azure-cvm - 5.15.0.1040.47~20.04.30 linux-azure - 5.15.0.1040.47~20.04.30 linux-image-azure - 5.15.0.1040.47~20.04.30 linux-headers-azure-edge - 5.15.0.1040.47~20.04.30 linux-headers-azure - 5.15.0.1040.47~20.04.30 linux-tools-azure-edge - 5.15.0.1040.47~20.04.30 linux-azure-cvm - 5.15.0.1040.47~20.04.30 linux-modules-extra-azure-edge - 5.15.0.1040.47~20.04.30 linux-cloud-tools-azure-cvm - 5.15.0.1040.47~20.04.30 linux-headers-azure-cvm - 5.15.0.1040.47~20.04.30 linux-tools-azure - 5.15.0.1040.47~20.04.30 linux-image-azure-edge - 5.15.0.1040.47~20.04.30 linux-image-azure-cvm - 5.15.0.1040.47~20.04.30 linux-tools-azure-cvm - 5.15.0.1040.47~20.04.30 linux-cloud-tools-azure-edge - 5.15.0.1040.47~20.04.30 linux-modules-extra-azure - 5.15.0.1040.47~20.04.30 linux-azure-edge - 5.15.0.1040.47~20.04.30 No subscription required linux-tools-lowlatency-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-lowlatency-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-headers-lowlatency-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-image-lowlatency-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-lowlatency-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-lowlatency-64k-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.33 No subscription required linux-image-virtual-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-headers-oem-20.04 - 5.15.0.75.82~20.04.36 linux-image-extra-virtual-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-modules-iwlwifi-oem-20.04 - 5.15.0.75.82~20.04.36 linux-oem-20.04 - 5.15.0.75.82~20.04.36 linux-generic-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-tools-virtual-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-image-generic-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-tools-oem-20.04d - 5.15.0.75.82~20.04.36 linux-tools-oem-20.04b - 5.15.0.75.82~20.04.36 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-virtual-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-generic-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-virtual-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-generic-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-image-oem-20.04c - 5.15.0.75.82~20.04.36 linux-image-oem-20.04b - 5.15.0.75.82~20.04.36 linux-image-oem-20.04d - 5.15.0.75.82~20.04.36 linux-headers-oem-20.04b - 5.15.0.75.82~20.04.36 linux-tools-virtual-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-modules-iwlwifi-oem-20.04d - 5.15.0.75.82~20.04.36 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-tools-oem-20.04c - 5.15.0.75.82~20.04.36 linux-generic-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-oem-20.04d - 5.15.0.75.82~20.04.36 linux-oem-20.04c - 5.15.0.75.82~20.04.36 linux-oem-20.04b - 5.15.0.75.82~20.04.36 linux-tools-oem-20.04 - 5.15.0.75.82~20.04.36 linux-image-generic-lpae-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-tools-generic-64k-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-oem-20.04c - 5.15.0.75.82~20.04.36 linux-headers-oem-20.04d - 5.15.0.75.82~20.04.36 linux-image-virtual-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-virtual-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-generic-64k-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-generic-lpae-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-tools-generic-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-image-generic-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-image-oem-20.04 - 5.15.0.75.82~20.04.36 linux-generic-lpae-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-tools-generic-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-headers-generic-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-generic-64k-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-image-generic-64k-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-virtual-hwe-20.04 - 5.15.0.75.82~20.04.36 No subscription required linux-image-5.4.0-152-generic-lpae - 5.4.0-152.169 linux-image-5.4.0-152-generic - 5.4.0-152.169 linux-source-5.4.0 - 5.4.0-152.169 linux-headers-5.4.0-152-generic - 5.4.0-152.169 linux-tools-5.4.0-152-generic-lpae - 5.4.0-152.169 linux-tools-5.4.0-152-generic - 5.4.0-152.169 linux-cloud-tools-common - 5.4.0-152.169 linux-modules-5.4.0-152-generic - 5.4.0-152.169 linux-libc-dev - 5.4.0-152.169 linux-image-5.4.0-152-lowlatency - 5.4.0-152.169 linux-cloud-tools-5.4.0-152 - 5.4.0-152.169 linux-buildinfo-5.4.0-152-generic-lpae - 5.4.0-152.169 linux-image-unsigned-5.4.0-152-generic - 5.4.0-152.169 linux-tools-host - 5.4.0-152.169 linux-buildinfo-5.4.0-152-generic - 5.4.0-152.169 linux-headers-5.4.0-152-generic-lpae - 5.4.0-152.169 linux-modules-5.4.0-152-lowlatency - 5.4.0-152.169 linux-tools-5.4.0-152 - 5.4.0-152.169 linux-modules-extra-5.4.0-152-generic - 5.4.0-152.169 linux-tools-common - 5.4.0-152.169 linux-buildinfo-5.4.0-152-lowlatency - 5.4.0-152.169 linux-doc - 5.4.0-152.169 linux-headers-5.4.0-152 - 5.4.0-152.169 linux-modules-5.4.0-152-generic-lpae - 5.4.0-152.169 linux-tools-5.4.0-152-lowlatency - 5.4.0-152.169 linux-cloud-tools-5.4.0-152-lowlatency - 5.4.0-152.169 linux-cloud-tools-5.4.0-152-generic - 5.4.0-152.169 linux-image-unsigned-5.4.0-152-lowlatency - 5.4.0-152.169 linux-headers-5.4.0-152-lowlatency - 5.4.0-152.169 No subscription required linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.152.149 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.152.149 linux-image-virtual - 5.4.0.152.149 linux-tools-lowlatency - 5.4.0.152.149 linux-headers-lowlatency-hwe-18.04 - 5.4.0.152.149 linux-lowlatency-hwe-18.04-edge - 5.4.0.152.149 linux-headers-generic-hwe-18.04 - 5.4.0.152.149 linux-source - 5.4.0.152.149 linux-cloud-tools-generic - 5.4.0.152.149 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.152.149 linux-generic - 5.4.0.152.149 linux-generic-hwe-18.04-edge - 5.4.0.152.149 linux-virtual-hwe-18.04 - 5.4.0.152.149 linux-generic-lpae-hwe-18.04 - 5.4.0.152.149 linux-headers-generic-hwe-18.04-edge - 5.4.0.152.149 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.152.149 linux-virtual-hwe-18.04-edge - 5.4.0.152.149 linux-tools-virtual-hwe-18.04 - 5.4.0.152.149 linux-image-lowlatency - 5.4.0.152.149 linux-image-oem-osp1 - 5.4.0.152.149 linux-crashdump - 5.4.0.152.149 linux-headers-virtual-hwe-18.04-edge - 5.4.0.152.149 linux-tools-virtual-hwe-18.04-edge - 5.4.0.152.149 linux-headers-virtual-hwe-18.04 - 5.4.0.152.149 linux-generic-lpae-hwe-18.04-edge - 5.4.0.152.149 linux-generic-lpae - 5.4.0.152.149 linux-tools-oem-osp1 - 5.4.0.152.149 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.152.149 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.152.149 linux-image-generic-hwe-18.04-edge - 5.4.0.152.149 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.152.149 linux-oem - 5.4.0.152.149 linux-tools-generic - 5.4.0.152.149 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.152.149 linux-headers-virtual - 5.4.0.152.149 linux-lowlatency-hwe-18.04 - 5.4.0.152.149 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.152.149 linux-image-generic-lpae - 5.4.0.152.149 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.152.149 linux-image-virtual-hwe-18.04-edge - 5.4.0.152.149 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.152.149 linux-image-generic-lpae-hwe-18.04 - 5.4.0.152.149 linux-image-generic-hwe-18.04 - 5.4.0.152.149 linux-image-oem - 5.4.0.152.149 linux-tools-lowlatency-hwe-18.04 - 5.4.0.152.149 linux-lowlatency - 5.4.0.152.149 linux-tools-virtual - 5.4.0.152.149 linux-virtual - 5.4.0.152.149 linux-image-extra-virtual - 5.4.0.152.149 linux-headers-oem - 5.4.0.152.149 linux-tools-generic-hwe-18.04-edge - 5.4.0.152.149 linux-image-virtual-hwe-18.04 - 5.4.0.152.149 linux-headers-lowlatency - 5.4.0.152.149 linux-oem-osp1 - 5.4.0.152.149 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.152.149 linux-image-lowlatency-hwe-18.04 - 5.4.0.152.149 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.152.149 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.152.149 linux-cloud-tools-virtual - 5.4.0.152.149 linux-headers-generic-lpae - 5.4.0.152.149 linux-oem-osp1-tools-host - 5.4.0.152.149 linux-cloud-tools-lowlatency - 5.4.0.152.149 linux-image-generic - 5.4.0.152.149 linux-image-extra-virtual-hwe-18.04 - 5.4.0.152.149 linux-tools-generic-lpae - 5.4.0.152.149 linux-tools-oem - 5.4.0.152.149 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.152.149 linux-oem-tools-host - 5.4.0.152.149 linux-headers-oem-osp1 - 5.4.0.152.149 linux-headers-generic - 5.4.0.152.149 linux-generic-hwe-18.04 - 5.4.0.152.149 linux-tools-generic-hwe-18.04 - 5.4.0.152.149 No subscription required Medium CVE-2023-1076 CVE-2023-1077 CVE-2023-1079 CVE-2023-1670 CVE-2023-1859 CVE-2023-1998 CVE-2023-25012 CVE-2023-2985 Ubuntu 20.04 LTS It was discovered that PyPDF2 incorrectly handled certain PDF files. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to consume system resources, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6176-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pypdf2 - 1.26.0-3ubuntu1.20.04.1 python-pypdf2 - 1.26.0-3ubuntu1.20.04.1 No subscription required Medium CVE-2022-24859 Ubuntu 20.04 LTS It was discovered that Jettison incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6177-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjettison-java - 1.4.0-1ubuntu0.20.04.1 No subscription required Medium CVE-2022-40149 CVE-2022-40150 CVE-2022-45685 CVE-2022-45693 Ubuntu 20.04 LTS It was discovered that Jettison incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6179-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjettison-java - 1.4.0-1ubuntu0.20.04.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-1436 Ubuntu 20.04 LTS It was discovered that VLC could be made to read out of bounds when decoding image files. If a user were tricked into opening a crafted image file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-19721) It was discovered that VLC could be made to write out of bounds when processing H.264 video files. If a user were tricked into opening a crafted H.264 video file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-13428) It was discovered that VLC could be made to read out of bounds when processing AVI video files. If a user were tricked into opening a crafted AVI video file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-25801, CVE-2021-25802, CVE-2021-25803, CVE-2021-25804) It was discovered that the VNC module of VLC contained an arithmetic overflow. If a user were tricked into opening a crafted playlist or connecting to a rouge VNC server, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2022-41325) Update Instructions: Run `sudo pro fix USN-6180-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvlc-bin - 3.0.9.2-1ubuntu0.1~esm1 libvlc-dev - 3.0.9.2-1ubuntu0.1~esm1 libvlc5 - 3.0.9.2-1ubuntu0.1~esm1 libvlccore-dev - 3.0.9.2-1ubuntu0.1~esm1 libvlccore9 - 3.0.9.2-1ubuntu0.1~esm1 vlc - 3.0.9.2-1ubuntu0.1~esm1 vlc-bin - 3.0.9.2-1ubuntu0.1~esm1 vlc-data - 3.0.9.2-1ubuntu0.1~esm1 vlc-l10n - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-access-extra - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-base - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-fluidsynth - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-jack - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-notify - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-qt - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-samba - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-skins2 - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-svg - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-video-output - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-video-splitter - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-visualization - 3.0.9.2-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-19721 CVE-2020-13428 CVE-2021-25801 CVE-2021-25802 CVE-2021-25803 CVE-2021-25804 CVE-2022-41325 Ubuntu 20.04 LTS It was discovered that pngcheck incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6182-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pngcheck - 2.3.0-7ubuntu0.20.04.1 No subscription required Medium CVE-2020-27818 CVE-2020-35511 Ubuntu 20.04 LTS Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A remote attacker could possibly use this issue to consume memory, leading to a denial of service. (CVE-2023-2828) It was discovered that Bind incorrectly handled the recursive-clients quota. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-2911) Update Instructions: Run `sudo pro fix USN-6183-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bind9 - 1:9.16.1-0ubuntu2.15 bind9-dnsutils - 1:9.16.1-0ubuntu2.15 bind9-doc - 1:9.16.1-0ubuntu2.15 bind9-host - 1:9.16.1-0ubuntu2.15 bind9-libs - 1:9.16.1-0ubuntu2.15 bind9-utils - 1:9.16.1-0ubuntu2.15 bind9utils - 1:9.16.1-0ubuntu2.15 dnsutils - 1:9.16.1-0ubuntu2.15 No subscription required Medium CVE-2023-2828 CVE-2023-2911 Ubuntu 20.04 LTS It was discovered that CUPS incorrectly handled certain memory operations. An attacker could possibly use this issue to cause CUPS to crash, resulting in a denial of service, or possibly obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6184-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cups - 2.3.1-9ubuntu1.4 cups-bsd - 2.3.1-9ubuntu1.4 cups-client - 2.3.1-9ubuntu1.4 cups-common - 2.3.1-9ubuntu1.4 cups-core-drivers - 2.3.1-9ubuntu1.4 cups-daemon - 2.3.1-9ubuntu1.4 cups-ipp-utils - 2.3.1-9ubuntu1.4 cups-ppdc - 2.3.1-9ubuntu1.4 cups-server-common - 2.3.1-9ubuntu1.4 libcups2 - 2.3.1-9ubuntu1.4 libcups2-dev - 2.3.1-9ubuntu1.4 libcupsimage2 - 2.3.1-9ubuntu1.4 libcupsimage2-dev - 2.3.1-9ubuntu1.4 No subscription required Medium CVE-2023-34241 Ubuntu 20.04 LTS It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1076) It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1077) It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1670) It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2023-1859) Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2 mitigations with prctl syscall were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-1998) It was discovered that the BigBen Interactive Kids' gamepad driver in the Linux kernel did not properly handle device removal, leading to a use- after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-25012) It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2985) Update Instructions: Run `sudo pro fix USN-6185-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1051-ibm - 5.4.0-1051.56 linux-headers-5.4.0-1051-ibm - 5.4.0-1051.56 linux-ibm-cloud-tools-common - 5.4.0-1051.56 linux-ibm-headers-5.4.0-1051 - 5.4.0-1051.56 linux-ibm-source-5.4.0 - 5.4.0-1051.56 linux-ibm-tools-5.4.0-1051 - 5.4.0-1051.56 linux-ibm-tools-common - 5.4.0-1051.56 linux-image-5.4.0-1051-ibm - 5.4.0-1051.56 linux-image-unsigned-5.4.0-1051-ibm - 5.4.0-1051.56 linux-modules-5.4.0-1051-ibm - 5.4.0-1051.56 linux-modules-extra-5.4.0-1051-ibm - 5.4.0-1051.56 linux-tools-5.4.0-1051-ibm - 5.4.0-1051.56 No subscription required linux-bluefield-headers-5.4.0-1065 - 5.4.0-1065.71 linux-bluefield-tools-5.4.0-1065 - 5.4.0-1065.71 linux-buildinfo-5.4.0-1065-bluefield - 5.4.0-1065.71 linux-headers-5.4.0-1065-bluefield - 5.4.0-1065.71 linux-image-5.4.0-1065-bluefield - 5.4.0-1065.71 linux-image-unsigned-5.4.0-1065-bluefield - 5.4.0-1065.71 linux-modules-5.4.0-1065-bluefield - 5.4.0-1065.71 linux-tools-5.4.0-1065-bluefield - 5.4.0-1065.71 No subscription required linux-buildinfo-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-cloud-tools-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-gkeop-cloud-tools-5.4.0-1071 - 5.4.0-1071.75 linux-gkeop-headers-5.4.0-1071 - 5.4.0-1071.75 linux-gkeop-source-5.4.0 - 5.4.0-1071.75 linux-gkeop-tools-5.4.0-1071 - 5.4.0-1071.75 linux-headers-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-image-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-image-unsigned-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-modules-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-modules-extra-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-tools-5.4.0-1071-gkeop - 5.4.0-1071.75 No subscription required linux-buildinfo-5.4.0-1088-raspi - 5.4.0-1088.99 linux-headers-5.4.0-1088-raspi - 5.4.0-1088.99 linux-image-5.4.0-1088-raspi - 5.4.0-1088.99 linux-modules-5.4.0-1088-raspi - 5.4.0-1088.99 linux-raspi-headers-5.4.0-1088 - 5.4.0-1088.99 linux-raspi-tools-5.4.0-1088 - 5.4.0-1088.99 linux-tools-5.4.0-1088-raspi - 5.4.0-1088.99 No subscription required linux-buildinfo-5.4.0-1093-kvm - 5.4.0-1093.99 linux-headers-5.4.0-1093-kvm - 5.4.0-1093.99 linux-image-5.4.0-1093-kvm - 5.4.0-1093.99 linux-image-unsigned-5.4.0-1093-kvm - 5.4.0-1093.99 linux-kvm-headers-5.4.0-1093 - 5.4.0-1093.99 linux-kvm-tools-5.4.0-1093 - 5.4.0-1093.99 linux-modules-5.4.0-1093-kvm - 5.4.0-1093.99 linux-tools-5.4.0-1093-kvm - 5.4.0-1093.99 No subscription required linux-buildinfo-5.4.0-1102-gke - 5.4.0-1102.109 linux-gke-headers-5.4.0-1102 - 5.4.0-1102.109 linux-gke-tools-5.4.0-1102 - 5.4.0-1102.109 linux-headers-5.4.0-1102-gke - 5.4.0-1102.109 linux-image-5.4.0-1102-gke - 5.4.0-1102.109 linux-image-unsigned-5.4.0-1102-gke - 5.4.0-1102.109 linux-modules-5.4.0-1102-gke - 5.4.0-1102.109 linux-modules-extra-5.4.0-1102-gke - 5.4.0-1102.109 linux-tools-5.4.0-1102-gke - 5.4.0-1102.109 No subscription required linux-buildinfo-5.4.0-1103-oracle - 5.4.0-1103.112 linux-headers-5.4.0-1103-oracle - 5.4.0-1103.112 linux-image-5.4.0-1103-oracle - 5.4.0-1103.112 linux-image-unsigned-5.4.0-1103-oracle - 5.4.0-1103.112 linux-modules-5.4.0-1103-oracle - 5.4.0-1103.112 linux-modules-extra-5.4.0-1103-oracle - 5.4.0-1103.112 linux-oracle-headers-5.4.0-1103 - 5.4.0-1103.112 linux-oracle-tools-5.4.0-1103 - 5.4.0-1103.112 linux-tools-5.4.0-1103-oracle - 5.4.0-1103.112 No subscription required linux-aws-cloud-tools-5.4.0-1104 - 5.4.0-1104.112 linux-aws-headers-5.4.0-1104 - 5.4.0-1104.112 linux-aws-tools-5.4.0-1104 - 5.4.0-1104.112 linux-buildinfo-5.4.0-1104-aws - 5.4.0-1104.112 linux-cloud-tools-5.4.0-1104-aws - 5.4.0-1104.112 linux-headers-5.4.0-1104-aws - 5.4.0-1104.112 linux-image-5.4.0-1104-aws - 5.4.0-1104.112 linux-image-unsigned-5.4.0-1104-aws - 5.4.0-1104.112 linux-modules-5.4.0-1104-aws - 5.4.0-1104.112 linux-modules-extra-5.4.0-1104-aws - 5.4.0-1104.112 linux-tools-5.4.0-1104-aws - 5.4.0-1104.112 No subscription required linux-buildinfo-5.4.0-1107-gcp - 5.4.0-1107.116 linux-gcp-headers-5.4.0-1107 - 5.4.0-1107.116 linux-gcp-tools-5.4.0-1107 - 5.4.0-1107.116 linux-headers-5.4.0-1107-gcp - 5.4.0-1107.116 linux-image-5.4.0-1107-gcp - 5.4.0-1107.116 linux-image-unsigned-5.4.0-1107-gcp - 5.4.0-1107.116 linux-modules-5.4.0-1107-gcp - 5.4.0-1107.116 linux-modules-extra-5.4.0-1107-gcp - 5.4.0-1107.116 linux-tools-5.4.0-1107-gcp - 5.4.0-1107.116 No subscription required linux-azure-cloud-tools-5.4.0-1110 - 5.4.0-1110.116 linux-azure-headers-5.4.0-1110 - 5.4.0-1110.116 linux-azure-tools-5.4.0-1110 - 5.4.0-1110.116 linux-buildinfo-5.4.0-1110-azure - 5.4.0-1110.116 linux-cloud-tools-5.4.0-1110-azure - 5.4.0-1110.116 linux-headers-5.4.0-1110-azure - 5.4.0-1110.116 linux-image-5.4.0-1110-azure - 5.4.0-1110.116 linux-image-unsigned-5.4.0-1110-azure - 5.4.0-1110.116 linux-modules-5.4.0-1110-azure - 5.4.0-1110.116 linux-modules-extra-5.4.0-1110-azure - 5.4.0-1110.116 linux-tools-5.4.0-1110-azure - 5.4.0-1110.116 No subscription required linux-headers-ibm - 5.4.0.1051.77 linux-headers-ibm-lts-20.04 - 5.4.0.1051.77 linux-ibm - 5.4.0.1051.77 linux-ibm-lts-20.04 - 5.4.0.1051.77 linux-image-ibm - 5.4.0.1051.77 linux-image-ibm-lts-20.04 - 5.4.0.1051.77 linux-modules-extra-ibm - 5.4.0.1051.77 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1051.77 linux-tools-ibm - 5.4.0.1051.77 linux-tools-ibm-lts-20.04 - 5.4.0.1051.77 No subscription required linux-bluefield - 5.4.0.1065.60 linux-headers-bluefield - 5.4.0.1065.60 linux-image-bluefield - 5.4.0.1065.60 linux-tools-bluefield - 5.4.0.1065.60 No subscription required linux-cloud-tools-gkeop - 5.4.0.1071.69 linux-cloud-tools-gkeop-5.4 - 5.4.0.1071.69 linux-gkeop - 5.4.0.1071.69 linux-gkeop-5.4 - 5.4.0.1071.69 linux-headers-gkeop - 5.4.0.1071.69 linux-headers-gkeop-5.4 - 5.4.0.1071.69 linux-image-gkeop - 5.4.0.1071.69 linux-image-gkeop-5.4 - 5.4.0.1071.69 linux-modules-extra-gkeop - 5.4.0.1071.69 linux-modules-extra-gkeop-5.4 - 5.4.0.1071.69 linux-tools-gkeop - 5.4.0.1071.69 linux-tools-gkeop-5.4 - 5.4.0.1071.69 No subscription required linux-headers-raspi - 5.4.0.1088.118 linux-headers-raspi-hwe-18.04 - 5.4.0.1088.118 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1088.118 linux-headers-raspi2 - 5.4.0.1088.118 linux-headers-raspi2-hwe-18.04 - 5.4.0.1088.118 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1088.118 linux-image-raspi - 5.4.0.1088.118 linux-image-raspi-hwe-18.04 - 5.4.0.1088.118 linux-image-raspi-hwe-18.04-edge - 5.4.0.1088.118 linux-image-raspi2 - 5.4.0.1088.118 linux-image-raspi2-hwe-18.04 - 5.4.0.1088.118 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1088.118 linux-raspi - 5.4.0.1088.118 linux-raspi-hwe-18.04 - 5.4.0.1088.118 linux-raspi-hwe-18.04-edge - 5.4.0.1088.118 linux-raspi2 - 5.4.0.1088.118 linux-raspi2-hwe-18.04 - 5.4.0.1088.118 linux-raspi2-hwe-18.04-edge - 5.4.0.1088.118 linux-tools-raspi - 5.4.0.1088.118 linux-tools-raspi-hwe-18.04 - 5.4.0.1088.118 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1088.118 linux-tools-raspi2 - 5.4.0.1088.118 linux-tools-raspi2-hwe-18.04 - 5.4.0.1088.118 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1088.118 No subscription required linux-headers-kvm - 5.4.0.1093.88 linux-image-kvm - 5.4.0.1093.88 linux-kvm - 5.4.0.1093.88 linux-tools-kvm - 5.4.0.1093.88 No subscription required linux-gke - 5.4.0.1102.107 linux-gke-5.4 - 5.4.0.1102.107 linux-headers-gke - 5.4.0.1102.107 linux-headers-gke-5.4 - 5.4.0.1102.107 linux-image-gke - 5.4.0.1102.107 linux-image-gke-5.4 - 5.4.0.1102.107 linux-modules-extra-gke - 5.4.0.1102.107 linux-modules-extra-gke-5.4 - 5.4.0.1102.107 linux-tools-gke - 5.4.0.1102.107 linux-tools-gke-5.4 - 5.4.0.1102.107 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1103.96 linux-image-oracle-lts-20.04 - 5.4.0.1103.96 linux-oracle-lts-20.04 - 5.4.0.1103.96 linux-tools-oracle-lts-20.04 - 5.4.0.1103.96 No subscription required linux-aws-lts-20.04 - 5.4.0.1104.101 linux-headers-aws-lts-20.04 - 5.4.0.1104.101 linux-image-aws-lts-20.04 - 5.4.0.1104.101 linux-modules-extra-aws-lts-20.04 - 5.4.0.1104.101 linux-tools-aws-lts-20.04 - 5.4.0.1104.101 No subscription required linux-gcp-lts-20.04 - 5.4.0.1107.109 linux-headers-gcp-lts-20.04 - 5.4.0.1107.109 linux-image-gcp-lts-20.04 - 5.4.0.1107.109 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1107.109 linux-tools-gcp-lts-20.04 - 5.4.0.1107.109 No subscription required linux-azure-lts-20.04 - 5.4.0.1110.103 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1110.103 linux-headers-azure-lts-20.04 - 5.4.0.1110.103 linux-image-azure-lts-20.04 - 5.4.0.1110.103 linux-modules-extra-azure-lts-20.04 - 5.4.0.1110.103 linux-tools-azure-lts-20.04 - 5.4.0.1110.103 No subscription required Medium CVE-2023-1076 CVE-2023-1077 CVE-2023-1079 CVE-2023-1670 CVE-2023-1859 CVE-2023-1998 CVE-2023-25012 CVE-2023-2985 Ubuntu 20.04 LTS It was discovered that etcd leaked credentials when debugging was enabled. This allowed remote attackers to discover etcd authentication credentials and possibly escalate privileges on systems using etcd. Update Instructions: Run `sudo pro fix USN-6189-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: etcd - 3.2.26+dfsg-6ubuntu0.2+esm1 etcd-client - 3.2.26+dfsg-6ubuntu0.2+esm1 etcd-server - 3.2.26+dfsg-6ubuntu0.2+esm1 golang-etcd-server-dev - 3.2.26+dfsg-6ubuntu0.2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-28235 Ubuntu 20.04 LTS Kevin Backhouse discovered that AccountsService incorrectly handled certain D-Bus messages. A local attacker could use this issue to cause AccountsService to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6190-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: accountsservice - 0.6.55-0ubuntu12~20.04.6 gir1.2-accountsservice-1.0 - 0.6.55-0ubuntu12~20.04.6 libaccountsservice-dev - 0.6.55-0ubuntu12~20.04.6 libaccountsservice-doc - 0.6.55-0ubuntu12~20.04.6 libaccountsservice0 - 0.6.55-0ubuntu12~20.04.6 No subscription required Medium CVE-2023-3297 Ubuntu 20.04 LTS Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220) Update Instructions: Run `sudo pro fix USN-6193-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-cloud-tools-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1023 - 5.15.0-1023.28~20.04.1 linux-gkeop-5.15-headers-5.15.0-1023 - 5.15.0-1023.28~20.04.1 linux-gkeop-5.15-tools-5.15.0-1023 - 5.15.0-1023.28~20.04.1 linux-headers-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-image-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-image-unsigned-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-modules-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-modules-extra-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-tools-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 No subscription required linux-buildinfo-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-gke-5.15-headers-5.15.0-1037 - 5.15.0-1037.42~20.04.1 linux-gke-5.15-tools-5.15.0-1037 - 5.15.0-1037.42~20.04.1 linux-headers-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-image-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-image-unsigned-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-modules-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-modules-extra-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-modules-iwlwifi-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-tools-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 No subscription required linux-buildinfo-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-gcp-5.15-headers-5.15.0-1037 - 5.15.0-1037.45~20.04.1 linux-gcp-5.15-tools-5.15.0-1037 - 5.15.0-1037.45~20.04.1 linux-headers-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-image-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-image-unsigned-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-modules-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-modules-extra-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-modules-iwlwifi-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-tools-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 No subscription required linux-buildinfo-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 linux-headers-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 linux-image-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 linux-image-unsigned-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 linux-modules-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 linux-modules-extra-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 linux-oracle-5.15-headers-5.15.0-1038 - 5.15.0-1038.44~20.04.1 linux-oracle-5.15-tools-5.15.0-1038 - 5.15.0-1038.44~20.04.1 linux-tools-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1039 - 5.15.0-1039.44~20.04.1 linux-aws-5.15-headers-5.15.0-1039 - 5.15.0-1039.44~20.04.1 linux-aws-5.15-tools-5.15.0-1039 - 5.15.0-1039.44~20.04.1 linux-buildinfo-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-cloud-tools-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-headers-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-image-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-image-unsigned-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-modules-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-modules-extra-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-tools-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1041 - 5.15.0-1041.48~20.04.1 linux-azure-5.15-headers-5.15.0-1041 - 5.15.0-1041.48~20.04.1 linux-azure-5.15-tools-5.15.0-1041 - 5.15.0-1041.48~20.04.1 linux-buildinfo-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-cloud-tools-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-headers-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-image-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-image-unsigned-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-modules-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-modules-extra-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-tools-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 No subscription required linux-image-5.15.0-1041-azure-fde - 5.15.0-1041.48~20.04.1.1 linux-image-unsigned-5.15.0-1041-azure-fde - 5.15.0-1041.48~20.04.1.1 No subscription required linux-buildinfo-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-buildinfo-5.15.0-76-generic-64k - 5.15.0-76.83~20.04.1 linux-buildinfo-5.15.0-76-generic-lpae - 5.15.0-76.83~20.04.1 linux-buildinfo-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-buildinfo-5.15.0-76-lowlatency-64k - 5.15.0-76.83~20.04.1 linux-cloud-tools-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-cloud-tools-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-headers-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-headers-5.15.0-76-generic-64k - 5.15.0-76.83~20.04.1 linux-headers-5.15.0-76-generic-lpae - 5.15.0-76.83~20.04.1 linux-headers-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-headers-5.15.0-76-lowlatency-64k - 5.15.0-76.83~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-76 - 5.15.0-76.83~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-76.83~20.04.1 linux-hwe-5.15-headers-5.15.0-76 - 5.15.0-76.83~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-76.83~20.04.1 linux-hwe-5.15-tools-5.15.0-76 - 5.15.0-76.83~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-76.83~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-76.83~20.04.1 linux-image-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-image-5.15.0-76-generic-64k - 5.15.0-76.83~20.04.1 linux-image-5.15.0-76-generic-lpae - 5.15.0-76.83~20.04.1 linux-image-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-image-5.15.0-76-lowlatency-64k - 5.15.0-76.83~20.04.1 linux-image-unsigned-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-image-unsigned-5.15.0-76-generic-64k - 5.15.0-76.83~20.04.1 linux-image-unsigned-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-image-unsigned-5.15.0-76-lowlatency-64k - 5.15.0-76.83~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-76 - 5.15.0-76.83~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-76.83~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-76 - 5.15.0-76.83~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-76 - 5.15.0-76.83~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-76.83~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-76.83~20.04.1 linux-modules-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-modules-5.15.0-76-generic-64k - 5.15.0-76.83~20.04.1 linux-modules-5.15.0-76-generic-lpae - 5.15.0-76.83~20.04.1 linux-modules-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-modules-5.15.0-76-lowlatency-64k - 5.15.0-76.83~20.04.1 linux-modules-extra-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-modules-iwlwifi-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-modules-iwlwifi-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-tools-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-tools-5.15.0-76-generic-64k - 5.15.0-76.83~20.04.1 linux-tools-5.15.0-76-generic-lpae - 5.15.0-76.83~20.04.1 linux-tools-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-tools-5.15.0-76-lowlatency-64k - 5.15.0-76.83~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1023.28~20.04.19 linux-cloud-tools-gkeop-edge - 5.15.0.1023.28~20.04.19 linux-gkeop-5.15 - 5.15.0.1023.28~20.04.19 linux-gkeop-edge - 5.15.0.1023.28~20.04.19 linux-headers-gkeop-5.15 - 5.15.0.1023.28~20.04.19 linux-headers-gkeop-edge - 5.15.0.1023.28~20.04.19 linux-image-gkeop-5.15 - 5.15.0.1023.28~20.04.19 linux-image-gkeop-edge - 5.15.0.1023.28~20.04.19 linux-modules-extra-gkeop-5.15 - 5.15.0.1023.28~20.04.19 linux-modules-extra-gkeop-edge - 5.15.0.1023.28~20.04.19 linux-tools-gkeop-5.15 - 5.15.0.1023.28~20.04.19 linux-tools-gkeop-edge - 5.15.0.1023.28~20.04.19 No subscription required linux-gke-5.15 - 5.15.0.1037.42~20.04.1 linux-gke-edge - 5.15.0.1037.42~20.04.1 linux-headers-gke-5.15 - 5.15.0.1037.42~20.04.1 linux-headers-gke-edge - 5.15.0.1037.42~20.04.1 linux-image-gke-5.15 - 5.15.0.1037.42~20.04.1 linux-image-gke-edge - 5.15.0.1037.42~20.04.1 linux-tools-gke-5.15 - 5.15.0.1037.42~20.04.1 linux-tools-gke-edge - 5.15.0.1037.42~20.04.1 No subscription required linux-gcp - 5.15.0.1037.45~20.04.1 linux-gcp-edge - 5.15.0.1037.45~20.04.1 linux-headers-gcp - 5.15.0.1037.45~20.04.1 linux-headers-gcp-edge - 5.15.0.1037.45~20.04.1 linux-image-gcp - 5.15.0.1037.45~20.04.1 linux-image-gcp-edge - 5.15.0.1037.45~20.04.1 linux-modules-extra-gcp - 5.15.0.1037.45~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1037.45~20.04.1 linux-tools-gcp - 5.15.0.1037.45~20.04.1 linux-tools-gcp-edge - 5.15.0.1037.45~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1038.44~20.04.1 linux-headers-oracle-edge - 5.15.0.1038.44~20.04.1 linux-image-oracle - 5.15.0.1038.44~20.04.1 linux-image-oracle-edge - 5.15.0.1038.44~20.04.1 linux-oracle - 5.15.0.1038.44~20.04.1 linux-oracle-edge - 5.15.0.1038.44~20.04.1 linux-tools-oracle - 5.15.0.1038.44~20.04.1 linux-tools-oracle-edge - 5.15.0.1038.44~20.04.1 No subscription required linux-aws - 5.15.0.1039.44~20.04.28 linux-aws-edge - 5.15.0.1039.44~20.04.28 linux-headers-aws - 5.15.0.1039.44~20.04.28 linux-headers-aws-edge - 5.15.0.1039.44~20.04.28 linux-image-aws - 5.15.0.1039.44~20.04.28 linux-image-aws-edge - 5.15.0.1039.44~20.04.28 linux-modules-extra-aws - 5.15.0.1039.44~20.04.28 linux-modules-extra-aws-edge - 5.15.0.1039.44~20.04.28 linux-tools-aws - 5.15.0.1039.44~20.04.28 linux-tools-aws-edge - 5.15.0.1039.44~20.04.28 No subscription required linux-azure-fde - 5.15.0.1041.48~20.04.1.20 linux-azure-fde-edge - 5.15.0.1041.48~20.04.1.20 linux-cloud-tools-azure-fde - 5.15.0.1041.48~20.04.1.20 linux-cloud-tools-azure-fde-edge - 5.15.0.1041.48~20.04.1.20 linux-headers-azure-fde - 5.15.0.1041.48~20.04.1.20 linux-headers-azure-fde-edge - 5.15.0.1041.48~20.04.1.20 linux-image-azure-fde - 5.15.0.1041.48~20.04.1.20 linux-image-azure-fde-edge - 5.15.0.1041.48~20.04.1.20 linux-modules-extra-azure-fde - 5.15.0.1041.48~20.04.1.20 linux-modules-extra-azure-fde-edge - 5.15.0.1041.48~20.04.1.20 linux-tools-azure-fde - 5.15.0.1041.48~20.04.1.20 linux-tools-azure-fde-edge - 5.15.0.1041.48~20.04.1.20 No subscription required linux-azure - 5.15.0.1041.48~20.04.31 linux-azure-cvm - 5.15.0.1041.48~20.04.31 linux-azure-edge - 5.15.0.1041.48~20.04.31 linux-cloud-tools-azure - 5.15.0.1041.48~20.04.31 linux-cloud-tools-azure-cvm - 5.15.0.1041.48~20.04.31 linux-cloud-tools-azure-edge - 5.15.0.1041.48~20.04.31 linux-headers-azure - 5.15.0.1041.48~20.04.31 linux-headers-azure-cvm - 5.15.0.1041.48~20.04.31 linux-headers-azure-edge - 5.15.0.1041.48~20.04.31 linux-image-azure - 5.15.0.1041.48~20.04.31 linux-image-azure-cvm - 5.15.0.1041.48~20.04.31 linux-image-azure-edge - 5.15.0.1041.48~20.04.31 linux-modules-extra-azure - 5.15.0.1041.48~20.04.31 linux-modules-extra-azure-cvm - 5.15.0.1041.48~20.04.31 linux-modules-extra-azure-edge - 5.15.0.1041.48~20.04.31 linux-tools-azure - 5.15.0.1041.48~20.04.31 linux-tools-azure-cvm - 5.15.0.1041.48~20.04.31 linux-tools-azure-edge - 5.15.0.1041.48~20.04.31 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-headers-lowlatency-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-image-lowlatency-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-lowlatency-64k-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-lowlatency-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-lowlatency-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-tools-lowlatency-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.76.83~20.04.34 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-generic-64k-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-generic-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-generic-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-generic-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-generic-lpae-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-generic-lpae-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-headers-generic-64k-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-headers-generic-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-headers-generic-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-headers-oem-20.04 - 5.15.0.76.83~20.04.37 linux-headers-oem-20.04b - 5.15.0.76.83~20.04.37 linux-headers-oem-20.04c - 5.15.0.76.83~20.04.37 linux-headers-oem-20.04d - 5.15.0.76.83~20.04.37 linux-headers-virtual-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-headers-virtual-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-image-extra-virtual-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-image-generic-64k-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-image-generic-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-image-generic-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-image-generic-lpae-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-image-oem-20.04 - 5.15.0.76.83~20.04.37 linux-image-oem-20.04b - 5.15.0.76.83~20.04.37 linux-image-oem-20.04c - 5.15.0.76.83~20.04.37 linux-image-oem-20.04d - 5.15.0.76.83~20.04.37 linux-image-virtual-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-image-virtual-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-modules-iwlwifi-oem-20.04 - 5.15.0.76.83~20.04.37 linux-modules-iwlwifi-oem-20.04d - 5.15.0.76.83~20.04.37 linux-oem-20.04 - 5.15.0.76.83~20.04.37 linux-oem-20.04b - 5.15.0.76.83~20.04.37 linux-oem-20.04c - 5.15.0.76.83~20.04.37 linux-oem-20.04d - 5.15.0.76.83~20.04.37 linux-tools-generic-64k-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-tools-generic-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-tools-generic-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-tools-oem-20.04 - 5.15.0.76.83~20.04.37 linux-tools-oem-20.04b - 5.15.0.76.83~20.04.37 linux-tools-oem-20.04c - 5.15.0.76.83~20.04.37 linux-tools-oem-20.04d - 5.15.0.76.83~20.04.37 linux-tools-virtual-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-tools-virtual-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-virtual-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-virtual-hwe-20.04-edge - 5.15.0.76.83~20.04.37 No subscription required linux-buildinfo-5.4.0-1052-ibm - 5.4.0-1052.57 linux-headers-5.4.0-1052-ibm - 5.4.0-1052.57 linux-ibm-cloud-tools-common - 5.4.0-1052.57 linux-ibm-headers-5.4.0-1052 - 5.4.0-1052.57 linux-ibm-source-5.4.0 - 5.4.0-1052.57 linux-ibm-tools-5.4.0-1052 - 5.4.0-1052.57 linux-ibm-tools-common - 5.4.0-1052.57 linux-image-5.4.0-1052-ibm - 5.4.0-1052.57 linux-image-unsigned-5.4.0-1052-ibm - 5.4.0-1052.57 linux-modules-5.4.0-1052-ibm - 5.4.0-1052.57 linux-modules-extra-5.4.0-1052-ibm - 5.4.0-1052.57 linux-tools-5.4.0-1052-ibm - 5.4.0-1052.57 No subscription required linux-bluefield-headers-5.4.0-1066 - 5.4.0-1066.72 linux-bluefield-tools-5.4.0-1066 - 5.4.0-1066.72 linux-buildinfo-5.4.0-1066-bluefield - 5.4.0-1066.72 linux-headers-5.4.0-1066-bluefield - 5.4.0-1066.72 linux-image-5.4.0-1066-bluefield - 5.4.0-1066.72 linux-image-unsigned-5.4.0-1066-bluefield - 5.4.0-1066.72 linux-modules-5.4.0-1066-bluefield - 5.4.0-1066.72 linux-tools-5.4.0-1066-bluefield - 5.4.0-1066.72 No subscription required linux-buildinfo-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-cloud-tools-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-gkeop-cloud-tools-5.4.0-1072 - 5.4.0-1072.76 linux-gkeop-headers-5.4.0-1072 - 5.4.0-1072.76 linux-gkeop-source-5.4.0 - 5.4.0-1072.76 linux-gkeop-tools-5.4.0-1072 - 5.4.0-1072.76 linux-headers-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-image-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-image-unsigned-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-modules-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-modules-extra-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-tools-5.4.0-1072-gkeop - 5.4.0-1072.76 No subscription required linux-buildinfo-5.4.0-1089-raspi - 5.4.0-1089.100 linux-headers-5.4.0-1089-raspi - 5.4.0-1089.100 linux-image-5.4.0-1089-raspi - 5.4.0-1089.100 linux-modules-5.4.0-1089-raspi - 5.4.0-1089.100 linux-raspi-headers-5.4.0-1089 - 5.4.0-1089.100 linux-raspi-tools-5.4.0-1089 - 5.4.0-1089.100 linux-tools-5.4.0-1089-raspi - 5.4.0-1089.100 No subscription required linux-buildinfo-5.4.0-1094-kvm - 5.4.0-1094.100 linux-headers-5.4.0-1094-kvm - 5.4.0-1094.100 linux-image-5.4.0-1094-kvm - 5.4.0-1094.100 linux-image-unsigned-5.4.0-1094-kvm - 5.4.0-1094.100 linux-kvm-headers-5.4.0-1094 - 5.4.0-1094.100 linux-kvm-tools-5.4.0-1094 - 5.4.0-1094.100 linux-modules-5.4.0-1094-kvm - 5.4.0-1094.100 linux-tools-5.4.0-1094-kvm - 5.4.0-1094.100 No subscription required linux-buildinfo-5.4.0-1104-oracle - 5.4.0-1104.113 linux-headers-5.4.0-1104-oracle - 5.4.0-1104.113 linux-image-5.4.0-1104-oracle - 5.4.0-1104.113 linux-image-unsigned-5.4.0-1104-oracle - 5.4.0-1104.113 linux-modules-5.4.0-1104-oracle - 5.4.0-1104.113 linux-modules-extra-5.4.0-1104-oracle - 5.4.0-1104.113 linux-oracle-headers-5.4.0-1104 - 5.4.0-1104.113 linux-oracle-tools-5.4.0-1104 - 5.4.0-1104.113 linux-tools-5.4.0-1104-oracle - 5.4.0-1104.113 No subscription required linux-aws-cloud-tools-5.4.0-1105 - 5.4.0-1105.113 linux-aws-headers-5.4.0-1105 - 5.4.0-1105.113 linux-aws-tools-5.4.0-1105 - 5.4.0-1105.113 linux-buildinfo-5.4.0-1105-aws - 5.4.0-1105.113 linux-cloud-tools-5.4.0-1105-aws - 5.4.0-1105.113 linux-headers-5.4.0-1105-aws - 5.4.0-1105.113 linux-image-5.4.0-1105-aws - 5.4.0-1105.113 linux-image-unsigned-5.4.0-1105-aws - 5.4.0-1105.113 linux-modules-5.4.0-1105-aws - 5.4.0-1105.113 linux-modules-extra-5.4.0-1105-aws - 5.4.0-1105.113 linux-tools-5.4.0-1105-aws - 5.4.0-1105.113 No subscription required linux-buildinfo-5.4.0-1108-gcp - 5.4.0-1108.117 linux-gcp-headers-5.4.0-1108 - 5.4.0-1108.117 linux-gcp-tools-5.4.0-1108 - 5.4.0-1108.117 linux-headers-5.4.0-1108-gcp - 5.4.0-1108.117 linux-image-5.4.0-1108-gcp - 5.4.0-1108.117 linux-image-unsigned-5.4.0-1108-gcp - 5.4.0-1108.117 linux-modules-5.4.0-1108-gcp - 5.4.0-1108.117 linux-modules-extra-5.4.0-1108-gcp - 5.4.0-1108.117 linux-tools-5.4.0-1108-gcp - 5.4.0-1108.117 No subscription required linux-azure-cloud-tools-5.4.0-1111 - 5.4.0-1111.117 linux-azure-headers-5.4.0-1111 - 5.4.0-1111.117 linux-azure-tools-5.4.0-1111 - 5.4.0-1111.117 linux-buildinfo-5.4.0-1111-azure - 5.4.0-1111.117 linux-cloud-tools-5.4.0-1111-azure - 5.4.0-1111.117 linux-headers-5.4.0-1111-azure - 5.4.0-1111.117 linux-image-5.4.0-1111-azure - 5.4.0-1111.117 linux-image-unsigned-5.4.0-1111-azure - 5.4.0-1111.117 linux-modules-5.4.0-1111-azure - 5.4.0-1111.117 linux-modules-extra-5.4.0-1111-azure - 5.4.0-1111.117 linux-tools-5.4.0-1111-azure - 5.4.0-1111.117 No subscription required linux-buildinfo-5.4.0-153-generic - 5.4.0-153.170 linux-buildinfo-5.4.0-153-generic-lpae - 5.4.0-153.170 linux-buildinfo-5.4.0-153-lowlatency - 5.4.0-153.170 linux-cloud-tools-5.4.0-153 - 5.4.0-153.170 linux-cloud-tools-5.4.0-153-generic - 5.4.0-153.170 linux-cloud-tools-5.4.0-153-lowlatency - 5.4.0-153.170 linux-cloud-tools-common - 5.4.0-153.170 linux-doc - 5.4.0-153.170 linux-headers-5.4.0-153 - 5.4.0-153.170 linux-headers-5.4.0-153-generic - 5.4.0-153.170 linux-headers-5.4.0-153-generic-lpae - 5.4.0-153.170 linux-headers-5.4.0-153-lowlatency - 5.4.0-153.170 linux-image-5.4.0-153-generic - 5.4.0-153.170 linux-image-5.4.0-153-generic-lpae - 5.4.0-153.170 linux-image-5.4.0-153-lowlatency - 5.4.0-153.170 linux-image-unsigned-5.4.0-153-generic - 5.4.0-153.170 linux-image-unsigned-5.4.0-153-lowlatency - 5.4.0-153.170 linux-libc-dev - 5.4.0-153.170 linux-modules-5.4.0-153-generic - 5.4.0-153.170 linux-modules-5.4.0-153-generic-lpae - 5.4.0-153.170 linux-modules-5.4.0-153-lowlatency - 5.4.0-153.170 linux-modules-extra-5.4.0-153-generic - 5.4.0-153.170 linux-source-5.4.0 - 5.4.0-153.170 linux-tools-5.4.0-153 - 5.4.0-153.170 linux-tools-5.4.0-153-generic - 5.4.0-153.170 linux-tools-5.4.0-153-generic-lpae - 5.4.0-153.170 linux-tools-5.4.0-153-lowlatency - 5.4.0-153.170 linux-tools-common - 5.4.0-153.170 linux-tools-host - 5.4.0-153.170 No subscription required linux-headers-ibm - 5.4.0.1052.78 linux-headers-ibm-lts-20.04 - 5.4.0.1052.78 linux-ibm - 5.4.0.1052.78 linux-ibm-lts-20.04 - 5.4.0.1052.78 linux-image-ibm - 5.4.0.1052.78 linux-image-ibm-lts-20.04 - 5.4.0.1052.78 linux-modules-extra-ibm - 5.4.0.1052.78 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1052.78 linux-tools-ibm - 5.4.0.1052.78 linux-tools-ibm-lts-20.04 - 5.4.0.1052.78 No subscription required linux-bluefield - 5.4.0.1066.61 linux-headers-bluefield - 5.4.0.1066.61 linux-image-bluefield - 5.4.0.1066.61 linux-tools-bluefield - 5.4.0.1066.61 No subscription required linux-cloud-tools-gkeop - 5.4.0.1072.70 linux-cloud-tools-gkeop-5.4 - 5.4.0.1072.70 linux-gkeop - 5.4.0.1072.70 linux-gkeop-5.4 - 5.4.0.1072.70 linux-headers-gkeop - 5.4.0.1072.70 linux-headers-gkeop-5.4 - 5.4.0.1072.70 linux-image-gkeop - 5.4.0.1072.70 linux-image-gkeop-5.4 - 5.4.0.1072.70 linux-modules-extra-gkeop - 5.4.0.1072.70 linux-modules-extra-gkeop-5.4 - 5.4.0.1072.70 linux-tools-gkeop - 5.4.0.1072.70 linux-tools-gkeop-5.4 - 5.4.0.1072.70 No subscription required linux-headers-raspi - 5.4.0.1089.119 linux-headers-raspi-hwe-18.04 - 5.4.0.1089.119 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1089.119 linux-headers-raspi2 - 5.4.0.1089.119 linux-headers-raspi2-hwe-18.04 - 5.4.0.1089.119 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1089.119 linux-image-raspi - 5.4.0.1089.119 linux-image-raspi-hwe-18.04 - 5.4.0.1089.119 linux-image-raspi-hwe-18.04-edge - 5.4.0.1089.119 linux-image-raspi2 - 5.4.0.1089.119 linux-image-raspi2-hwe-18.04 - 5.4.0.1089.119 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1089.119 linux-raspi - 5.4.0.1089.119 linux-raspi-hwe-18.04 - 5.4.0.1089.119 linux-raspi-hwe-18.04-edge - 5.4.0.1089.119 linux-raspi2 - 5.4.0.1089.119 linux-raspi2-hwe-18.04 - 5.4.0.1089.119 linux-raspi2-hwe-18.04-edge - 5.4.0.1089.119 linux-tools-raspi - 5.4.0.1089.119 linux-tools-raspi-hwe-18.04 - 5.4.0.1089.119 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1089.119 linux-tools-raspi2 - 5.4.0.1089.119 linux-tools-raspi2-hwe-18.04 - 5.4.0.1089.119 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1089.119 No subscription required linux-headers-kvm - 5.4.0.1094.89 linux-image-kvm - 5.4.0.1094.89 linux-kvm - 5.4.0.1094.89 linux-tools-kvm - 5.4.0.1094.89 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1104.97 linux-image-oracle-lts-20.04 - 5.4.0.1104.97 linux-oracle-lts-20.04 - 5.4.0.1104.97 linux-tools-oracle-lts-20.04 - 5.4.0.1104.97 No subscription required linux-aws-lts-20.04 - 5.4.0.1105.102 linux-headers-aws-lts-20.04 - 5.4.0.1105.102 linux-image-aws-lts-20.04 - 5.4.0.1105.102 linux-modules-extra-aws-lts-20.04 - 5.4.0.1105.102 linux-tools-aws-lts-20.04 - 5.4.0.1105.102 No subscription required linux-gcp-lts-20.04 - 5.4.0.1108.110 linux-headers-gcp-lts-20.04 - 5.4.0.1108.110 linux-image-gcp-lts-20.04 - 5.4.0.1108.110 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1108.110 linux-tools-gcp-lts-20.04 - 5.4.0.1108.110 No subscription required linux-azure-lts-20.04 - 5.4.0.1111.104 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1111.104 linux-headers-azure-lts-20.04 - 5.4.0.1111.104 linux-image-azure-lts-20.04 - 5.4.0.1111.104 linux-modules-extra-azure-lts-20.04 - 5.4.0.1111.104 linux-tools-azure-lts-20.04 - 5.4.0.1111.104 No subscription required linux-cloud-tools-generic - 5.4.0.153.150 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.153.150 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.153.150 linux-cloud-tools-lowlatency - 5.4.0.153.150 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.153.150 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.153.150 linux-cloud-tools-virtual - 5.4.0.153.150 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.153.150 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.153.150 linux-crashdump - 5.4.0.153.150 linux-generic - 5.4.0.153.150 linux-generic-hwe-18.04 - 5.4.0.153.150 linux-generic-hwe-18.04-edge - 5.4.0.153.150 linux-generic-lpae - 5.4.0.153.150 linux-generic-lpae-hwe-18.04 - 5.4.0.153.150 linux-generic-lpae-hwe-18.04-edge - 5.4.0.153.150 linux-headers-generic - 5.4.0.153.150 linux-headers-generic-hwe-18.04 - 5.4.0.153.150 linux-headers-generic-hwe-18.04-edge - 5.4.0.153.150 linux-headers-generic-lpae - 5.4.0.153.150 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.153.150 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.153.150 linux-headers-lowlatency - 5.4.0.153.150 linux-headers-lowlatency-hwe-18.04 - 5.4.0.153.150 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.153.150 linux-headers-oem - 5.4.0.153.150 linux-headers-oem-osp1 - 5.4.0.153.150 linux-headers-virtual - 5.4.0.153.150 linux-headers-virtual-hwe-18.04 - 5.4.0.153.150 linux-headers-virtual-hwe-18.04-edge - 5.4.0.153.150 linux-image-extra-virtual - 5.4.0.153.150 linux-image-extra-virtual-hwe-18.04 - 5.4.0.153.150 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.153.150 linux-image-generic - 5.4.0.153.150 linux-image-generic-hwe-18.04 - 5.4.0.153.150 linux-image-generic-hwe-18.04-edge - 5.4.0.153.150 linux-image-generic-lpae - 5.4.0.153.150 linux-image-generic-lpae-hwe-18.04 - 5.4.0.153.150 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.153.150 linux-image-lowlatency - 5.4.0.153.150 linux-image-lowlatency-hwe-18.04 - 5.4.0.153.150 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.153.150 linux-image-oem - 5.4.0.153.150 linux-image-oem-osp1 - 5.4.0.153.150 linux-image-virtual - 5.4.0.153.150 linux-image-virtual-hwe-18.04 - 5.4.0.153.150 linux-image-virtual-hwe-18.04-edge - 5.4.0.153.150 linux-lowlatency - 5.4.0.153.150 linux-lowlatency-hwe-18.04 - 5.4.0.153.150 linux-lowlatency-hwe-18.04-edge - 5.4.0.153.150 linux-oem - 5.4.0.153.150 linux-oem-osp1 - 5.4.0.153.150 linux-oem-osp1-tools-host - 5.4.0.153.150 linux-oem-tools-host - 5.4.0.153.150 linux-source - 5.4.0.153.150 linux-tools-generic - 5.4.0.153.150 linux-tools-generic-hwe-18.04 - 5.4.0.153.150 linux-tools-generic-hwe-18.04-edge - 5.4.0.153.150 linux-tools-generic-lpae - 5.4.0.153.150 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.153.150 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.153.150 linux-tools-lowlatency - 5.4.0.153.150 linux-tools-lowlatency-hwe-18.04 - 5.4.0.153.150 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.153.150 linux-tools-oem - 5.4.0.153.150 linux-tools-oem-osp1 - 5.4.0.153.150 linux-tools-virtual - 5.4.0.153.150 linux-tools-virtual-hwe-18.04 - 5.4.0.153.150 linux-tools-virtual-hwe-18.04-edge - 5.4.0.153.150 linux-virtual - 5.4.0.153.150 linux-virtual-hwe-18.04 - 5.4.0.153.150 linux-virtual-hwe-18.04-edge - 5.4.0.153.150 No subscription required High CVE-2023-35788 https://launchpad.net/bugs/2023577 https://launchpad.net/bugs/2023220 Ubuntu 20.04 LTS It was discovered that ReportLab incorrectly handled certain PDF files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6196-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-reportlab-doc - 3.5.34-1ubuntu1.1 python3-renderpm - 3.5.34-1ubuntu1.1 python3-reportlab - 3.5.34-1ubuntu1.1 python3-reportlab-accel - 3.5.34-1ubuntu1.1 No subscription required High CVE-2023-33733 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain Digest authentication for SOAP. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6199-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-php7.4 - 7.4.3-4ubuntu2.19 libphp7.4-embed - 7.4.3-4ubuntu2.19 php7.4 - 7.4.3-4ubuntu2.19 php7.4-bcmath - 7.4.3-4ubuntu2.19 php7.4-bz2 - 7.4.3-4ubuntu2.19 php7.4-cgi - 7.4.3-4ubuntu2.19 php7.4-cli - 7.4.3-4ubuntu2.19 php7.4-common - 7.4.3-4ubuntu2.19 php7.4-curl - 7.4.3-4ubuntu2.19 php7.4-dba - 7.4.3-4ubuntu2.19 php7.4-dev - 7.4.3-4ubuntu2.19 php7.4-enchant - 7.4.3-4ubuntu2.19 php7.4-fpm - 7.4.3-4ubuntu2.19 php7.4-gd - 7.4.3-4ubuntu2.19 php7.4-gmp - 7.4.3-4ubuntu2.19 php7.4-imap - 7.4.3-4ubuntu2.19 php7.4-interbase - 7.4.3-4ubuntu2.19 php7.4-intl - 7.4.3-4ubuntu2.19 php7.4-json - 7.4.3-4ubuntu2.19 php7.4-ldap - 7.4.3-4ubuntu2.19 php7.4-mbstring - 7.4.3-4ubuntu2.19 php7.4-mysql - 7.4.3-4ubuntu2.19 php7.4-odbc - 7.4.3-4ubuntu2.19 php7.4-opcache - 7.4.3-4ubuntu2.19 php7.4-pgsql - 7.4.3-4ubuntu2.19 php7.4-phpdbg - 7.4.3-4ubuntu2.19 php7.4-pspell - 7.4.3-4ubuntu2.19 php7.4-readline - 7.4.3-4ubuntu2.19 php7.4-snmp - 7.4.3-4ubuntu2.19 php7.4-soap - 7.4.3-4ubuntu2.19 php7.4-sqlite3 - 7.4.3-4ubuntu2.19 php7.4-sybase - 7.4.3-4ubuntu2.19 php7.4-tidy - 7.4.3-4ubuntu2.19 php7.4-xml - 7.4.3-4ubuntu2.19 php7.4-xmlrpc - 7.4.3-4ubuntu2.19 php7.4-xsl - 7.4.3-4ubuntu2.19 php7.4-zip - 7.4.3-4ubuntu2.19 No subscription required Medium CVE-2023-3247 Ubuntu 20.04 LTS It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-29599) It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20224) Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20241, CVE-2021-20243) It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20244, CVE-2021-20309) It was discovered that ImageMagick incorrectly handled certain values when performing resampling operations. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20246) It was discovered that ImageMagick incorrectly handled certain values when processing thumbnail image data. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20312) It was discovered that ImageMagick incorrectly handled memory cleanup when performing certain cryptographic operations. Under certain conditions sensitive cryptographic information could be disclosed. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20313) It was discovered that ImageMagick did not use the correct rights when specifically excluded by a module policy. An attacker could use this issue to read and write certain restricted files. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-39212) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-28463, CVE-2022-32545, CVE-2022-32546, CVE-2022-32547) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2021-3610, CVE-2023-1906, CVE-2023-3428) It was discovered that ImageMagick incorrectly handled certain values when processing specially crafted SVG files. By tricking a user into opening a specially crafted SVG file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-1289) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted tiff file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-3195) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. (CVE-2023-34151) Update Instructions: Run `sudo pro fix USN-6200-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.9 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.9 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.9 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.9 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.9 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.9 No subscription required Medium CVE-2020-29599 CVE-2021-20224 CVE-2021-20241 CVE-2021-20243 CVE-2021-20244 CVE-2021-20246 CVE-2021-20309 CVE-2021-20312 CVE-2021-20313 CVE-2021-3610 CVE-2021-39212 CVE-2022-28463 CVE-2022-32545 CVE-2022-32546 CVE-2022-32547 CVE-2023-1289 CVE-2023-1906 CVE-2023-3195 CVE-2023-34151 CVE-2023-3428 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-37201, CVE-2023-37202, CVE-2023-37205, CVE-2023-37207, CVE-2023-37209, CVE-2023-37210, CVE-2023-37211, CVE-2023-37212) Martin Hostettler discovered that Firefox did not properly block storage of all cookies when configured. An attacker could potentially exploits this issue to store tracking data without permission in localstorage. (CVE-2023-3482) Paul Nickerson discovered that Firefox did have insufficient validation in the Drag and Drop API. If a user were tricked into creating a shortcut to local system files, an attacker could execute arbitrary code. (CVE-2023-37203) Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using an option element having an expensive computational function. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-37204) Ameen Basha M K discovered that Firefox did not properly validate symlinks in the FileSystem API. If a user were tricked into uploading a symlinked file to a malicious website, an attacker could obtain sensitive information. (CVE-2023-37206) Puf discovered that Firefox did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicicous Diagcab file, an attacker could execute arbitrary code. (CVE-2023-37208) Update Instructions: Run `sudo pro fix USN-6201-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 115.0+build2-0ubuntu0.20.04.3 firefox-dev - 115.0+build2-0ubuntu0.20.04.3 firefox-geckodriver - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-af - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-an - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ar - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-as - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ast - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-az - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-be - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-bg - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-bn - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-br - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-bs - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ca - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-cak - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-cs - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-csb - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-cy - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-da - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-de - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-el - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-en - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-eo - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-es - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-et - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-eu - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-fa - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-fi - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-fr - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-fy - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ga - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-gd - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-gl - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-gn - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-gu - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-he - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-hi - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-hr - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-hsb - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-hu - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-hy - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ia - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-id - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-is - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-it - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ja - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ka - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-kab - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-kk - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-km - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-kn - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ko - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ku - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-lg - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-lt - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-lv - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-mai - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-mk - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ml - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-mn - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-mr - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ms - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-my - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-nb - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ne - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-nl - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-nn - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-nso - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-oc - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-or - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-pa - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-pl - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-pt - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ro - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ru - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-si - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-sk - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-sl - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-sq - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-sr - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-sv - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-sw - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-szl - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ta - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-te - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-tg - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-th - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-tr - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-uk - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ur - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-uz - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-vi - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-xh - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-zh-hans - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-zh-hant - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-zu - 115.0+build2-0ubuntu0.20.04.3 firefox-mozsymbols - 115.0+build2-0ubuntu0.20.04.3 No subscription required Medium CVE-2023-3482 CVE-2023-37201 CVE-2023-37202 CVE-2023-37203 CVE-2023-37204 CVE-2023-37205 CVE-2023-37206 CVE-2023-37207 CVE-2023-37208 CVE-2023-37209 CVE-2023-37210 CVE-2023-37211 CVE-2023-37212 Ubuntu 20.04 LTS David Korczynski and Adam Korczynski discovered that containerd incorrectly processed certain images with large files. An attacker could possibly use this issue to cause containerd to crash, resulting in a denial of service. (CVE-2023-25153) It was discovered that containerd incorrectly set up supplementary groups inside a container. An attacker with direct access to the container could possibly use this issue to obtain sensitive information or execute code with higher privileges. (CVE-2023-25173) Update Instructions: Run `sudo pro fix USN-6202-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.6.12-0ubuntu1~20.04.3 golang-github-containerd-containerd-dev - 1.6.12-0ubuntu1~20.04.3 No subscription required Medium CVE-2023-25153 CVE-2023-25173 Ubuntu 20.04 LTS Seokchan Yoon discovered that Django incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6203-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 2:2.2.12-1ubuntu0.18 python3-django - 2:2.2.12-1ubuntu0.18 No subscription required Medium CVE-2023-36053 Ubuntu 20.04 LTS Seth Arnold discovered that CPDB incorrectly handled certain characters. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6204-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcpdb-libs-backend-dev - 1.2.0-0ubuntu7.1 libcpdb-libs-common-dev - 1.2.0-0ubuntu7.1 libcpdb-libs-common1 - 1.2.0-0ubuntu7.1 libcpdb-libs-frontend-dev - 1.2.0-0ubuntu7.1 libcpdb-libs-frontend1 - 1.2.0-0ubuntu7.1 No subscription required Medium CVE-2023-34095 Ubuntu 20.04 LTS Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220) Update Instructions: Run `sudo pro fix USN-6205-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1103-gke - 5.4.0-1103.110 linux-gke-headers-5.4.0-1103 - 5.4.0-1103.110 linux-gke-tools-5.4.0-1103 - 5.4.0-1103.110 linux-headers-5.4.0-1103-gke - 5.4.0-1103.110 linux-image-5.4.0-1103-gke - 5.4.0-1103.110 linux-image-unsigned-5.4.0-1103-gke - 5.4.0-1103.110 linux-modules-5.4.0-1103-gke - 5.4.0-1103.110 linux-modules-extra-5.4.0-1103-gke - 5.4.0-1103.110 linux-tools-5.4.0-1103-gke - 5.4.0-1103.110 No subscription required linux-gke - 5.4.0.1103.108 linux-gke-5.4 - 5.4.0.1103.108 linux-headers-gke - 5.4.0.1103.108 linux-headers-gke-5.4 - 5.4.0.1103.108 linux-image-gke - 5.4.0.1103.108 linux-image-gke-5.4 - 5.4.0.1103.108 linux-modules-extra-gke - 5.4.0.1103.108 linux-modules-extra-gke-5.4 - 5.4.0.1103.108 linux-tools-gke - 5.4.0.1103.108 linux-tools-gke-5.4 - 5.4.0.1103.108 No subscription required High CVE-2023-35788 https://launchpad.net/bugs/2023577 https://launchpad.net/bugs/2023220 Ubuntu 20.04 LTS It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1076) It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1077) It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1670) It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2023-1859) Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2 mitigations with prctl syscall were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-1998) It was discovered that the BigBen Interactive Kids' gamepad driver in the Linux kernel did not properly handle device removal, leading to a use- after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-25012) It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2985) Update Instructions: Run `sudo pro fix USN-6207-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-cloud-tools-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-headers-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-image-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-image-unsigned-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1033 - 5.15.0-1033.38~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1033.38~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1033 - 5.15.0-1033.38~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1033 - 5.15.0-1033.38~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1033.38~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1033.38~20.04.1 linux-modules-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-modules-extra-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-modules-iwlwifi-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-tools-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1033.38~20.04.24 linux-headers-intel - 5.15.0.1033.38~20.04.24 linux-headers-intel-iotg - 5.15.0.1033.38~20.04.24 linux-headers-intel-iotg-edge - 5.15.0.1033.38~20.04.24 linux-image-intel - 5.15.0.1033.38~20.04.24 linux-image-intel-iotg - 5.15.0.1033.38~20.04.24 linux-image-intel-iotg-edge - 5.15.0.1033.38~20.04.24 linux-intel - 5.15.0.1033.38~20.04.24 linux-intel-iotg - 5.15.0.1033.38~20.04.24 linux-intel-iotg-edge - 5.15.0.1033.38~20.04.24 linux-tools-intel - 5.15.0.1033.38~20.04.24 linux-tools-intel-iotg - 5.15.0.1033.38~20.04.24 linux-tools-intel-iotg-edge - 5.15.0.1033.38~20.04.24 No subscription required Medium CVE-2023-1076 CVE-2023-1077 CVE-2023-1079 CVE-2023-1670 CVE-2023-1859 CVE-2023-1998 CVE-2023-25012 CVE-2023-2985 Ubuntu 20.04 LTS Claudio Bozzato discovered that Gerbv incorrectly handled certain Gerber files. An attacker could possibly use this issue to crash Gerbv (resulting in a denial of service), or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40391, CVE-2021-40394) Claudio Bozzato discovered that Gerbv incorrectly handled certain Gerber files. An attacker could possibly use this issue to disclose information, crash Gerbv (resulting in a denial of service), or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40393) Claudio Bozzato discovered that Gerbv incorrectly handled certain Gerber files. An attacker could possibly use this issue to disclose information. (CVE-2021-40400, CVE-2021-40403) Claudio Bozzato discovered that Gerbv incorrectly handled certain Gerber files. An attacker could possibly use this issue to disclose information, crash Gerbv (resulting in a denial of service), or execute arbitrary code. (CVE-2021-40401) Update Instructions: Run `sudo pro fix USN-6209-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gerbv - 2.7.0-1ubuntu0.1 No subscription required Medium CVE-2021-40391 CVE-2021-40393 CVE-2021-40394 CVE-2021-40400 CVE-2021-40401 CVE-2021-40403 Ubuntu 20.04 LTS It was discovered that Doorkeeper incorrectly performed authorization checks for public clients that have been previous approved. An attacker could potentially exploit these in order to impersonate another user and obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6210-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-doorkeeper - 5.0.2-2ubuntu0.1 No subscription required High CVE-2023-34246 Ubuntu 20.04 LTS Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220) Update Instructions: Run `sudo pro fix USN-6212-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-cloud-tools-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-headers-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-image-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-image-unsigned-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1034 - 5.15.0-1034.39~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1034.39~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1034 - 5.15.0-1034.39~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1034 - 5.15.0-1034.39~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1034.39~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1034.39~20.04.1 linux-modules-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-modules-extra-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-modules-iwlwifi-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-tools-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1034.39~20.04.25 linux-headers-intel - 5.15.0.1034.39~20.04.25 linux-headers-intel-iotg - 5.15.0.1034.39~20.04.25 linux-headers-intel-iotg-edge - 5.15.0.1034.39~20.04.25 linux-image-intel - 5.15.0.1034.39~20.04.25 linux-image-intel-iotg - 5.15.0.1034.39~20.04.25 linux-image-intel-iotg-edge - 5.15.0.1034.39~20.04.25 linux-intel - 5.15.0.1034.39~20.04.25 linux-intel-iotg - 5.15.0.1034.39~20.04.25 linux-intel-iotg-edge - 5.15.0.1034.39~20.04.25 linux-tools-intel - 5.15.0.1034.39~20.04.25 linux-tools-intel-iotg - 5.15.0.1034.39~20.04.25 linux-tools-intel-iotg-edge - 5.15.0.1034.39~20.04.25 No subscription required High CVE-2023-35788 https://launchpad.net/bugs/2023577 https://launchpad.net/bugs/2023220 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled pipe devices. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6213-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.8 ghostscript-doc - 9.50~dfsg-5ubuntu4.8 ghostscript-x - 9.50~dfsg-5ubuntu4.8 libgs-dev - 9.50~dfsg-5ubuntu4.8 libgs9 - 9.50~dfsg-5ubuntu4.8 libgs9-common - 9.50~dfsg-5ubuntu4.8 No subscription required Medium CVE-2023-36664 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-34414, CVE-2023-34416, CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37211) P Umar Farooq discovered that Thunderbird did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicicous Diagcab file, an attacker could execute arbitrary code. (CVE-2023-37208) Update Instructions: Run `sudo pro fix USN-6214-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.13.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.13.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.13.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.13.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-34414 CVE-2023-34416 CVE-2023-37201 CVE-2023-37202 CVE-2023-37207 CVE-2023-37208 CVE-2023-37211 Ubuntu 20.04 LTS It was discovered that dwarves incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause dwarves to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-3534, CVE-2022-3606) Update Instructions: Run `sudo pro fix USN-6215-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dwarves - 1.21-0ubuntu1~20.04.1 No subscription required Medium CVE-2022-3534 CVE-2022-3606 Ubuntu 20.04 LTS It was discovered that lib3mf did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted 3MF file, a local attacker could possibly use this issue to cause applications using lib3mf to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6216-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lib3mf-dev - 1.8.1+ds-3ubuntu0.2 lib3mf-doc - 1.8.1+ds-3ubuntu0.2 lib3mf1 - 1.8.1+ds-3ubuntu0.2 No subscription required Medium CVE-2021-21772 Ubuntu 20.04 LTS A use-after-free was discovered in Firefox when handling workers. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6218-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 115.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 115.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nl - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tg - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 115.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 115.0.2+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-3600 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.10 and Ubuntu 20.04 LTS. (CVE-2023-28755) It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue exists because of an incomplete fix for CVE-2023-28755. (CVE-2023-36617) Update Instructions: Run `sudo pro fix USN-6219-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libruby2.7 - 2.7.0-5ubuntu1.12 ruby2.7 - 2.7.0-5ubuntu1.12 ruby2.7-dev - 2.7.0-5ubuntu1.12 ruby2.7-doc - 2.7.0-5ubuntu1.12 No subscription required Medium CVE-2023-28755 CVE-2023-36617 Ubuntu 20.04 LTS Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3108) Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3903) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit() function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0458) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1076) It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1077) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1670) It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2023-1859) Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2 mitigations with prctl syscall were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-1998) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the BigBen Interactive Kids' gamepad driver in the Linux kernel did not properly handle device removal, leading to a use- after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-25012) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2985) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Sanan Hasanov discovered that the framebuffer console driver in the Linux kernel did not properly perform checks for font dimension limits. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-3161) Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Update Instructions: Run `sudo pro fix USN-6222-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1024-xilinx-zynqmp - 5.4.0-1024.28 linux-headers-5.4.0-1024-xilinx-zynqmp - 5.4.0-1024.28 linux-image-5.4.0-1024-xilinx-zynqmp - 5.4.0-1024.28 linux-modules-5.4.0-1024-xilinx-zynqmp - 5.4.0-1024.28 linux-tools-5.4.0-1024-xilinx-zynqmp - 5.4.0-1024.28 linux-xilinx-zynqmp-headers-5.4.0-1024 - 5.4.0-1024.28 linux-xilinx-zynqmp-tools-5.4.0-1024 - 5.4.0-1024.28 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1024.27 linux-image-xilinx-zynqmp - 5.4.0.1024.27 linux-tools-xilinx-zynqmp - 5.4.0.1024.27 linux-xilinx-zynqmp - 5.4.0.1024.27 No subscription required High CVE-2022-3108 CVE-2022-3707 CVE-2022-3903 CVE-2022-4129 CVE-2023-0458 CVE-2023-0459 CVE-2023-1073 CVE-2023-1074 CVE-2023-1075 CVE-2023-1076 CVE-2023-1077 CVE-2023-1078 CVE-2023-1079 CVE-2023-1118 CVE-2023-1281 CVE-2023-1380 CVE-2023-1513 CVE-2023-1670 CVE-2023-1829 CVE-2023-1859 CVE-2023-1998 CVE-2023-2162 CVE-2023-25012 CVE-2023-2612 CVE-2023-26545 CVE-2023-2985 CVE-2023-30456 CVE-2023-31436 CVE-2023-3161 CVE-2023-32233 CVE-2023-32269 Ubuntu 20.04 LTS It was discovered that Knot Resolver did not correctly handle certain client options. A remote attacker could send requests to malicous domains and cause a denial of service. Update Instructions: Run `sudo pro fix USN-6225-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: knot-resolver - 3.2.1-3ubuntu2.1 knot-resolver-doc - 3.2.1-3ubuntu2.1 knot-resolver-module-http - 3.2.1-3ubuntu2.1 No subscription required Medium CVE-2022-40188 Ubuntu 20.04 LTS It was discovered that SciPy did not properly manage memory operations during reference counting. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-25399) A use-after-free was discovered in SciPy when handling reference counts. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2023-29824) Update Instructions: Run `sudo pro fix USN-6226-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-scipy-doc - 1.3.3-3ubuntu0.1~esm1 python3-scipy - 1.3.3-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-25399 CVE-2023-29824 Ubuntu 20.04 LTS It was discovered that wkhtmltopdf was not properly enforcing the same-origin policy when processing certain HTML files. If a user or automated system using wkhtmltopdf were tricked into processing a specially crafted HTML file, an attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6232-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: wkhtmltopdf - 0.12.5-1ubuntu0.1 No subscription required Medium CVE-2020-21365 Ubuntu 20.04 LTS USN-6233-1 fixed vulnerabilities in YAJL. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. Original advisory details: It was discovered that YAJL was not properly performing bounds checks when decoding a string with escape sequences. If a user or automated system using YAJL were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service (application abort). (CVE-2017-16516) It was discovered that YAJL was not properly handling memory allocation when dealing with large inputs, which could lead to heap memory corruption. If a user or automated system using YAJL were tricked into running a specially crafted large input, an attacker could possibly use this issue to cause a denial of service. (CVE-2022-24795) It was discovered that memory leaks existed in one of the YAJL parsing functions. An attacker could possibly use this issue to cause a denial of service (memory exhaustion). (CVE-2023-33460) Update Instructions: Run `sudo pro fix USN-6233-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libyajl-dev - 2.1.0-3ubuntu0.20.04.1 libyajl-doc - 2.1.0-3ubuntu0.20.04.1 libyajl2 - 2.1.0-3ubuntu0.20.04.1 yajl-tools - 2.1.0-3ubuntu0.20.04.1 No subscription required Medium CVE-2017-16516 CVE-2022-24795 CVE-2023-33460 Ubuntu 20.04 LTS Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220) Update Instructions: Run `sudo pro fix USN-6234-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1025-xilinx-zynqmp - 5.4.0-1025.29 linux-headers-5.4.0-1025-xilinx-zynqmp - 5.4.0-1025.29 linux-image-5.4.0-1025-xilinx-zynqmp - 5.4.0-1025.29 linux-modules-5.4.0-1025-xilinx-zynqmp - 5.4.0-1025.29 linux-tools-5.4.0-1025-xilinx-zynqmp - 5.4.0-1025.29 linux-xilinx-zynqmp-headers-5.4.0-1025 - 5.4.0-1025.29 linux-xilinx-zynqmp-tools-5.4.0-1025 - 5.4.0-1025.29 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1025.27 linux-image-xilinx-zynqmp - 5.4.0.1025.27 linux-tools-xilinx-zynqmp - 5.4.0.1025.27 linux-xilinx-zynqmp - 5.4.0.1025.27 No subscription required High CVE-2023-35788 https://launchpad.net/bugs/2023577 https://launchpad.net/bugs/2023220 Ubuntu 20.04 LTS It was discovered that ConnMan could be made to write out of bounds. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-26675, CVE-2021-33833) It was discovered that ConnMan could be made to leak sensitive information via the gdhcp component. A remote attacker could possibly use this issue to obtain information for further exploitation. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676) It was discovered that ConnMan could be made to read out of bounds. A remote attacker could possibly use this issue to case ConnMan to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23096, CVE-2022-23097) It was discovered that ConnMan could be made to run into an infinite loop. A remote attacker could possibly use this issue to cause ConnMan to consume resources and to stop operating, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23098) It was discovered that ConnMan could be made to write out of bounds via the gweb component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292) It was discovered that ConnMan did not properly manage memory under certain circumstances. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293) It was discovered that ConnMan could be made to write out of bounds via the gdhcp component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-28488) Update Instructions: Run `sudo pro fix USN-6236-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: connman - 1.36-2ubuntu0.1 connman-dev - 1.36-2ubuntu0.1 connman-doc - 1.36-2ubuntu0.1 connman-vpn - 1.36-2ubuntu0.1 No subscription required Medium CVE-2021-26675 CVE-2021-26676 CVE-2021-33833 CVE-2022-23096 CVE-2022-23097 CVE-2022-23098 CVE-2022-32292 CVE-2022-32293 CVE-2023-28488 Ubuntu 20.04 LTS Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. (CVE-2023-28321) Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain options are set by applications. This could cause applications using curl to misbehave, resulting in information disclosure, or a denial of service. (CVE-2023-28322) It was discovered that curl incorrectly handled saving cookies to files. A local attacker could possibly use this issue to create or overwrite files. This issue only affected Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-32001) Update Instructions: Run `sudo pro fix USN-6237-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: curl - 7.68.0-1ubuntu2.19 libcurl3-gnutls - 7.68.0-1ubuntu2.19 libcurl3-nss - 7.68.0-1ubuntu2.19 libcurl4 - 7.68.0-1ubuntu2.19 libcurl4-doc - 7.68.0-1ubuntu2.19 libcurl4-gnutls-dev - 7.68.0-1ubuntu2.19 libcurl4-nss-dev - 7.68.0-1ubuntu2.19 libcurl4-openssl-dev - 7.68.0-1ubuntu2.19 No subscription required Low CVE-2023-28321 CVE-2023-28322 Ubuntu 20.04 LTS It was discovered that Samba incorrectly handled Winbind NTLM authentication responses. An attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2022-2127) Andreas Schneider discovered that Samba incorrectly enforced SMB2 packet signing. A remote attacker could possibly use this issue to obtain or modify sensitive information. This issue only affected Ubuntu 23.04. (CVE-2023-3347) Florent Saudel and Arnaud Gatignolof discovered that Samba incorrectly handled certain Spotlight requests. A remote attacker could possibly use this issue to cause Samba to consume resources, leading to a denial of service. (CVE-2023-34966, CVE-2023-34967) Ralph Boehme and Stefan Metzmacher discovered that Samba incorrectly handled paths returned by Spotlight requests. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-34968) Update Instructions: Run `sudo pro fix USN-6238-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ctdb - 2:4.15.13+dfsg-0ubuntu0.20.04.3 libnss-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.3 libpam-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.3 libsmbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.3 libsmbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.3 libwbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.3 libwbclient0 - 2:4.15.13+dfsg-0ubuntu0.20.04.3 python3-samba - 2:4.15.13+dfsg-0ubuntu0.20.04.3 registry-tools - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-common - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-common-bin - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-dsdb-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-libs - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-testsuite - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-vfs-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.3 smbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.3 winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.3 No subscription required Medium CVE-2022-2127 CVE-2023-3347 CVE-2023-34966 CVE-2023-34967 CVE-2023-34968 Ubuntu 20.04 LTS It was discovered that ECDSA Util did not properly verify certain signature values. An attacker could possibly use this issue to bypass signature verification. Update Instructions: Run `sudo pro fix USN-6239-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ecdsautils - 0.3.2+git20151018-2+deb10u1build0.20.04.1 No subscription required Medium CVE-2022-24884 Ubuntu 20.04 LTS It was discovered that OpenSSH incorrectly handled loading certain PKCS#11 providers. If a user forwarded their ssh-agent to an untrusted system, a remote attacker could possibly use this issue to load arbitrary libraries from the user's system and execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6242-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-client - 1:8.2p1-4ubuntu0.8 openssh-server - 1:8.2p1-4ubuntu0.8 openssh-sftp-server - 1:8.2p1-4ubuntu0.8 openssh-tests - 1:8.2p1-4ubuntu0.8 ssh - 1:8.2p1-4ubuntu0.8 ssh-askpass-gnome - 1:8.2p1-4ubuntu0.8 No subscription required Medium CVE-2023-38408 Ubuntu 20.04 LTS It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform server-side request forgery and obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2017-18638) It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. (CVE-2022-4728, CVE-2022-4729, CVE-2022-4730) Update Instructions: Run `sudo pro fix USN-6243-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: graphite-web - 1.1.4-5ubuntu0.1 No subscription required Medium CVE-2017-18638 CVE-2022-4728 CVE-2022-4729 CVE-2022-4730 Ubuntu 20.04 LTS Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6244-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amd64-microcode - 3.20191218.1ubuntu1.1 No subscription required High CVE-2023-20593 Ubuntu 20.04 LTS It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3090) Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31248) Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3389) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3390) Lin Ma discovered that a race condition existed in the MCTP implementation in the Linux kernel, leading to a use-after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3439) Tanguy Dubroca discovered that the netfilter subsystem in the Linux kernel did not properly handle certain pointer data type, leading to an out-of- bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35001) Update Instructions: Run `sudo pro fix USN-6246-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-cloud-tools-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1024 - 5.15.0-1024.29~20.04.1 linux-gkeop-5.15-headers-5.15.0-1024 - 5.15.0-1024.29~20.04.1 linux-gkeop-5.15-tools-5.15.0-1024 - 5.15.0-1024.29~20.04.1 linux-headers-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-image-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-image-unsigned-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-modules-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-modules-extra-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-tools-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 No subscription required linux-buildinfo-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-gke-5.15-headers-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-gke-5.15-tools-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-headers-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-image-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-image-unsigned-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-modules-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-modules-extra-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-modules-iwlwifi-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-tools-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 No subscription required linux-buildinfo-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-gcp-5.15-headers-5.15.0-1038 - 5.15.0-1038.46~20.04.1 linux-gcp-5.15-tools-5.15.0-1038 - 5.15.0-1038.46~20.04.1 linux-headers-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-image-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-image-unsigned-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-modules-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-modules-extra-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-modules-iwlwifi-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-tools-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 No subscription required linux-buildinfo-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 linux-headers-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 linux-image-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 linux-image-unsigned-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 linux-modules-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 linux-modules-extra-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 linux-oracle-5.15-headers-5.15.0-1039 - 5.15.0-1039.45~20.04.1 linux-oracle-5.15-tools-5.15.0-1039 - 5.15.0-1039.45~20.04.1 linux-tools-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1040 - 5.15.0-1040.45~20.04.1 linux-aws-5.15-headers-5.15.0-1040 - 5.15.0-1040.45~20.04.1 linux-aws-5.15-tools-5.15.0-1040 - 5.15.0-1040.45~20.04.1 linux-buildinfo-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-cloud-tools-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-headers-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-image-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-image-unsigned-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-modules-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-modules-extra-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-tools-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1042 - 5.15.0-1042.49~20.04.1 linux-azure-5.15-headers-5.15.0-1042 - 5.15.0-1042.49~20.04.1 linux-azure-5.15-tools-5.15.0-1042 - 5.15.0-1042.49~20.04.1 linux-buildinfo-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-cloud-tools-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-headers-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-image-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-image-unsigned-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-modules-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-modules-extra-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-tools-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 No subscription required linux-image-5.15.0-1042-azure-fde - 5.15.0-1042.49~20.04.1.1 linux-image-unsigned-5.15.0-1042-azure-fde - 5.15.0-1042.49~20.04.1.1 No subscription required linux-buildinfo-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-buildinfo-5.15.0-78-generic-64k - 5.15.0-78.85~20.04.1 linux-buildinfo-5.15.0-78-generic-lpae - 5.15.0-78.85~20.04.1 linux-buildinfo-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-buildinfo-5.15.0-78-lowlatency-64k - 5.15.0-78.85~20.04.1 linux-cloud-tools-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-cloud-tools-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-headers-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-headers-5.15.0-78-generic-64k - 5.15.0-78.85~20.04.1 linux-headers-5.15.0-78-generic-lpae - 5.15.0-78.85~20.04.1 linux-headers-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-headers-5.15.0-78-lowlatency-64k - 5.15.0-78.85~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-78 - 5.15.0-78.85~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-78.85~20.04.1 linux-hwe-5.15-headers-5.15.0-78 - 5.15.0-78.85~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-78.85~20.04.1 linux-hwe-5.15-tools-5.15.0-78 - 5.15.0-78.85~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-78.85~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-78.85~20.04.1 linux-image-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-image-5.15.0-78-generic-64k - 5.15.0-78.85~20.04.1 linux-image-5.15.0-78-generic-lpae - 5.15.0-78.85~20.04.1 linux-image-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-image-5.15.0-78-lowlatency-64k - 5.15.0-78.85~20.04.1 linux-image-unsigned-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-image-unsigned-5.15.0-78-generic-64k - 5.15.0-78.85~20.04.1 linux-image-unsigned-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-image-unsigned-5.15.0-78-lowlatency-64k - 5.15.0-78.85~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-78 - 5.15.0-78.85~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-78.85~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-78 - 5.15.0-78.85~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-78 - 5.15.0-78.85~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-78.85~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-78.85~20.04.1 linux-modules-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-modules-5.15.0-78-generic-64k - 5.15.0-78.85~20.04.1 linux-modules-5.15.0-78-generic-lpae - 5.15.0-78.85~20.04.1 linux-modules-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-modules-5.15.0-78-lowlatency-64k - 5.15.0-78.85~20.04.1 linux-modules-extra-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-modules-iwlwifi-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-modules-iwlwifi-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-tools-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-tools-5.15.0-78-generic-64k - 5.15.0-78.85~20.04.1 linux-tools-5.15.0-78-generic-lpae - 5.15.0-78.85~20.04.1 linux-tools-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-tools-5.15.0-78-lowlatency-64k - 5.15.0-78.85~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1024.29~20.04.20 linux-cloud-tools-gkeop-edge - 5.15.0.1024.29~20.04.20 linux-gkeop-5.15 - 5.15.0.1024.29~20.04.20 linux-gkeop-edge - 5.15.0.1024.29~20.04.20 linux-headers-gkeop-5.15 - 5.15.0.1024.29~20.04.20 linux-headers-gkeop-edge - 5.15.0.1024.29~20.04.20 linux-image-gkeop-5.15 - 5.15.0.1024.29~20.04.20 linux-image-gkeop-edge - 5.15.0.1024.29~20.04.20 linux-modules-extra-gkeop-5.15 - 5.15.0.1024.29~20.04.20 linux-modules-extra-gkeop-edge - 5.15.0.1024.29~20.04.20 linux-tools-gkeop-5.15 - 5.15.0.1024.29~20.04.20 linux-tools-gkeop-edge - 5.15.0.1024.29~20.04.20 No subscription required linux-gke-5.15 - 5.15.0.1038.43~20.04.1 linux-gke-edge - 5.15.0.1038.43~20.04.1 linux-headers-gke-5.15 - 5.15.0.1038.43~20.04.1 linux-headers-gke-edge - 5.15.0.1038.43~20.04.1 linux-image-gke-5.15 - 5.15.0.1038.43~20.04.1 linux-image-gke-edge - 5.15.0.1038.43~20.04.1 linux-tools-gke-5.15 - 5.15.0.1038.43~20.04.1 linux-tools-gke-edge - 5.15.0.1038.43~20.04.1 No subscription required linux-gcp - 5.15.0.1038.46~20.04.1 linux-gcp-edge - 5.15.0.1038.46~20.04.1 linux-headers-gcp - 5.15.0.1038.46~20.04.1 linux-headers-gcp-edge - 5.15.0.1038.46~20.04.1 linux-image-gcp - 5.15.0.1038.46~20.04.1 linux-image-gcp-edge - 5.15.0.1038.46~20.04.1 linux-modules-extra-gcp - 5.15.0.1038.46~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1038.46~20.04.1 linux-tools-gcp - 5.15.0.1038.46~20.04.1 linux-tools-gcp-edge - 5.15.0.1038.46~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1039.45~20.04.1 linux-headers-oracle-edge - 5.15.0.1039.45~20.04.1 linux-image-oracle - 5.15.0.1039.45~20.04.1 linux-image-oracle-edge - 5.15.0.1039.45~20.04.1 linux-oracle - 5.15.0.1039.45~20.04.1 linux-oracle-edge - 5.15.0.1039.45~20.04.1 linux-tools-oracle - 5.15.0.1039.45~20.04.1 linux-tools-oracle-edge - 5.15.0.1039.45~20.04.1 No subscription required linux-aws - 5.15.0.1040.45~20.04.29 linux-aws-edge - 5.15.0.1040.45~20.04.29 linux-headers-aws - 5.15.0.1040.45~20.04.29 linux-headers-aws-edge - 5.15.0.1040.45~20.04.29 linux-image-aws - 5.15.0.1040.45~20.04.29 linux-image-aws-edge - 5.15.0.1040.45~20.04.29 linux-modules-extra-aws - 5.15.0.1040.45~20.04.29 linux-modules-extra-aws-edge - 5.15.0.1040.45~20.04.29 linux-tools-aws - 5.15.0.1040.45~20.04.29 linux-tools-aws-edge - 5.15.0.1040.45~20.04.29 No subscription required linux-azure-fde - 5.15.0.1042.49~20.04.1.21 linux-azure-fde-edge - 5.15.0.1042.49~20.04.1.21 linux-cloud-tools-azure-fde - 5.15.0.1042.49~20.04.1.21 linux-cloud-tools-azure-fde-edge - 5.15.0.1042.49~20.04.1.21 linux-headers-azure-fde - 5.15.0.1042.49~20.04.1.21 linux-headers-azure-fde-edge - 5.15.0.1042.49~20.04.1.21 linux-image-azure-fde - 5.15.0.1042.49~20.04.1.21 linux-image-azure-fde-edge - 5.15.0.1042.49~20.04.1.21 linux-modules-extra-azure-fde - 5.15.0.1042.49~20.04.1.21 linux-modules-extra-azure-fde-edge - 5.15.0.1042.49~20.04.1.21 linux-tools-azure-fde - 5.15.0.1042.49~20.04.1.21 linux-tools-azure-fde-edge - 5.15.0.1042.49~20.04.1.21 No subscription required linux-azure - 5.15.0.1042.49~20.04.32 linux-azure-cvm - 5.15.0.1042.49~20.04.32 linux-azure-edge - 5.15.0.1042.49~20.04.32 linux-cloud-tools-azure - 5.15.0.1042.49~20.04.32 linux-cloud-tools-azure-cvm - 5.15.0.1042.49~20.04.32 linux-cloud-tools-azure-edge - 5.15.0.1042.49~20.04.32 linux-headers-azure - 5.15.0.1042.49~20.04.32 linux-headers-azure-cvm - 5.15.0.1042.49~20.04.32 linux-headers-azure-edge - 5.15.0.1042.49~20.04.32 linux-image-azure - 5.15.0.1042.49~20.04.32 linux-image-azure-cvm - 5.15.0.1042.49~20.04.32 linux-image-azure-edge - 5.15.0.1042.49~20.04.32 linux-modules-extra-azure - 5.15.0.1042.49~20.04.32 linux-modules-extra-azure-cvm - 5.15.0.1042.49~20.04.32 linux-modules-extra-azure-edge - 5.15.0.1042.49~20.04.32 linux-tools-azure - 5.15.0.1042.49~20.04.32 linux-tools-azure-cvm - 5.15.0.1042.49~20.04.32 linux-tools-azure-edge - 5.15.0.1042.49~20.04.32 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-headers-lowlatency-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-image-lowlatency-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-lowlatency-64k-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-lowlatency-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-lowlatency-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-tools-lowlatency-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.78.85~20.04.35 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-generic-64k-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-generic-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-generic-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-generic-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-generic-lpae-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-generic-lpae-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-headers-generic-64k-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-headers-generic-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-headers-generic-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-headers-oem-20.04 - 5.15.0.78.85~20.04.38 linux-headers-oem-20.04b - 5.15.0.78.85~20.04.38 linux-headers-oem-20.04c - 5.15.0.78.85~20.04.38 linux-headers-oem-20.04d - 5.15.0.78.85~20.04.38 linux-headers-virtual-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-headers-virtual-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-image-extra-virtual-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-image-generic-64k-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-image-generic-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-image-generic-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-image-generic-lpae-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-image-oem-20.04 - 5.15.0.78.85~20.04.38 linux-image-oem-20.04b - 5.15.0.78.85~20.04.38 linux-image-oem-20.04c - 5.15.0.78.85~20.04.38 linux-image-oem-20.04d - 5.15.0.78.85~20.04.38 linux-image-virtual-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-image-virtual-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-modules-iwlwifi-oem-20.04 - 5.15.0.78.85~20.04.38 linux-modules-iwlwifi-oem-20.04d - 5.15.0.78.85~20.04.38 linux-oem-20.04 - 5.15.0.78.85~20.04.38 linux-oem-20.04b - 5.15.0.78.85~20.04.38 linux-oem-20.04c - 5.15.0.78.85~20.04.38 linux-oem-20.04d - 5.15.0.78.85~20.04.38 linux-tools-generic-64k-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-tools-generic-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-tools-generic-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-tools-oem-20.04 - 5.15.0.78.85~20.04.38 linux-tools-oem-20.04b - 5.15.0.78.85~20.04.38 linux-tools-oem-20.04c - 5.15.0.78.85~20.04.38 linux-tools-oem-20.04d - 5.15.0.78.85~20.04.38 linux-tools-virtual-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-tools-virtual-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-virtual-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-virtual-hwe-20.04-edge - 5.15.0.78.85~20.04.38 No subscription required High CVE-2023-3090 CVE-2023-31248 CVE-2023-3389 CVE-2023-3390 CVE-2023-3439 CVE-2023-35001 Ubuntu 20.04 LTS It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3090) Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-32629) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3390) Tanguy Dubroca discovered that the netfilter subsystem in the Linux kernel did not properly handle certain pointer data type, leading to an out-of- bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35001) Update Instructions: Run `sudo pro fix USN-6251-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1026-xilinx-zynqmp - 5.4.0-1026.30 linux-headers-5.4.0-1026-xilinx-zynqmp - 5.4.0-1026.30 linux-image-5.4.0-1026-xilinx-zynqmp - 5.4.0-1026.30 linux-modules-5.4.0-1026-xilinx-zynqmp - 5.4.0-1026.30 linux-tools-5.4.0-1026-xilinx-zynqmp - 5.4.0-1026.30 linux-xilinx-zynqmp-headers-5.4.0-1026 - 5.4.0-1026.30 linux-xilinx-zynqmp-tools-5.4.0-1026 - 5.4.0-1026.30 No subscription required linux-buildinfo-5.4.0-1053-ibm - 5.4.0-1053.58 linux-headers-5.4.0-1053-ibm - 5.4.0-1053.58 linux-ibm-cloud-tools-common - 5.4.0-1053.58 linux-ibm-headers-5.4.0-1053 - 5.4.0-1053.58 linux-ibm-source-5.4.0 - 5.4.0-1053.58 linux-ibm-tools-5.4.0-1053 - 5.4.0-1053.58 linux-ibm-tools-common - 5.4.0-1053.58 linux-image-5.4.0-1053-ibm - 5.4.0-1053.58 linux-image-unsigned-5.4.0-1053-ibm - 5.4.0-1053.58 linux-modules-5.4.0-1053-ibm - 5.4.0-1053.58 linux-modules-extra-5.4.0-1053-ibm - 5.4.0-1053.58 linux-tools-5.4.0-1053-ibm - 5.4.0-1053.58 No subscription required linux-buildinfo-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-cloud-tools-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-gkeop-cloud-tools-5.4.0-1073 - 5.4.0-1073.77 linux-gkeop-headers-5.4.0-1073 - 5.4.0-1073.77 linux-gkeop-source-5.4.0 - 5.4.0-1073.77 linux-gkeop-tools-5.4.0-1073 - 5.4.0-1073.77 linux-headers-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-image-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-image-unsigned-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-modules-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-modules-extra-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-tools-5.4.0-1073-gkeop - 5.4.0-1073.77 No subscription required linux-buildinfo-5.4.0-1090-raspi - 5.4.0-1090.101 linux-headers-5.4.0-1090-raspi - 5.4.0-1090.101 linux-image-5.4.0-1090-raspi - 5.4.0-1090.101 linux-modules-5.4.0-1090-raspi - 5.4.0-1090.101 linux-raspi-headers-5.4.0-1090 - 5.4.0-1090.101 linux-raspi-tools-5.4.0-1090 - 5.4.0-1090.101 linux-tools-5.4.0-1090-raspi - 5.4.0-1090.101 No subscription required linux-buildinfo-5.4.0-1095-kvm - 5.4.0-1095.101 linux-headers-5.4.0-1095-kvm - 5.4.0-1095.101 linux-image-5.4.0-1095-kvm - 5.4.0-1095.101 linux-image-unsigned-5.4.0-1095-kvm - 5.4.0-1095.101 linux-kvm-headers-5.4.0-1095 - 5.4.0-1095.101 linux-kvm-tools-5.4.0-1095 - 5.4.0-1095.101 linux-modules-5.4.0-1095-kvm - 5.4.0-1095.101 linux-tools-5.4.0-1095-kvm - 5.4.0-1095.101 No subscription required linux-buildinfo-5.4.0-1104-gke - 5.4.0-1104.111 linux-gke-headers-5.4.0-1104 - 5.4.0-1104.111 linux-gke-tools-5.4.0-1104 - 5.4.0-1104.111 linux-headers-5.4.0-1104-gke - 5.4.0-1104.111 linux-image-5.4.0-1104-gke - 5.4.0-1104.111 linux-image-unsigned-5.4.0-1104-gke - 5.4.0-1104.111 linux-modules-5.4.0-1104-gke - 5.4.0-1104.111 linux-modules-extra-5.4.0-1104-gke - 5.4.0-1104.111 linux-tools-5.4.0-1104-gke - 5.4.0-1104.111 No subscription required linux-buildinfo-5.4.0-1105-oracle - 5.4.0-1105.114 linux-headers-5.4.0-1105-oracle - 5.4.0-1105.114 linux-image-5.4.0-1105-oracle - 5.4.0-1105.114 linux-image-unsigned-5.4.0-1105-oracle - 5.4.0-1105.114 linux-modules-5.4.0-1105-oracle - 5.4.0-1105.114 linux-modules-extra-5.4.0-1105-oracle - 5.4.0-1105.114 linux-oracle-headers-5.4.0-1105 - 5.4.0-1105.114 linux-oracle-tools-5.4.0-1105 - 5.4.0-1105.114 linux-tools-5.4.0-1105-oracle - 5.4.0-1105.114 No subscription required linux-aws-cloud-tools-5.4.0-1106 - 5.4.0-1106.114 linux-aws-headers-5.4.0-1106 - 5.4.0-1106.114 linux-aws-tools-5.4.0-1106 - 5.4.0-1106.114 linux-buildinfo-5.4.0-1106-aws - 5.4.0-1106.114 linux-cloud-tools-5.4.0-1106-aws - 5.4.0-1106.114 linux-headers-5.4.0-1106-aws - 5.4.0-1106.114 linux-image-5.4.0-1106-aws - 5.4.0-1106.114 linux-image-unsigned-5.4.0-1106-aws - 5.4.0-1106.114 linux-modules-5.4.0-1106-aws - 5.4.0-1106.114 linux-modules-extra-5.4.0-1106-aws - 5.4.0-1106.114 linux-tools-5.4.0-1106-aws - 5.4.0-1106.114 No subscription required linux-buildinfo-5.4.0-1109-gcp - 5.4.0-1109.118 linux-gcp-headers-5.4.0-1109 - 5.4.0-1109.118 linux-gcp-tools-5.4.0-1109 - 5.4.0-1109.118 linux-headers-5.4.0-1109-gcp - 5.4.0-1109.118 linux-image-5.4.0-1109-gcp - 5.4.0-1109.118 linux-image-unsigned-5.4.0-1109-gcp - 5.4.0-1109.118 linux-modules-5.4.0-1109-gcp - 5.4.0-1109.118 linux-modules-extra-5.4.0-1109-gcp - 5.4.0-1109.118 linux-tools-5.4.0-1109-gcp - 5.4.0-1109.118 No subscription required linux-azure-cloud-tools-5.4.0-1112 - 5.4.0-1112.118 linux-azure-headers-5.4.0-1112 - 5.4.0-1112.118 linux-azure-tools-5.4.0-1112 - 5.4.0-1112.118 linux-buildinfo-5.4.0-1112-azure - 5.4.0-1112.118 linux-cloud-tools-5.4.0-1112-azure - 5.4.0-1112.118 linux-headers-5.4.0-1112-azure - 5.4.0-1112.118 linux-image-5.4.0-1112-azure - 5.4.0-1112.118 linux-image-unsigned-5.4.0-1112-azure - 5.4.0-1112.118 linux-modules-5.4.0-1112-azure - 5.4.0-1112.118 linux-modules-extra-5.4.0-1112-azure - 5.4.0-1112.118 linux-tools-5.4.0-1112-azure - 5.4.0-1112.118 No subscription required linux-buildinfo-5.4.0-155-generic - 5.4.0-155.172 linux-buildinfo-5.4.0-155-generic-lpae - 5.4.0-155.172 linux-buildinfo-5.4.0-155-lowlatency - 5.4.0-155.172 linux-cloud-tools-5.4.0-155 - 5.4.0-155.172 linux-cloud-tools-5.4.0-155-generic - 5.4.0-155.172 linux-cloud-tools-5.4.0-155-lowlatency - 5.4.0-155.172 linux-cloud-tools-common - 5.4.0-155.172 linux-doc - 5.4.0-155.172 linux-headers-5.4.0-155 - 5.4.0-155.172 linux-headers-5.4.0-155-generic - 5.4.0-155.172 linux-headers-5.4.0-155-generic-lpae - 5.4.0-155.172 linux-headers-5.4.0-155-lowlatency - 5.4.0-155.172 linux-image-5.4.0-155-generic - 5.4.0-155.172 linux-image-5.4.0-155-generic-lpae - 5.4.0-155.172 linux-image-5.4.0-155-lowlatency - 5.4.0-155.172 linux-image-unsigned-5.4.0-155-generic - 5.4.0-155.172 linux-image-unsigned-5.4.0-155-lowlatency - 5.4.0-155.172 linux-libc-dev - 5.4.0-155.172 linux-modules-5.4.0-155-generic - 5.4.0-155.172 linux-modules-5.4.0-155-generic-lpae - 5.4.0-155.172 linux-modules-5.4.0-155-lowlatency - 5.4.0-155.172 linux-modules-extra-5.4.0-155-generic - 5.4.0-155.172 linux-source-5.4.0 - 5.4.0-155.172 linux-tools-5.4.0-155 - 5.4.0-155.172 linux-tools-5.4.0-155-generic - 5.4.0-155.172 linux-tools-5.4.0-155-generic-lpae - 5.4.0-155.172 linux-tools-5.4.0-155-lowlatency - 5.4.0-155.172 linux-tools-common - 5.4.0-155.172 linux-tools-host - 5.4.0-155.172 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1026.28 linux-image-xilinx-zynqmp - 5.4.0.1026.28 linux-tools-xilinx-zynqmp - 5.4.0.1026.28 linux-xilinx-zynqmp - 5.4.0.1026.28 No subscription required linux-headers-ibm - 5.4.0.1053.79 linux-headers-ibm-lts-20.04 - 5.4.0.1053.79 linux-ibm - 5.4.0.1053.79 linux-ibm-lts-20.04 - 5.4.0.1053.79 linux-image-ibm - 5.4.0.1053.79 linux-image-ibm-lts-20.04 - 5.4.0.1053.79 linux-modules-extra-ibm - 5.4.0.1053.79 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1053.79 linux-tools-ibm - 5.4.0.1053.79 linux-tools-ibm-lts-20.04 - 5.4.0.1053.79 No subscription required linux-cloud-tools-gkeop - 5.4.0.1073.71 linux-cloud-tools-gkeop-5.4 - 5.4.0.1073.71 linux-gkeop - 5.4.0.1073.71 linux-gkeop-5.4 - 5.4.0.1073.71 linux-headers-gkeop - 5.4.0.1073.71 linux-headers-gkeop-5.4 - 5.4.0.1073.71 linux-image-gkeop - 5.4.0.1073.71 linux-image-gkeop-5.4 - 5.4.0.1073.71 linux-modules-extra-gkeop - 5.4.0.1073.71 linux-modules-extra-gkeop-5.4 - 5.4.0.1073.71 linux-tools-gkeop - 5.4.0.1073.71 linux-tools-gkeop-5.4 - 5.4.0.1073.71 No subscription required linux-headers-raspi - 5.4.0.1090.120 linux-headers-raspi-hwe-18.04 - 5.4.0.1090.120 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1090.120 linux-headers-raspi2 - 5.4.0.1090.120 linux-headers-raspi2-hwe-18.04 - 5.4.0.1090.120 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1090.120 linux-image-raspi - 5.4.0.1090.120 linux-image-raspi-hwe-18.04 - 5.4.0.1090.120 linux-image-raspi-hwe-18.04-edge - 5.4.0.1090.120 linux-image-raspi2 - 5.4.0.1090.120 linux-image-raspi2-hwe-18.04 - 5.4.0.1090.120 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1090.120 linux-raspi - 5.4.0.1090.120 linux-raspi-hwe-18.04 - 5.4.0.1090.120 linux-raspi-hwe-18.04-edge - 5.4.0.1090.120 linux-raspi2 - 5.4.0.1090.120 linux-raspi2-hwe-18.04 - 5.4.0.1090.120 linux-raspi2-hwe-18.04-edge - 5.4.0.1090.120 linux-tools-raspi - 5.4.0.1090.120 linux-tools-raspi-hwe-18.04 - 5.4.0.1090.120 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1090.120 linux-tools-raspi2 - 5.4.0.1090.120 linux-tools-raspi2-hwe-18.04 - 5.4.0.1090.120 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1090.120 No subscription required linux-headers-kvm - 5.4.0.1095.90 linux-image-kvm - 5.4.0.1095.90 linux-kvm - 5.4.0.1095.90 linux-tools-kvm - 5.4.0.1095.90 No subscription required linux-gke - 5.4.0.1104.109 linux-gke-5.4 - 5.4.0.1104.109 linux-headers-gke - 5.4.0.1104.109 linux-headers-gke-5.4 - 5.4.0.1104.109 linux-image-gke - 5.4.0.1104.109 linux-image-gke-5.4 - 5.4.0.1104.109 linux-modules-extra-gke - 5.4.0.1104.109 linux-modules-extra-gke-5.4 - 5.4.0.1104.109 linux-tools-gke - 5.4.0.1104.109 linux-tools-gke-5.4 - 5.4.0.1104.109 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1105.98 linux-image-oracle-lts-20.04 - 5.4.0.1105.98 linux-oracle-lts-20.04 - 5.4.0.1105.98 linux-tools-oracle-lts-20.04 - 5.4.0.1105.98 No subscription required linux-aws-lts-20.04 - 5.4.0.1106.103 linux-headers-aws-lts-20.04 - 5.4.0.1106.103 linux-image-aws-lts-20.04 - 5.4.0.1106.103 linux-modules-extra-aws-lts-20.04 - 5.4.0.1106.103 linux-tools-aws-lts-20.04 - 5.4.0.1106.103 No subscription required linux-gcp-lts-20.04 - 5.4.0.1109.111 linux-headers-gcp-lts-20.04 - 5.4.0.1109.111 linux-image-gcp-lts-20.04 - 5.4.0.1109.111 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1109.111 linux-tools-gcp-lts-20.04 - 5.4.0.1109.111 No subscription required linux-azure-lts-20.04 - 5.4.0.1112.105 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1112.105 linux-headers-azure-lts-20.04 - 5.4.0.1112.105 linux-image-azure-lts-20.04 - 5.4.0.1112.105 linux-modules-extra-azure-lts-20.04 - 5.4.0.1112.105 linux-tools-azure-lts-20.04 - 5.4.0.1112.105 No subscription required linux-cloud-tools-generic - 5.4.0.155.151 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.155.151 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.155.151 linux-cloud-tools-lowlatency - 5.4.0.155.151 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.155.151 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.155.151 linux-cloud-tools-virtual - 5.4.0.155.151 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.155.151 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.155.151 linux-crashdump - 5.4.0.155.151 linux-generic - 5.4.0.155.151 linux-generic-hwe-18.04 - 5.4.0.155.151 linux-generic-hwe-18.04-edge - 5.4.0.155.151 linux-generic-lpae - 5.4.0.155.151 linux-generic-lpae-hwe-18.04 - 5.4.0.155.151 linux-generic-lpae-hwe-18.04-edge - 5.4.0.155.151 linux-headers-generic - 5.4.0.155.151 linux-headers-generic-hwe-18.04 - 5.4.0.155.151 linux-headers-generic-hwe-18.04-edge - 5.4.0.155.151 linux-headers-generic-lpae - 5.4.0.155.151 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.155.151 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.155.151 linux-headers-lowlatency - 5.4.0.155.151 linux-headers-lowlatency-hwe-18.04 - 5.4.0.155.151 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.155.151 linux-headers-oem - 5.4.0.155.151 linux-headers-oem-osp1 - 5.4.0.155.151 linux-headers-virtual - 5.4.0.155.151 linux-headers-virtual-hwe-18.04 - 5.4.0.155.151 linux-headers-virtual-hwe-18.04-edge - 5.4.0.155.151 linux-image-extra-virtual - 5.4.0.155.151 linux-image-extra-virtual-hwe-18.04 - 5.4.0.155.151 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.155.151 linux-image-generic - 5.4.0.155.151 linux-image-generic-hwe-18.04 - 5.4.0.155.151 linux-image-generic-hwe-18.04-edge - 5.4.0.155.151 linux-image-generic-lpae - 5.4.0.155.151 linux-image-generic-lpae-hwe-18.04 - 5.4.0.155.151 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.155.151 linux-image-lowlatency - 5.4.0.155.151 linux-image-lowlatency-hwe-18.04 - 5.4.0.155.151 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.155.151 linux-image-oem - 5.4.0.155.151 linux-image-oem-osp1 - 5.4.0.155.151 linux-image-virtual - 5.4.0.155.151 linux-image-virtual-hwe-18.04 - 5.4.0.155.151 linux-image-virtual-hwe-18.04-edge - 5.4.0.155.151 linux-lowlatency - 5.4.0.155.151 linux-lowlatency-hwe-18.04 - 5.4.0.155.151 linux-lowlatency-hwe-18.04-edge - 5.4.0.155.151 linux-oem - 5.4.0.155.151 linux-oem-osp1 - 5.4.0.155.151 linux-oem-osp1-tools-host - 5.4.0.155.151 linux-oem-tools-host - 5.4.0.155.151 linux-source - 5.4.0.155.151 linux-tools-generic - 5.4.0.155.151 linux-tools-generic-hwe-18.04 - 5.4.0.155.151 linux-tools-generic-hwe-18.04-edge - 5.4.0.155.151 linux-tools-generic-lpae - 5.4.0.155.151 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.155.151 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.155.151 linux-tools-lowlatency - 5.4.0.155.151 linux-tools-lowlatency-hwe-18.04 - 5.4.0.155.151 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.155.151 linux-tools-oem - 5.4.0.155.151 linux-tools-oem-osp1 - 5.4.0.155.151 linux-tools-virtual - 5.4.0.155.151 linux-tools-virtual-hwe-18.04 - 5.4.0.155.151 linux-tools-virtual-hwe-18.04-edge - 5.4.0.155.151 linux-virtual - 5.4.0.155.151 linux-virtual-hwe-18.04 - 5.4.0.155.151 linux-virtual-hwe-18.04-edge - 5.4.0.155.151 No subscription required High CVE-2023-3090 CVE-2023-32629 CVE-2023-3390 CVE-2023-35001 Ubuntu 20.04 LTS It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3090) Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31248) Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3389) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3390) Lin Ma discovered that a race condition existed in the MCTP implementation in the Linux kernel, leading to a use-after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3439) Tanguy Dubroca discovered that the netfilter subsystem in the Linux kernel did not properly handle certain pointer data type, leading to an out-of- bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35001) Update Instructions: Run `sudo pro fix USN-6255-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-cloud-tools-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-headers-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-image-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-image-unsigned-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1036 - 5.15.0-1036.41~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1036.41~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1036 - 5.15.0-1036.41~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1036 - 5.15.0-1036.41~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1036.41~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1036.41~20.04.1 linux-modules-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-modules-extra-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-modules-iwlwifi-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-tools-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1036.41~20.04.26 linux-headers-intel - 5.15.0.1036.41~20.04.26 linux-headers-intel-iotg - 5.15.0.1036.41~20.04.26 linux-headers-intel-iotg-edge - 5.15.0.1036.41~20.04.26 linux-image-intel - 5.15.0.1036.41~20.04.26 linux-image-intel-iotg - 5.15.0.1036.41~20.04.26 linux-image-intel-iotg-edge - 5.15.0.1036.41~20.04.26 linux-intel - 5.15.0.1036.41~20.04.26 linux-intel-iotg - 5.15.0.1036.41~20.04.26 linux-intel-iotg-edge - 5.15.0.1036.41~20.04.26 linux-tools-intel - 5.15.0.1036.41~20.04.26 linux-tools-intel-iotg - 5.15.0.1036.41~20.04.26 linux-tools-intel-iotg-edge - 5.15.0.1036.41~20.04.26 No subscription required High CVE-2023-3090 CVE-2023-31248 CVE-2023-3389 CVE-2023-3390 CVE-2023-3439 CVE-2023-35001 Ubuntu 20.04 LTS Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3108) Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3903) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit() function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0458) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1076) It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1077) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1670) It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2023-1859) Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2 mitigations with prctl syscall were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-1998) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the BigBen Interactive Kids' gamepad driver in the Linux kernel did not properly handle device removal, leading to a use- after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-25012) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2985) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Sanan Hasanov discovered that the framebuffer console driver in the Linux kernel did not properly perform checks for font dimension limits. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-3161) Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220) Update Instructions: Run `sudo pro fix USN-6256-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1017-iot - 5.4.0-1017.18 linux-headers-5.4.0-1017-iot - 5.4.0-1017.18 linux-image-5.4.0-1017-iot - 5.4.0-1017.18 linux-image-unsigned-5.4.0-1017-iot - 5.4.0-1017.18 linux-iot-headers-5.4.0-1017 - 5.4.0-1017.18 linux-iot-tools-5.4.0-1017 - 5.4.0-1017.18 linux-iot-tools-common - 5.4.0-1017.18 linux-modules-5.4.0-1017-iot - 5.4.0-1017.18 linux-tools-5.4.0-1017-iot - 5.4.0-1017.18 No subscription required linux-headers-iot - 5.4.0.1017.15 linux-image-iot - 5.4.0.1017.15 linux-iot - 5.4.0.1017.15 linux-tools-iot - 5.4.0.1017.15 No subscription required High CVE-2022-3108 CVE-2022-3707 CVE-2022-3903 CVE-2022-4129 CVE-2023-0458 CVE-2023-0459 CVE-2023-1073 CVE-2023-1074 CVE-2023-1075 CVE-2023-1076 CVE-2023-1077 CVE-2023-1078 CVE-2023-1079 CVE-2023-1118 CVE-2023-1281 CVE-2023-1380 CVE-2023-1513 CVE-2023-1670 CVE-2023-1829 CVE-2023-1859 CVE-2023-1998 CVE-2023-2162 CVE-2023-25012 CVE-2023-2612 CVE-2023-26545 CVE-2023-2985 CVE-2023-30456 CVE-2023-31436 CVE-2023-3161 CVE-2023-32233 CVE-2023-32269 CVE-2023-35788 https://launchpad.net/bugs/2023220 https://launchpad.net/bugs/2023577 Ubuntu 20.04 LTS It was discovered that Open VM Tools incorrectly handled certain authentication requests. A fully compromised ESXi host can force Open VM Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. (CVE-2023-20867) Update Instructions: Run `sudo pro fix USN-6257-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: open-vm-tools - 2:11.3.0-2ubuntu0~ubuntu20.04.5 open-vm-tools-desktop - 2:11.3.0-2ubuntu0~ubuntu20.04.5 open-vm-tools-dev - 2:11.3.0-2ubuntu0~ubuntu20.04.5 open-vm-tools-sdmp - 2:11.3.0-2ubuntu0~ubuntu20.04.5 No subscription required Low CVE-2023-20867 Ubuntu 20.04 LTS Jos Wetzels, Stanislav Dashevskyi, and Amine Amri discovered that Open-iSCSI incorrectly handled certain checksums for IP packets. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-13987) Jos Wetzels, Stanislav Dashevskyi, Amine Amri discovered that Open-iSCSI incorrectly handled certain parsing TCP MSS options. An attacker could possibly use this issue to cause a crash or cause unexpected behavior. (CVE-2020-13988) Amine Amri and Stanislav Dashevskyi discovered that Open-iSCSI incorrectly handled certain TCP data. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-17437) Update Instructions: Run `sudo pro fix USN-6259-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: iscsiuio - 2.0.874-7.1ubuntu6.4 open-iscsi - 2.0.874-7.1ubuntu6.4 No subscription required Low CVE-2020-13987 CVE-2020-13988 CVE-2020-17437 Ubuntu 20.04 LTS It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3090) Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-32629) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3390) Tanguy Dubroca discovered that the netfilter subsystem in the Linux kernel did not properly handle certain pointer data type, leading to an out-of- bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35001) Update Instructions: Run `sudo pro fix USN-6261-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1018-iot - 5.4.0-1018.19 linux-headers-5.4.0-1018-iot - 5.4.0-1018.19 linux-image-5.4.0-1018-iot - 5.4.0-1018.19 linux-image-unsigned-5.4.0-1018-iot - 5.4.0-1018.19 linux-iot-headers-5.4.0-1018 - 5.4.0-1018.19 linux-iot-tools-5.4.0-1018 - 5.4.0-1018.19 linux-iot-tools-common - 5.4.0-1018.19 linux-modules-5.4.0-1018-iot - 5.4.0-1018.19 linux-tools-5.4.0-1018-iot - 5.4.0-1018.19 No subscription required linux-headers-iot - 5.4.0.1018.16 linux-image-iot - 5.4.0.1018.16 linux-iot - 5.4.0.1018.16 linux-tools-iot - 5.4.0.1018.16 No subscription required High CVE-2023-3090 CVE-2023-32629 CVE-2023-3390 CVE-2023-35001 Ubuntu 20.04 LTS It was discovered that Wireshark did not properly handle certain NFS packages when certain configuration options were enabled. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. (CVE-2020-13164) It was discovered that Wireshark did not properly handle certain GVCP packages. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-15466) It was discovered that Wireshark did not properly handle certain Kafka packages. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-17498) It was discovered that Wireshark did not properly handle certain TCP packages containing an invalid 0xFFFF checksum. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. (CVE-2020-25862) It was discovered that Wireshark did not properly handle certain MIME packages containing invalid parts. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. (CVE-2020-25863) Update Instructions: Run `sudo pro fix USN-6262-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwireshark-data - 3.2.3-1ubuntu0.1~esm1 libwireshark-dev - 3.2.3-1ubuntu0.1~esm1 libwireshark13 - 3.2.3-1ubuntu0.1~esm1 libwiretap-dev - 3.2.3-1ubuntu0.1~esm1 libwiretap10 - 3.2.3-1ubuntu0.1~esm1 libwsutil-dev - 3.2.3-1ubuntu0.1~esm1 libwsutil11 - 3.2.3-1ubuntu0.1~esm1 tshark - 3.2.3-1ubuntu0.1~esm1 wireshark - 3.2.3-1ubuntu0.1~esm1 wireshark-common - 3.2.3-1ubuntu0.1~esm1 wireshark-dev - 3.2.3-1ubuntu0.1~esm1 wireshark-doc - 3.2.3-1ubuntu0.1~esm1 wireshark-gtk - 3.2.3-1ubuntu0.1~esm1 wireshark-qt - 3.2.3-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-13164 CVE-2020-15466 CVE-2020-17498 CVE-2020-25862 CVE-2020-25863 Ubuntu 20.04 LTS Motoyasu Saburi discovered that OpenJDK incorrectly handled special characters in file name parameters. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-22006) Eirik Bjørsnøs discovered that OpenJDK incorrectly handled certain ZIP archives. An attacker could possibly use this issue to cause a denial of service. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-22036) David Stancu discovered that OpenJDK had a flaw in the AES cipher implementation. An attacker could possibly use this issue to obtain sensitive information. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-22041) Zhiqiang Zang discovered that OpenJDK incorrectly handled array accesses when using the binary '%' operator. An attacker could possibly use this issue to obtain sensitive information. This issue only affected OpenJDK 17. (CVE-2023-22044) Zhiqiang Zang discovered that OpenJDK incorrectly handled array accesses. An attacker could possibly use this issue to obtain sensitive information. (CVE-2023-22045) It was discovered that OpenJDK incorrectly sanitized URIs strings. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-22049) It was discovered that OpenJDK incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a denial of service. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-25193) Update Instructions: Run `sudo pro fix USN-6263-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-demo - 11.0.20+8-1ubuntu1~20.04 openjdk-11-doc - 11.0.20+8-1ubuntu1~20.04 openjdk-11-jdk - 11.0.20+8-1ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.20+8-1ubuntu1~20.04 openjdk-11-jre - 11.0.20+8-1ubuntu1~20.04 openjdk-11-jre-headless - 11.0.20+8-1ubuntu1~20.04 openjdk-11-jre-zero - 11.0.20+8-1ubuntu1~20.04 openjdk-11-source - 11.0.20+8-1ubuntu1~20.04 No subscription required openjdk-17-demo - 17.0.8+7-1~20.04.2 openjdk-17-doc - 17.0.8+7-1~20.04.2 openjdk-17-jdk - 17.0.8+7-1~20.04.2 openjdk-17-jdk-headless - 17.0.8+7-1~20.04.2 openjdk-17-jre - 17.0.8+7-1~20.04.2 openjdk-17-jre-headless - 17.0.8+7-1~20.04.2 openjdk-17-jre-zero - 17.0.8+7-1~20.04.2 openjdk-17-source - 17.0.8+7-1~20.04.2 No subscription required openjdk-8-demo - 8u382-ga-1~20.04.1 openjdk-8-doc - 8u382-ga-1~20.04.1 openjdk-8-jdk - 8u382-ga-1~20.04.1 openjdk-8-jdk-headless - 8u382-ga-1~20.04.1 openjdk-8-jre - 8u382-ga-1~20.04.1 openjdk-8-jre-headless - 8u382-ga-1~20.04.1 openjdk-8-jre-zero - 8u382-ga-1~20.04.1 openjdk-8-source - 8u382-ga-1~20.04.1 No subscription required Medium CVE-2023-22006 CVE-2023-22036 CVE-2023-22041 CVE-2023-22044 CVE-2023-22045 CVE-2023-22049 CVE-2023-25193 Ubuntu 20.04 LTS USN-6263-1 fixed vulnerabilities in OpenJDK. Unfortunately, that update introduced a regression when opening APK, ZIP or JAR files in OpenJDK 11 and OpenJDK 17. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Motoyasu Saburi discovered that OpenJDK incorrectly handled special characters in file name parameters. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-22006) Eirik Bjørsnøs discovered that OpenJDK incorrectly handled certain ZIP archives. An attacker could possibly use this issue to cause a denial of service. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-22036) David Stancu discovered that OpenJDK had a flaw in the AES cipher implementation. An attacker could possibly use this issue to obtain sensitive information. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-22041) Zhiqiang Zang discovered that OpenJDK incorrectly handled array accesses when using the binary '%' operator. An attacker could possibly use this issue to obtain sensitive information. This issue only affected OpenJDK 17. (CVE-2023-22044) Zhiqiang Zang discovered that OpenJDK incorrectly handled array accesses. An attacker could possibly use this issue to obtain sensitive information. (CVE-2023-22045) It was discovered that OpenJDK incorrectly sanitized URIs strings. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-22049) It was discovered that OpenJDK incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a denial of service. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-25193) Update Instructions: Run `sudo pro fix USN-6263-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-demo - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-doc - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-jdk - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-jre - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-source - 11.0.20.1+1-0ubuntu1~20.04 No subscription required openjdk-17-demo - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-doc - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-jdk - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-jdk-headless - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-jre - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-jre-headless - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-jre-zero - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-source - 17.0.8.1+1~us1-0ubuntu1~20.04 No subscription required None https://launchpad.net/bugs/2032865 Ubuntu 20.04 LTS Zac Sims discovered that librsvg incorrectly handled decoding URLs. A remote attacker could possibly use this issue to read arbitrary files by using an include element. Update Instructions: Run `sudo pro fix USN-6266-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-rsvg-2.0 - 2.48.9-1ubuntu0.20.04.4 librsvg2-2 - 2.48.9-1ubuntu0.20.04.4 librsvg2-bin - 2.48.9-1ubuntu0.20.04.4 librsvg2-common - 2.48.9-1ubuntu0.20.04.4 librsvg2-dev - 2.48.9-1ubuntu0.20.04.4 librsvg2-doc - 2.48.9-1ubuntu0.20.04.4 No subscription required Medium CVE-2023-38633 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4051, CVE-2023-4053, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057, CVE-2023-4058) Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. (CVE-2023-4045) Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4046) Mark Brand discovered that Firefox did not properly validate the size of an untrusted input stream. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4050) Update Instructions: Run `sudo pro fix USN-6267-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 116.0+build2-0ubuntu0.20.04.2 firefox-dev - 116.0+build2-0ubuntu0.20.04.2 firefox-geckodriver - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-af - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-an - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ar - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-as - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ast - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-az - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-be - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-bg - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-bn - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-br - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-bs - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ca - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-cak - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-cs - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-csb - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-cy - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-da - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-de - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-el - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-en - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-eo - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-es - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-et - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-eu - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-fa - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-fi - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-fr - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-fy - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ga - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-gd - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-gl - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-gn - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-gu - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-he - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-hi - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-hr - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-hsb - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-hu - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-hy - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ia - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-id - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-is - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-it - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ja - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ka - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-kab - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-kk - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-km - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-kn - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ko - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ku - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-lg - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-lt - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-lv - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-mai - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-mk - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ml - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-mn - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-mr - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ms - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-my - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-nb - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ne - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-nl - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-nn - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-nso - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-oc - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-or - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-pa - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-pl - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-pt - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ro - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ru - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-si - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-sk - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-sl - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-sq - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-sr - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-sv - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-sw - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-szl - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ta - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-te - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-tg - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-th - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-tr - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-uk - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ur - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-uz - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-vi - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-xh - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-zh-hans - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-zh-hant - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-zu - 116.0+build2-0ubuntu0.20.04.2 firefox-mozsymbols - 116.0+build2-0ubuntu0.20.04.2 No subscription required Medium CVE-2023-4045 CVE-2023-4046 CVE-2023-4047 CVE-2023-4048 CVE-2023-4049 CVE-2023-4050 CVE-2023-4051 CVE-2023-4053 CVE-2023-4055 CVE-2023-4056 CVE-2023-4057 CVE-2023-4058 Ubuntu 20.04 LTS USN-6267-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4051, CVE-2023-4053, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057, CVE-2023-4058) Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. (CVE-2023-4045) Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4046) Mark Brand discovered that Firefox did not properly validate the size of an untrusted input stream. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4050) Update Instructions: Run `sudo pro fix USN-6267-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 116.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 116.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nl - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tg - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 116.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 116.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2030690 Ubuntu 20.04 LTS USN-6267-1 fixed vulnerabilities and USN-6267-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4051, CVE-2023-4053, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057, CVE-2023-4058) Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. (CVE-2023-4045) Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4046) Mark Brand discovered that Firefox did not properly validate the size of an untrusted input stream. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4050) Update Instructions: Run `sudo pro fix USN-6267-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 116.0.3+build2-0ubuntu0.20.04.1 firefox-dev - 116.0.3+build2-0ubuntu0.20.04.1 firefox-geckodriver - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-af - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-an - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ar - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-as - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ast - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-az - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-be - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-bg - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-bn - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-br - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-bs - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ca - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-cak - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-cs - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-csb - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-cy - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-da - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-de - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-el - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-en - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-eo - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-es - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-et - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-eu - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-fa - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-fi - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-fr - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-fy - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ga - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-gd - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-gl - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-gn - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-gu - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-he - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-hi - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-hr - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-hu - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-hy - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ia - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-id - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-is - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-it - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ja - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ka - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-kab - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-kk - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-km - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-kn - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ko - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ku - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-lg - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-lt - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-lv - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-mai - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-mk - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ml - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-mn - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-mr - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ms - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-my - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-nb - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ne - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-nl - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-nn - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-nso - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-oc - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-or - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-pa - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-pl - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-pt - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ro - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ru - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-si - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-sk - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-sl - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-sq - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-sr - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-sv - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-sw - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-szl - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ta - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-te - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-tg - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-th - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-tr - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-uk - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ur - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-uz - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-vi - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-xh - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-zu - 116.0.3+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 116.0.3+build2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2032143 Ubuntu 20.04 LTS It was discovered that GStreamer Base Plugins incorrectly handled certain FLAC image tags. A remote attacker could use this issue to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-37327) It was discovered that GStreamer Base Plugins incorrectly handled certain subtitles. A remote attacker could use this issue to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-37328) Update Instructions: Run `sudo pro fix USN-6268-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gst-plugins-base-1.0 - 1.16.3-0ubuntu1.2 gstreamer1.0-alsa - 1.16.3-0ubuntu1.2 gstreamer1.0-gl - 1.16.3-0ubuntu1.2 gstreamer1.0-plugins-base - 1.16.3-0ubuntu1.2 gstreamer1.0-plugins-base-apps - 1.16.3-0ubuntu1.2 gstreamer1.0-plugins-base-doc - 1.16.3-0ubuntu1.2 gstreamer1.0-x - 1.16.3-0ubuntu1.2 libgstreamer-gl1.0-0 - 1.16.3-0ubuntu1.2 libgstreamer-plugins-base1.0-0 - 1.16.3-0ubuntu1.2 libgstreamer-plugins-base1.0-dev - 1.16.3-0ubuntu1.2 No subscription required Medium CVE-2023-37327 CVE-2023-37328 Ubuntu 20.04 LTS It was discovered that GStreamer Good Plugins incorrectly handled certain FLAC image tags. A remote attacker could use this issue to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-37327) Update Instructions: Run `sudo pro fix USN-6269-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gstreamer1.0-gtk3 - 1.16.3-0ubuntu1.2 gstreamer1.0-plugins-good - 1.16.3-0ubuntu1.2 gstreamer1.0-plugins-good-doc - 1.16.3-0ubuntu1.2 gstreamer1.0-pulseaudio - 1.16.3-0ubuntu1.2 gstreamer1.0-qt5 - 1.16.3-0ubuntu1.2 libgstreamer-plugins-good1.0-0 - 1.16.3-0ubuntu1.2 libgstreamer-plugins-good1.0-dev - 1.16.3-0ubuntu1.2 No subscription required Medium CVE-2023-37327 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2182) It was discovered that Vim incorrectly handled memory when deleting buffers in diff mode. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-2208) It was discovered that Vim incorrectly handled memory access. An attacker could possibly use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-2210) It was discovered that Vim incorrectly handled memory when using nested :source. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2231) It was discovered that Vim did not properly perform bounds checks when processing a menu item with the only modifier. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-2257) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. (CVE-2022-2264, CVE-2022-2284, CVE-2022-2289) It was discovered that Vim did not properly perform bounds checks when going over the end of the typahead. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-2285) It was discovered that Vim did not properly perform bounds checks when reading the provided string. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-2286) It was discovered that Vim incorrectly handled memory when adding words with a control character to the internal spell word list. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-2287) Update Instructions: Run `sudo pro fix USN-6270-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:8.1.2269-1ubuntu5.16 vim-athena - 2:8.1.2269-1ubuntu5.16 vim-common - 2:8.1.2269-1ubuntu5.16 vim-doc - 2:8.1.2269-1ubuntu5.16 vim-gtk - 2:8.1.2269-1ubuntu5.16 vim-gtk3 - 2:8.1.2269-1ubuntu5.16 vim-gui-common - 2:8.1.2269-1ubuntu5.16 vim-nox - 2:8.1.2269-1ubuntu5.16 vim-runtime - 2:8.1.2269-1ubuntu5.16 vim-tiny - 2:8.1.2269-1ubuntu5.16 xxd - 2:8.1.2269-1ubuntu5.16 No subscription required Medium CVE-2022-2182 CVE-2022-2208 CVE-2022-2210 CVE-2022-2231 CVE-2022-2257 CVE-2022-2264 CVE-2022-2284 CVE-2022-2285 CVE-2022-2286 CVE-2022-2287 CVE-2022-2289 Ubuntu 20.04 LTS Xiang Li discovered that MaraDNS incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. (CVE-2022-30256) Huascar Tejeda discovered that MaraDNS incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-31137) Update Instructions: Run `sudo pro fix USN-6271-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: duende - 2.0.13-1.4+deb11u1build0.20.04.1 maradns - 2.0.13-1.4+deb11u1build0.20.04.1 maradns-deadwood - 2.0.13-1.4+deb11u1build0.20.04.1 maradns-docs - 2.0.13-1.4+deb11u1build0.20.04.1 maradns-zoneserver - 2.0.13-1.4+deb11u1build0.20.04.1 No subscription required Medium CVE-2022-30256 CVE-2023-31137 Ubuntu 20.04 LTS Jieyong Ma discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-27337) It was discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-34872) Update Instructions: Run `sudo pro fix USN-6273-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-poppler-0.18 - 0.86.1-0ubuntu1.2 libpoppler-cpp-dev - 0.86.1-0ubuntu1.2 libpoppler-cpp0v5 - 0.86.1-0ubuntu1.2 libpoppler-dev - 0.86.1-0ubuntu1.2 libpoppler-glib-dev - 0.86.1-0ubuntu1.2 libpoppler-glib-doc - 0.86.1-0ubuntu1.2 libpoppler-glib8 - 0.86.1-0ubuntu1.2 libpoppler-private-dev - 0.86.1-0ubuntu1.2 libpoppler-qt5-1 - 0.86.1-0ubuntu1.2 libpoppler-qt5-dev - 0.86.1-0ubuntu1.2 libpoppler97 - 0.86.1-0ubuntu1.2 poppler-utils - 0.86.1-0ubuntu1.2 No subscription required Medium CVE-2022-27337 CVE-2023-34872 Ubuntu 20.04 LTS Addison Crump discovered that Cargo incorrectly set file permissions on UNIX-like systems when extracting crate archives. If the crate would contain files writable by any user, a local attacker could possibly use this issue to execute code as another user. Update Instructions: Run `sudo pro fix USN-6275-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cargo - 0.67.1+ds0ubuntu0.libgit2-0ubuntu0.20.04.2+esm1 cargo-doc - 0.67.1+ds0ubuntu0.libgit2-0ubuntu0.20.04.2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-38497 Ubuntu 20.04 LTS It was discovered that Dompdf was not properly validating untrusted input when processing HTML content under certain circumstances. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2014-5011, CVE-2014-5012, CVE-2014-5013) It was discovered that Dompdf was not properly validating processed HTML content that referenced PHAR files, which could result in the deserialization of untrusted data. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-3838) It was discovered that Dompdf was not properly validating processed HTML content that referenced both a remote base and a local file, which could result in the bypass of a chroot check. An attacker could possibly use this issue to expose sensitive information. (CVE-2022-2400) Update Instructions: Run `sudo pro fix USN-6277-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-dompdf - 0.6.2+dfsg-3ubuntu0.20.04.1 No subscription required Medium CVE-2014-5011 CVE-2014-5012 CVE-2014-5013 CVE-2021-3838 CVE-2022-2400 Ubuntu 20.04 LTS It was discovered that OpenSSH has an observable discrepancy leading to an information leak in the algorithm negotiation. This update mitigates the issue by tweaking the client hostkey preference ordering algorithm to prefer the default ordering if the user has a key that matches the best-preference default algorithm. Update Instructions: Run `sudo pro fix USN-6279-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-client - 1:8.2p1-4ubuntu0.9 openssh-server - 1:8.2p1-4ubuntu0.9 openssh-sftp-server - 1:8.2p1-4ubuntu0.9 openssh-tests - 1:8.2p1-4ubuntu0.9 ssh - 1:8.2p1-4ubuntu0.9 ssh-askpass-gnome - 1:8.2p1-4ubuntu0.9 No subscription required None https://launchpad.net/bugs/2030275 Ubuntu 20.04 LTS It was discovered that PyPDF2 incorrectly handled PDF files with certain markers. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to consume system resources, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6280-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pypdf2 - 1.26.0-3ubuntu1.20.04.2 python3-pypdf2 - 1.26.0-3ubuntu1.20.04.2 No subscription required Medium CVE-2023-36810 Ubuntu 20.04 LTS Alvaro Munoz discovered that Velocity Engine incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6281-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: velocity - 1.7-5+deb9u1build0.20.04.1 velocity-doc - 1.7-5+deb9u1build0.20.04.1 No subscription required Medium CVE-2020-13936 Ubuntu 20.04 LTS Jackson Henry discovered that Velocity Tools incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6282-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvelocity-tools-java - 2.0-7ubuntu0.20.04.1 libvelocity-tools-java-doc - 2.0-7ubuntu0.20.04.1 No subscription required Medium CVE-2020-13959 Ubuntu 20.04 LTS It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service (infinite recursion). (CVE-2020-36691) Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl() in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-0168) It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2022-1184) It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the btrfs file system implementation in the Linux kernel did not properly handle error conditions in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-3111) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) Update Instructions: Run `sudo pro fix USN-6284-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1019-iot - 5.4.0-1019.20 linux-headers-5.4.0-1019-iot - 5.4.0-1019.20 linux-image-5.4.0-1019-iot - 5.4.0-1019.20 linux-image-unsigned-5.4.0-1019-iot - 5.4.0-1019.20 linux-iot-headers-5.4.0-1019 - 5.4.0-1019.20 linux-iot-tools-5.4.0-1019 - 5.4.0-1019.20 linux-iot-tools-common - 5.4.0-1019.20 linux-modules-5.4.0-1019-iot - 5.4.0-1019.20 linux-tools-5.4.0-1019-iot - 5.4.0-1019.20 No subscription required linux-buildinfo-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-cloud-tools-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-gkeop-cloud-tools-5.4.0-1074 - 5.4.0-1074.78 linux-gkeop-headers-5.4.0-1074 - 5.4.0-1074.78 linux-gkeop-source-5.4.0 - 5.4.0-1074.78 linux-gkeop-tools-5.4.0-1074 - 5.4.0-1074.78 linux-headers-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-image-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-image-unsigned-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-modules-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-modules-extra-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-tools-5.4.0-1074-gkeop - 5.4.0-1074.78 No subscription required linux-buildinfo-5.4.0-1091-raspi - 5.4.0-1091.102 linux-headers-5.4.0-1091-raspi - 5.4.0-1091.102 linux-image-5.4.0-1091-raspi - 5.4.0-1091.102 linux-modules-5.4.0-1091-raspi - 5.4.0-1091.102 linux-raspi-headers-5.4.0-1091 - 5.4.0-1091.102 linux-raspi-tools-5.4.0-1091 - 5.4.0-1091.102 linux-tools-5.4.0-1091-raspi - 5.4.0-1091.102 No subscription required linux-buildinfo-5.4.0-1096-kvm - 5.4.0-1096.102 linux-headers-5.4.0-1096-kvm - 5.4.0-1096.102 linux-image-5.4.0-1096-kvm - 5.4.0-1096.102 linux-image-unsigned-5.4.0-1096-kvm - 5.4.0-1096.102 linux-kvm-headers-5.4.0-1096 - 5.4.0-1096.102 linux-kvm-tools-5.4.0-1096 - 5.4.0-1096.102 linux-modules-5.4.0-1096-kvm - 5.4.0-1096.102 linux-tools-5.4.0-1096-kvm - 5.4.0-1096.102 No subscription required linux-buildinfo-5.4.0-1106-oracle - 5.4.0-1106.115 linux-headers-5.4.0-1106-oracle - 5.4.0-1106.115 linux-image-5.4.0-1106-oracle - 5.4.0-1106.115 linux-image-unsigned-5.4.0-1106-oracle - 5.4.0-1106.115 linux-modules-5.4.0-1106-oracle - 5.4.0-1106.115 linux-modules-extra-5.4.0-1106-oracle - 5.4.0-1106.115 linux-oracle-headers-5.4.0-1106 - 5.4.0-1106.115 linux-oracle-tools-5.4.0-1106 - 5.4.0-1106.115 linux-tools-5.4.0-1106-oracle - 5.4.0-1106.115 No subscription required linux-aws-cloud-tools-5.4.0-1107 - 5.4.0-1107.115 linux-aws-headers-5.4.0-1107 - 5.4.0-1107.115 linux-aws-tools-5.4.0-1107 - 5.4.0-1107.115 linux-buildinfo-5.4.0-1107-aws - 5.4.0-1107.115 linux-cloud-tools-5.4.0-1107-aws - 5.4.0-1107.115 linux-headers-5.4.0-1107-aws - 5.4.0-1107.115 linux-image-5.4.0-1107-aws - 5.4.0-1107.115 linux-image-unsigned-5.4.0-1107-aws - 5.4.0-1107.115 linux-modules-5.4.0-1107-aws - 5.4.0-1107.115 linux-modules-extra-5.4.0-1107-aws - 5.4.0-1107.115 linux-tools-5.4.0-1107-aws - 5.4.0-1107.115 No subscription required linux-buildinfo-5.4.0-1110-gcp - 5.4.0-1110.119 linux-gcp-headers-5.4.0-1110 - 5.4.0-1110.119 linux-gcp-tools-5.4.0-1110 - 5.4.0-1110.119 linux-headers-5.4.0-1110-gcp - 5.4.0-1110.119 linux-image-5.4.0-1110-gcp - 5.4.0-1110.119 linux-image-unsigned-5.4.0-1110-gcp - 5.4.0-1110.119 linux-modules-5.4.0-1110-gcp - 5.4.0-1110.119 linux-modules-extra-5.4.0-1110-gcp - 5.4.0-1110.119 linux-tools-5.4.0-1110-gcp - 5.4.0-1110.119 No subscription required linux-buildinfo-5.4.0-156-generic - 5.4.0-156.173 linux-buildinfo-5.4.0-156-generic-lpae - 5.4.0-156.173 linux-buildinfo-5.4.0-156-lowlatency - 5.4.0-156.173 linux-cloud-tools-5.4.0-156 - 5.4.0-156.173 linux-cloud-tools-5.4.0-156-generic - 5.4.0-156.173 linux-cloud-tools-5.4.0-156-lowlatency - 5.4.0-156.173 linux-cloud-tools-common - 5.4.0-156.173 linux-doc - 5.4.0-156.173 linux-headers-5.4.0-156 - 5.4.0-156.173 linux-headers-5.4.0-156-generic - 5.4.0-156.173 linux-headers-5.4.0-156-generic-lpae - 5.4.0-156.173 linux-headers-5.4.0-156-lowlatency - 5.4.0-156.173 linux-image-5.4.0-156-generic - 5.4.0-156.173 linux-image-5.4.0-156-generic-lpae - 5.4.0-156.173 linux-image-5.4.0-156-lowlatency - 5.4.0-156.173 linux-image-unsigned-5.4.0-156-generic - 5.4.0-156.173 linux-image-unsigned-5.4.0-156-lowlatency - 5.4.0-156.173 linux-libc-dev - 5.4.0-156.173 linux-modules-5.4.0-156-generic - 5.4.0-156.173 linux-modules-5.4.0-156-generic-lpae - 5.4.0-156.173 linux-modules-5.4.0-156-lowlatency - 5.4.0-156.173 linux-modules-extra-5.4.0-156-generic - 5.4.0-156.173 linux-source-5.4.0 - 5.4.0-156.173 linux-tools-5.4.0-156 - 5.4.0-156.173 linux-tools-5.4.0-156-generic - 5.4.0-156.173 linux-tools-5.4.0-156-generic-lpae - 5.4.0-156.173 linux-tools-5.4.0-156-lowlatency - 5.4.0-156.173 linux-tools-common - 5.4.0-156.173 linux-tools-host - 5.4.0-156.173 No subscription required linux-headers-iot - 5.4.0.1019.17 linux-image-iot - 5.4.0.1019.17 linux-iot - 5.4.0.1019.17 linux-tools-iot - 5.4.0.1019.17 No subscription required linux-cloud-tools-gkeop - 5.4.0.1074.72 linux-cloud-tools-gkeop-5.4 - 5.4.0.1074.72 linux-gkeop - 5.4.0.1074.72 linux-gkeop-5.4 - 5.4.0.1074.72 linux-headers-gkeop - 5.4.0.1074.72 linux-headers-gkeop-5.4 - 5.4.0.1074.72 linux-image-gkeop - 5.4.0.1074.72 linux-image-gkeop-5.4 - 5.4.0.1074.72 linux-modules-extra-gkeop - 5.4.0.1074.72 linux-modules-extra-gkeop-5.4 - 5.4.0.1074.72 linux-tools-gkeop - 5.4.0.1074.72 linux-tools-gkeop-5.4 - 5.4.0.1074.72 No subscription required linux-headers-raspi - 5.4.0.1091.121 linux-headers-raspi-hwe-18.04 - 5.4.0.1091.121 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1091.121 linux-headers-raspi2 - 5.4.0.1091.121 linux-headers-raspi2-hwe-18.04 - 5.4.0.1091.121 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1091.121 linux-image-raspi - 5.4.0.1091.121 linux-image-raspi-hwe-18.04 - 5.4.0.1091.121 linux-image-raspi-hwe-18.04-edge - 5.4.0.1091.121 linux-image-raspi2 - 5.4.0.1091.121 linux-image-raspi2-hwe-18.04 - 5.4.0.1091.121 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1091.121 linux-raspi - 5.4.0.1091.121 linux-raspi-hwe-18.04 - 5.4.0.1091.121 linux-raspi-hwe-18.04-edge - 5.4.0.1091.121 linux-raspi2 - 5.4.0.1091.121 linux-raspi2-hwe-18.04 - 5.4.0.1091.121 linux-raspi2-hwe-18.04-edge - 5.4.0.1091.121 linux-tools-raspi - 5.4.0.1091.121 linux-tools-raspi-hwe-18.04 - 5.4.0.1091.121 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1091.121 linux-tools-raspi2 - 5.4.0.1091.121 linux-tools-raspi2-hwe-18.04 - 5.4.0.1091.121 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1091.121 No subscription required linux-headers-kvm - 5.4.0.1096.91 linux-image-kvm - 5.4.0.1096.91 linux-kvm - 5.4.0.1096.91 linux-tools-kvm - 5.4.0.1096.91 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1106.99 linux-image-oracle-lts-20.04 - 5.4.0.1106.99 linux-oracle-lts-20.04 - 5.4.0.1106.99 linux-tools-oracle-lts-20.04 - 5.4.0.1106.99 No subscription required linux-aws-lts-20.04 - 5.4.0.1107.104 linux-headers-aws-lts-20.04 - 5.4.0.1107.104 linux-image-aws-lts-20.04 - 5.4.0.1107.104 linux-modules-extra-aws-lts-20.04 - 5.4.0.1107.104 linux-tools-aws-lts-20.04 - 5.4.0.1107.104 No subscription required linux-gcp-lts-20.04 - 5.4.0.1110.112 linux-headers-gcp-lts-20.04 - 5.4.0.1110.112 linux-image-gcp-lts-20.04 - 5.4.0.1110.112 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1110.112 linux-tools-gcp-lts-20.04 - 5.4.0.1110.112 No subscription required linux-cloud-tools-generic - 5.4.0.156.152 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.156.152 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.156.152 linux-cloud-tools-lowlatency - 5.4.0.156.152 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.156.152 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.156.152 linux-cloud-tools-virtual - 5.4.0.156.152 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.156.152 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.156.152 linux-crashdump - 5.4.0.156.152 linux-generic - 5.4.0.156.152 linux-generic-hwe-18.04 - 5.4.0.156.152 linux-generic-hwe-18.04-edge - 5.4.0.156.152 linux-generic-lpae - 5.4.0.156.152 linux-generic-lpae-hwe-18.04 - 5.4.0.156.152 linux-generic-lpae-hwe-18.04-edge - 5.4.0.156.152 linux-headers-generic - 5.4.0.156.152 linux-headers-generic-hwe-18.04 - 5.4.0.156.152 linux-headers-generic-hwe-18.04-edge - 5.4.0.156.152 linux-headers-generic-lpae - 5.4.0.156.152 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.156.152 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.156.152 linux-headers-lowlatency - 5.4.0.156.152 linux-headers-lowlatency-hwe-18.04 - 5.4.0.156.152 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.156.152 linux-headers-oem - 5.4.0.156.152 linux-headers-oem-osp1 - 5.4.0.156.152 linux-headers-virtual - 5.4.0.156.152 linux-headers-virtual-hwe-18.04 - 5.4.0.156.152 linux-headers-virtual-hwe-18.04-edge - 5.4.0.156.152 linux-image-extra-virtual - 5.4.0.156.152 linux-image-extra-virtual-hwe-18.04 - 5.4.0.156.152 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.156.152 linux-image-generic - 5.4.0.156.152 linux-image-generic-hwe-18.04 - 5.4.0.156.152 linux-image-generic-hwe-18.04-edge - 5.4.0.156.152 linux-image-generic-lpae - 5.4.0.156.152 linux-image-generic-lpae-hwe-18.04 - 5.4.0.156.152 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.156.152 linux-image-lowlatency - 5.4.0.156.152 linux-image-lowlatency-hwe-18.04 - 5.4.0.156.152 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.156.152 linux-image-oem - 5.4.0.156.152 linux-image-oem-osp1 - 5.4.0.156.152 linux-image-virtual - 5.4.0.156.152 linux-image-virtual-hwe-18.04 - 5.4.0.156.152 linux-image-virtual-hwe-18.04-edge - 5.4.0.156.152 linux-lowlatency - 5.4.0.156.152 linux-lowlatency-hwe-18.04 - 5.4.0.156.152 linux-lowlatency-hwe-18.04-edge - 5.4.0.156.152 linux-oem - 5.4.0.156.152 linux-oem-osp1 - 5.4.0.156.152 linux-oem-osp1-tools-host - 5.4.0.156.152 linux-oem-tools-host - 5.4.0.156.152 linux-source - 5.4.0.156.152 linux-tools-generic - 5.4.0.156.152 linux-tools-generic-hwe-18.04 - 5.4.0.156.152 linux-tools-generic-hwe-18.04-edge - 5.4.0.156.152 linux-tools-generic-lpae - 5.4.0.156.152 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.156.152 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.156.152 linux-tools-lowlatency - 5.4.0.156.152 linux-tools-lowlatency-hwe-18.04 - 5.4.0.156.152 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.156.152 linux-tools-oem - 5.4.0.156.152 linux-tools-oem-osp1 - 5.4.0.156.152 linux-tools-virtual - 5.4.0.156.152 linux-tools-virtual-hwe-18.04 - 5.4.0.156.152 linux-tools-virtual-hwe-18.04-edge - 5.4.0.156.152 linux-virtual - 5.4.0.156.152 linux-virtual-hwe-18.04 - 5.4.0.156.152 linux-virtual-hwe-18.04-edge - 5.4.0.156.152 No subscription required Medium CVE-2020-36691 CVE-2022-0168 CVE-2022-1184 CVE-2022-27672 CVE-2022-4269 CVE-2023-0590 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2124 CVE-2023-2194 CVE-2023-28466 CVE-2023-30772 CVE-2023-3111 CVE-2023-3141 CVE-2023-33203 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) It was discovered that some Intel(R) Xeon(R) Processors did not properly restrict error injection for Intel(R) SGX or Intel(R) TDX. A local privileged user could use this to further escalate their privileges. (CVE-2022-41804) It was discovered that some 3rd Generation Intel(R) Xeon(R) Scalable processors did not properly restrict access in some situations. A local privileged attacker could use this to obtain sensitive information. (CVE-2023-23908) Update Instructions: Run `sudo pro fix USN-6286-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20230808.0ubuntu0.20.04.1 No subscription required Medium CVE-2022-40982 CVE-2022-41804 CVE-2023-23908 Ubuntu 20.04 LTS Simon Ferquel discovered that the Go yaml package incorrectly handled certain YAML documents. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause the system to crash, resulting in a denial of service. (CVE-2021-4235) It was discovered that the Go yaml package incorrectly handled certain large YAML documents. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause the system to crash, resulting in a denial of service. (CVE-2022-3064) Update Instructions: Run `sudo pro fix USN-6287-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-gopkg-yaml.v2-dev - 2.2.2-1ubuntu0.1 golang-yaml.v2-dev - 2.2.2-1ubuntu0.1 No subscription required Medium CVE-2021-4235 CVE-2022-3064 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.34 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-34.html https://www.oracle.com/security-alerts/cpujul2023.html Update Instructions: Run `sudo pro fix USN-6288-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmysqlclient-dev - 8.0.34-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.34-0ubuntu0.20.04.1 mysql-client - 8.0.34-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.34-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.34-0ubuntu0.20.04.1 mysql-router - 8.0.34-0ubuntu0.20.04.1 mysql-server - 8.0.34-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.34-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.34-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.34-0ubuntu0.20.04.1 mysql-testsuite - 8.0.34-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.34-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-22005 CVE-2023-22008 CVE-2023-22033 CVE-2023-22038 CVE-2023-22046 CVE-2023-22048 CVE-2023-22053 CVE-2023-22054 CVE-2023-22056 CVE-2023-22057 CVE-2023-22058 Ubuntu 20.04 LTS It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-48281) It was discovered that LibTIFF incorrectly handled certain image files. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. (CVE-2023-2731) It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service. (CVE-2023-2908) It was discovered that LibTIFF incorrectly handled certain file paths. If a user were tricked into specifying certain output paths, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-3316) It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2023-3618) It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-25433, CVE-2023-26966) It was discovered that LibTIFF did not properly managed memory when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-26965) It was discovered that LibTIFF contained an arithmetic overflow. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause a denial of service. (CVE-2023-38288, CVE-2023-38289) Update Instructions: Run `sudo pro fix USN-6290-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.9 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.9 libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.9 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.9 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.9 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.9 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.9 No subscription required Medium CVE-2022-48281 CVE-2023-25433 CVE-2023-26965 CVE-2023-26966 CVE-2023-2731 CVE-2023-2908 CVE-2023-3316 CVE-2023-3618 CVE-2023-38288 CVE-2023-38289 Ubuntu 20.04 LTS USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length headers. A remote attacker could possibly use this issue to manipulate the payload and bypass certain restrictions. Update Instructions: Run `sudo pro fix USN-6294-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.31-0ubuntu0.2 haproxy-doc - 2.0.31-0ubuntu0.2 vim-haproxy - 2.0.31-0ubuntu0.2 No subscription required Medium CVE-2023-40225 Ubuntu 20.04 LTS It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREATE privileges can use this issue to execute arbitrary code as the bootstrap superuser. (CVE-2023-39417) It was discovered that PostgreSQL incorrectly handled the MERGE command. A remote attacker could possibly use this issue to bypass certain UPDATE and SELECT policies. This issue only affected Ubuntu 23.04. (CVE-2023-39418) Update Instructions: Run `sudo pro fix USN-6296-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libecpg-compat3 - 12.16-0ubuntu0.20.04.1 libecpg-dev - 12.16-0ubuntu0.20.04.1 libecpg6 - 12.16-0ubuntu0.20.04.1 libpgtypes3 - 12.16-0ubuntu0.20.04.1 libpq-dev - 12.16-0ubuntu0.20.04.1 libpq5 - 12.16-0ubuntu0.20.04.1 postgresql-12 - 12.16-0ubuntu0.20.04.1 postgresql-client-12 - 12.16-0ubuntu0.20.04.1 postgresql-doc-12 - 12.16-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.16-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.16-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.16-0ubuntu0.20.04.1 postgresql-server-dev-12 - 12.16-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-39417 CVE-2023-39418 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled outputting certain PDF files. A local attacker could potentially use this issue to cause a crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6297-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.9 ghostscript-doc - 9.50~dfsg-5ubuntu4.9 ghostscript-x - 9.50~dfsg-5ubuntu4.9 libgs-dev - 9.50~dfsg-5ubuntu4.9 libgs9 - 9.50~dfsg-5ubuntu4.9 libgs9-common - 9.50~dfsg-5ubuntu4.9 No subscription required Medium CVE-2023-38559 Ubuntu 20.04 LTS Liu Zhu discovered that ZZIPlib incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2018-7727) YiMing Liu discovered that ZZIPlib incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-18442) Update Instructions: Run `sudo pro fix USN-6298-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libzzip-0-13 - 0.13.62-3.2ubuntu1.1 libzzip-dev - 0.13.62-3.2ubuntu1.1 zziplib-bin - 0.13.62-3.2ubuntu1.1 No subscription required Low CVE-2018-7727 CVE-2020-18442 Ubuntu 20.04 LTS It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-36023, CVE-2020-36024) Update Instructions: Run `sudo pro fix USN-6299-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-poppler-0.18 - 0.86.1-0ubuntu1.3 libpoppler-cpp-dev - 0.86.1-0ubuntu1.3 libpoppler-cpp0v5 - 0.86.1-0ubuntu1.3 libpoppler-dev - 0.86.1-0ubuntu1.3 libpoppler-glib-dev - 0.86.1-0ubuntu1.3 libpoppler-glib-doc - 0.86.1-0ubuntu1.3 libpoppler-glib8 - 0.86.1-0ubuntu1.3 libpoppler-private-dev - 0.86.1-0ubuntu1.3 libpoppler-qt5-1 - 0.86.1-0ubuntu1.3 libpoppler-qt5-dev - 0.86.1-0ubuntu1.3 libpoppler97 - 0.86.1-0ubuntu1.3 poppler-utils - 0.86.1-0ubuntu1.3 No subscription required Medium CVE-2020-36023 CVE-2020-36024 Ubuntu 20.04 LTS William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-48502) Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that the perf subsystem in the Linux kernel contained a use-after-free vulnerability. A privileged local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2235) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly validate pointers in some situations, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-32248) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) It was discovered that the BQ24190 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33288) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) It was discovered that the Rockchip Video Decoder IP driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35829) Update Instructions: Run `sudo pro fix USN-6300-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-cloud-tools-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-headers-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-image-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-image-unsigned-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1037 - 5.15.0-1037.42~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1037.42~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1037 - 5.15.0-1037.42~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1037 - 5.15.0-1037.42~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1037.42~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1037.42~20.04.1 linux-modules-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-modules-extra-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-modules-iwlwifi-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-tools-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 No subscription required linux-buildinfo-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 linux-headers-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 linux-image-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 linux-image-unsigned-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 linux-modules-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 linux-modules-extra-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 linux-oracle-5.15-headers-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-oracle-5.15-tools-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-tools-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1041 - 5.15.0-1041.46~20.04.1 linux-aws-5.15-headers-5.15.0-1041 - 5.15.0-1041.46~20.04.1 linux-aws-5.15-tools-5.15.0-1041 - 5.15.0-1041.46~20.04.1 linux-buildinfo-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-cloud-tools-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-headers-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-image-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-image-unsigned-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-modules-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-modules-extra-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-tools-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 No subscription required linux-buildinfo-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-buildinfo-5.15.0-79-generic-64k - 5.15.0-79.86~20.04.2 linux-buildinfo-5.15.0-79-generic-lpae - 5.15.0-79.86~20.04.2 linux-cloud-tools-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-headers-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-headers-5.15.0-79-generic-64k - 5.15.0-79.86~20.04.2 linux-headers-5.15.0-79-generic-lpae - 5.15.0-79.86~20.04.2 linux-hwe-5.15-cloud-tools-5.15.0-79 - 5.15.0-79.86~20.04.2 linux-hwe-5.15-cloud-tools-common - 5.15.0-79.86~20.04.2 linux-hwe-5.15-headers-5.15.0-79 - 5.15.0-79.86~20.04.2 linux-hwe-5.15-source-5.15.0 - 5.15.0-79.86~20.04.2 linux-hwe-5.15-tools-5.15.0-79 - 5.15.0-79.86~20.04.2 linux-hwe-5.15-tools-common - 5.15.0-79.86~20.04.2 linux-hwe-5.15-tools-host - 5.15.0-79.86~20.04.2 linux-image-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-image-5.15.0-79-generic-64k - 5.15.0-79.86~20.04.2 linux-image-5.15.0-79-generic-lpae - 5.15.0-79.86~20.04.2 linux-image-unsigned-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-image-unsigned-5.15.0-79-generic-64k - 5.15.0-79.86~20.04.2 linux-modules-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-modules-5.15.0-79-generic-64k - 5.15.0-79.86~20.04.2 linux-modules-5.15.0-79-generic-lpae - 5.15.0-79.86~20.04.2 linux-modules-extra-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-modules-iwlwifi-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-tools-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-tools-5.15.0-79-generic-64k - 5.15.0-79.86~20.04.2 linux-tools-5.15.0-79-generic-lpae - 5.15.0-79.86~20.04.2 No subscription required linux-buildinfo-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-buildinfo-5.15.0-79-lowlatency-64k - 5.15.0-79.88~20.04.1 linux-cloud-tools-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-headers-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-headers-5.15.0-79-lowlatency-64k - 5.15.0-79.88~20.04.1 linux-image-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-image-5.15.0-79-lowlatency-64k - 5.15.0-79.88~20.04.1 linux-image-unsigned-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-image-unsigned-5.15.0-79-lowlatency-64k - 5.15.0-79.88~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-79 - 5.15.0-79.88~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-79.88~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-79 - 5.15.0-79.88~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-79 - 5.15.0-79.88~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-79.88~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-79.88~20.04.1 linux-modules-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-modules-5.15.0-79-lowlatency-64k - 5.15.0-79.88~20.04.1 linux-modules-iwlwifi-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-tools-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-tools-5.15.0-79-lowlatency-64k - 5.15.0-79.88~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1037.42~20.04.27 linux-headers-intel - 5.15.0.1037.42~20.04.27 linux-headers-intel-iotg - 5.15.0.1037.42~20.04.27 linux-headers-intel-iotg-edge - 5.15.0.1037.42~20.04.27 linux-image-intel - 5.15.0.1037.42~20.04.27 linux-image-intel-iotg - 5.15.0.1037.42~20.04.27 linux-image-intel-iotg-edge - 5.15.0.1037.42~20.04.27 linux-intel - 5.15.0.1037.42~20.04.27 linux-intel-iotg - 5.15.0.1037.42~20.04.27 linux-intel-iotg-edge - 5.15.0.1037.42~20.04.27 linux-tools-intel - 5.15.0.1037.42~20.04.27 linux-tools-intel-iotg - 5.15.0.1037.42~20.04.27 linux-tools-intel-iotg-edge - 5.15.0.1037.42~20.04.27 No subscription required linux-headers-oracle - 5.15.0.1040.46~20.04.1 linux-headers-oracle-edge - 5.15.0.1040.46~20.04.1 linux-image-oracle - 5.15.0.1040.46~20.04.1 linux-image-oracle-edge - 5.15.0.1040.46~20.04.1 linux-oracle - 5.15.0.1040.46~20.04.1 linux-oracle-edge - 5.15.0.1040.46~20.04.1 linux-tools-oracle - 5.15.0.1040.46~20.04.1 linux-tools-oracle-edge - 5.15.0.1040.46~20.04.1 No subscription required linux-aws - 5.15.0.1041.46~20.04.30 linux-aws-edge - 5.15.0.1041.46~20.04.30 linux-headers-aws - 5.15.0.1041.46~20.04.30 linux-headers-aws-edge - 5.15.0.1041.46~20.04.30 linux-image-aws - 5.15.0.1041.46~20.04.30 linux-image-aws-edge - 5.15.0.1041.46~20.04.30 linux-modules-extra-aws - 5.15.0.1041.46~20.04.30 linux-modules-extra-aws-edge - 5.15.0.1041.46~20.04.30 linux-tools-aws - 5.15.0.1041.46~20.04.30 linux-tools-aws-edge - 5.15.0.1041.46~20.04.30 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-generic-64k-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-generic-64k-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-generic-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-generic-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-generic-lpae-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-generic-lpae-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-headers-generic-64k-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-headers-generic-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-headers-generic-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-headers-oem-20.04 - 5.15.0.79.86~20.04.39 linux-headers-oem-20.04b - 5.15.0.79.86~20.04.39 linux-headers-oem-20.04c - 5.15.0.79.86~20.04.39 linux-headers-oem-20.04d - 5.15.0.79.86~20.04.39 linux-headers-virtual-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-headers-virtual-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-image-extra-virtual-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-image-generic-64k-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-image-generic-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-image-generic-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-image-generic-lpae-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-image-oem-20.04 - 5.15.0.79.86~20.04.39 linux-image-oem-20.04b - 5.15.0.79.86~20.04.39 linux-image-oem-20.04c - 5.15.0.79.86~20.04.39 linux-image-oem-20.04d - 5.15.0.79.86~20.04.39 linux-image-virtual-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-image-virtual-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-modules-iwlwifi-oem-20.04 - 5.15.0.79.86~20.04.39 linux-modules-iwlwifi-oem-20.04d - 5.15.0.79.86~20.04.39 linux-oem-20.04 - 5.15.0.79.86~20.04.39 linux-oem-20.04b - 5.15.0.79.86~20.04.39 linux-oem-20.04c - 5.15.0.79.86~20.04.39 linux-oem-20.04d - 5.15.0.79.86~20.04.39 linux-tools-generic-64k-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-tools-generic-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-tools-generic-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-tools-oem-20.04 - 5.15.0.79.86~20.04.39 linux-tools-oem-20.04b - 5.15.0.79.86~20.04.39 linux-tools-oem-20.04c - 5.15.0.79.86~20.04.39 linux-tools-oem-20.04d - 5.15.0.79.86~20.04.39 linux-tools-virtual-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-tools-virtual-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-virtual-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-virtual-hwe-20.04-edge - 5.15.0.79.86~20.04.39 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-headers-lowlatency-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-image-lowlatency-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-lowlatency-64k-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-lowlatency-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-lowlatency-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-tools-lowlatency-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.79.88~20.04.36 No subscription required Medium CVE-2022-4269 CVE-2022-48502 CVE-2023-0597 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2002 CVE-2023-2124 CVE-2023-2163 CVE-2023-2194 CVE-2023-2235 CVE-2023-2269 CVE-2023-23004 CVE-2023-28466 CVE-2023-30772 CVE-2023-3141 CVE-2023-32248 CVE-2023-3268 CVE-2023-33203 CVE-2023-33288 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-35829 Ubuntu 20.04 LTS It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service (infinite recursion). (CVE-2020-36691) Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl() in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-0168) It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2022-1184) It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the btrfs file system implementation in the Linux kernel did not properly handle error conditions in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-3111) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) Update Instructions: Run `sudo pro fix USN-6301-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1027-xilinx-zynqmp - 5.4.0-1027.31 linux-headers-5.4.0-1027-xilinx-zynqmp - 5.4.0-1027.31 linux-image-5.4.0-1027-xilinx-zynqmp - 5.4.0-1027.31 linux-modules-5.4.0-1027-xilinx-zynqmp - 5.4.0-1027.31 linux-tools-5.4.0-1027-xilinx-zynqmp - 5.4.0-1027.31 linux-xilinx-zynqmp-headers-5.4.0-1027 - 5.4.0-1027.31 linux-xilinx-zynqmp-tools-5.4.0-1027 - 5.4.0-1027.31 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1027.29 linux-image-xilinx-zynqmp - 5.4.0.1027.29 linux-tools-xilinx-zynqmp - 5.4.0.1027.29 linux-xilinx-zynqmp - 5.4.0.1027.29 No subscription required Medium CVE-2020-36691 CVE-2022-0168 CVE-2022-1184 CVE-2022-27672 CVE-2022-4269 CVE-2023-0590 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2124 CVE-2023-2194 CVE-2023-28466 CVE-2023-30772 CVE-2023-3111 CVE-2023-3141 CVE-2023-33203 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2522, CVE-2022-2580, CVE-2022-2817, CVE-2022-2819, CVE-2022-2862, CVE-2022-2889, CVE-2022-2982, CVE-2022-3134) It was discovered that Vim did not properly perform bounds checks in the diff mode in certain situations. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-2598) It was discovered that Vim did not properly perform bounds checks in certain situations. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2816) It was discovered that Vim incorrectly handled memory when skipping compiled code. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2874) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-3016, CVE-2022-3037) It was discovered that Vim incorrectly handled memory when invalid line number on ":for" is ignored. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-3099) It was discovered that Vim incorrectly handled memory when passing invalid arguments to the assert_fails() method. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-3153) Update Instructions: Run `sudo pro fix USN-6302-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:8.1.2269-1ubuntu5.17 vim-athena - 2:8.1.2269-1ubuntu5.17 vim-common - 2:8.1.2269-1ubuntu5.17 vim-doc - 2:8.1.2269-1ubuntu5.17 vim-gtk - 2:8.1.2269-1ubuntu5.17 vim-gtk3 - 2:8.1.2269-1ubuntu5.17 vim-gui-common - 2:8.1.2269-1ubuntu5.17 vim-nox - 2:8.1.2269-1ubuntu5.17 vim-runtime - 2:8.1.2269-1ubuntu5.17 vim-tiny - 2:8.1.2269-1ubuntu5.17 xxd - 2:8.1.2269-1ubuntu5.17 No subscription required Medium CVE-2022-2522 CVE-2022-2580 CVE-2022-2598 CVE-2022-2816 CVE-2022-2817 CVE-2022-2819 CVE-2022-2862 CVE-2022-2874 CVE-2022-2889 CVE-2022-2982 CVE-2022-3016 CVE-2022-3037 CVE-2022-3099 CVE-2022-3134 CVE-2022-3153 Ubuntu 20.04 LTS It was discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6303-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: clamav - 0.103.9+dfsg-0ubuntu0.20.04.1 clamav-base - 0.103.9+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.103.9+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.103.9+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.103.9+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.103.9+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.103.9+dfsg-0ubuntu0.20.04.1 clamdscan - 0.103.9+dfsg-0ubuntu0.20.04.1 libclamav-dev - 0.103.9+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.103.9+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-20197 Ubuntu 20.04 LTS It was discovered that telnetd in GNU Inetutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS (CVE-2022-39028) It was discovered that Inetutils incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information, or execute arbitrary code. (CVE-2023-40303) Update Instructions: Run `sudo pro fix USN-6304-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: inetutils-ftp - 2:1.9.4-11ubuntu0.2 inetutils-ftpd - 2:1.9.4-11ubuntu0.2 inetutils-inetd - 2:1.9.4-11ubuntu0.2 inetutils-ping - 2:1.9.4-11ubuntu0.2 inetutils-syslogd - 2:1.9.4-11ubuntu0.2 inetutils-talk - 2:1.9.4-11ubuntu0.2 inetutils-talkd - 2:1.9.4-11ubuntu0.2 inetutils-telnet - 2:1.9.4-11ubuntu0.2 inetutils-telnetd - 2:1.9.4-11ubuntu0.2 inetutils-tools - 2:1.9.4-11ubuntu0.2 inetutils-traceroute - 2:1.9.4-11ubuntu0.2 No subscription required Medium CVE-2022-39028 CVE-2023-40303 Ubuntu 20.04 LTS USN-6305-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. (CVE-2023-3823) It was discovered that PHP incorrectly handled certain PHAR files. An attacker could possibly use this issue to cause a crash, expose sensitive information or execute arbitrary code. (CVE-2023-3824) Update Instructions: Run `sudo pro fix USN-6305-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-php7.4 - 7.4.3-4ubuntu2.20 libphp7.4-embed - 7.4.3-4ubuntu2.20 php7.4 - 7.4.3-4ubuntu2.20 php7.4-bcmath - 7.4.3-4ubuntu2.20 php7.4-bz2 - 7.4.3-4ubuntu2.20 php7.4-cgi - 7.4.3-4ubuntu2.20 php7.4-cli - 7.4.3-4ubuntu2.20 php7.4-common - 7.4.3-4ubuntu2.20 php7.4-curl - 7.4.3-4ubuntu2.20 php7.4-dba - 7.4.3-4ubuntu2.20 php7.4-dev - 7.4.3-4ubuntu2.20 php7.4-enchant - 7.4.3-4ubuntu2.20 php7.4-fpm - 7.4.3-4ubuntu2.20 php7.4-gd - 7.4.3-4ubuntu2.20 php7.4-gmp - 7.4.3-4ubuntu2.20 php7.4-imap - 7.4.3-4ubuntu2.20 php7.4-interbase - 7.4.3-4ubuntu2.20 php7.4-intl - 7.4.3-4ubuntu2.20 php7.4-json - 7.4.3-4ubuntu2.20 php7.4-ldap - 7.4.3-4ubuntu2.20 php7.4-mbstring - 7.4.3-4ubuntu2.20 php7.4-mysql - 7.4.3-4ubuntu2.20 php7.4-odbc - 7.4.3-4ubuntu2.20 php7.4-opcache - 7.4.3-4ubuntu2.20 php7.4-pgsql - 7.4.3-4ubuntu2.20 php7.4-phpdbg - 7.4.3-4ubuntu2.20 php7.4-pspell - 7.4.3-4ubuntu2.20 php7.4-readline - 7.4.3-4ubuntu2.20 php7.4-snmp - 7.4.3-4ubuntu2.20 php7.4-soap - 7.4.3-4ubuntu2.20 php7.4-sqlite3 - 7.4.3-4ubuntu2.20 php7.4-sybase - 7.4.3-4ubuntu2.20 php7.4-tidy - 7.4.3-4ubuntu2.20 php7.4-xml - 7.4.3-4ubuntu2.20 php7.4-xmlrpc - 7.4.3-4ubuntu2.20 php7.4-xsl - 7.4.3-4ubuntu2.20 php7.4-zip - 7.4.3-4ubuntu2.20 No subscription required Medium CVE-2023-3823 CVE-2023-3824 https://launchpad.net/bugs/2054511 Ubuntu 20.04 LTS It was discovered that JOSE for C/C++ AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. An attacker could use this to cause a denial of service (system crash) or might expose sensitive information. Update Instructions: Run `sudo pro fix USN-6307-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcjose-dev - 0.6.1+dfsg1-1ubuntu0.1 libcjose0 - 0.6.1+dfsg1-1ubuntu0.1 No subscription required Medium CVE-2023-37464 Ubuntu 20.04 LTS William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-48502) Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that the perf subsystem in the Linux kernel contained a use-after-free vulnerability. A privileged local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2235) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly validate pointers in some situations, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-32248) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) It was discovered that the BQ24190 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33288) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) It was discovered that the Rockchip Video Decoder IP driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35829) Update Instructions: Run `sudo pro fix USN-6311-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-cloud-tools-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1025 - 5.15.0-1025.30~20.04.1 linux-gkeop-5.15-headers-5.15.0-1025 - 5.15.0-1025.30~20.04.1 linux-gkeop-5.15-tools-5.15.0-1025 - 5.15.0-1025.30~20.04.1 linux-headers-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-image-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-image-unsigned-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-modules-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-modules-extra-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-tools-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 No subscription required linux-buildinfo-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-gke-5.15-headers-5.15.0-1039 - 5.15.0-1039.44~20.04.1 linux-gke-5.15-tools-5.15.0-1039 - 5.15.0-1039.44~20.04.1 linux-headers-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-image-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-image-unsigned-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-modules-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-modules-extra-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-modules-iwlwifi-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-tools-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 No subscription required linux-buildinfo-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-gcp-5.15-headers-5.15.0-1039 - 5.15.0-1039.47~20.04.1 linux-gcp-5.15-tools-5.15.0-1039 - 5.15.0-1039.47~20.04.1 linux-headers-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-image-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-image-unsigned-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-modules-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-modules-extra-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-modules-iwlwifi-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-tools-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1025.30~20.04.21 linux-cloud-tools-gkeop-edge - 5.15.0.1025.30~20.04.21 linux-gkeop-5.15 - 5.15.0.1025.30~20.04.21 linux-gkeop-edge - 5.15.0.1025.30~20.04.21 linux-headers-gkeop-5.15 - 5.15.0.1025.30~20.04.21 linux-headers-gkeop-edge - 5.15.0.1025.30~20.04.21 linux-image-gkeop-5.15 - 5.15.0.1025.30~20.04.21 linux-image-gkeop-edge - 5.15.0.1025.30~20.04.21 linux-modules-extra-gkeop-5.15 - 5.15.0.1025.30~20.04.21 linux-modules-extra-gkeop-edge - 5.15.0.1025.30~20.04.21 linux-tools-gkeop-5.15 - 5.15.0.1025.30~20.04.21 linux-tools-gkeop-edge - 5.15.0.1025.30~20.04.21 No subscription required linux-gke-5.15 - 5.15.0.1039.44~20.04.1 linux-gke-edge - 5.15.0.1039.44~20.04.1 linux-headers-gke-5.15 - 5.15.0.1039.44~20.04.1 linux-headers-gke-edge - 5.15.0.1039.44~20.04.1 linux-image-gke-5.15 - 5.15.0.1039.44~20.04.1 linux-image-gke-edge - 5.15.0.1039.44~20.04.1 linux-tools-gke-5.15 - 5.15.0.1039.44~20.04.1 linux-tools-gke-edge - 5.15.0.1039.44~20.04.1 No subscription required linux-gcp - 5.15.0.1039.47~20.04.1 linux-gcp-edge - 5.15.0.1039.47~20.04.1 linux-headers-gcp - 5.15.0.1039.47~20.04.1 linux-headers-gcp-edge - 5.15.0.1039.47~20.04.1 linux-image-gcp - 5.15.0.1039.47~20.04.1 linux-image-gcp-edge - 5.15.0.1039.47~20.04.1 linux-modules-extra-gcp - 5.15.0.1039.47~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1039.47~20.04.1 linux-tools-gcp - 5.15.0.1039.47~20.04.1 linux-tools-gcp-edge - 5.15.0.1039.47~20.04.1 No subscription required Medium CVE-2022-4269 CVE-2022-48502 CVE-2023-0597 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2002 CVE-2023-2124 CVE-2023-2163 CVE-2023-2194 CVE-2023-2235 CVE-2023-2269 CVE-2023-23004 CVE-2023-28466 CVE-2023-30772 CVE-2023-3141 CVE-2023-32248 CVE-2023-3268 CVE-2023-33203 CVE-2023-33288 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-35829 Ubuntu 20.04 LTS It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service (infinite recursion). (CVE-2020-36691) Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl() in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-0168) It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2022-1184) It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the btrfs file system implementation in the Linux kernel did not properly handle error conditions in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-3111) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) Update Instructions: Run `sudo pro fix USN-6312-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1105-gke - 5.4.0-1105.112 linux-gke-headers-5.4.0-1105 - 5.4.0-1105.112 linux-gke-tools-5.4.0-1105 - 5.4.0-1105.112 linux-headers-5.4.0-1105-gke - 5.4.0-1105.112 linux-image-5.4.0-1105-gke - 5.4.0-1105.112 linux-image-unsigned-5.4.0-1105-gke - 5.4.0-1105.112 linux-modules-5.4.0-1105-gke - 5.4.0-1105.112 linux-modules-extra-5.4.0-1105-gke - 5.4.0-1105.112 linux-tools-5.4.0-1105-gke - 5.4.0-1105.112 No subscription required linux-gke - 5.4.0.1105.110 linux-gke-5.4 - 5.4.0.1105.110 linux-headers-gke - 5.4.0.1105.110 linux-headers-gke-5.4 - 5.4.0.1105.110 linux-image-gke - 5.4.0.1105.110 linux-image-gke-5.4 - 5.4.0.1105.110 linux-modules-extra-gke - 5.4.0.1105.110 linux-modules-extra-gke-5.4 - 5.4.0.1105.110 linux-tools-gke - 5.4.0.1105.110 linux-tools-gke-5.4 - 5.4.0.1105.110 No subscription required Medium CVE-2020-36691 CVE-2022-0168 CVE-2022-1184 CVE-2022-27672 CVE-2022-4269 CVE-2023-0590 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2124 CVE-2023-2194 CVE-2023-28466 CVE-2023-30772 CVE-2023-3111 CVE-2023-3141 CVE-2023-33203 Ubuntu 20.04 LTS It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-32272, CVE-2021-32273, CVE-2021-32274, CVE-2021-32277, CVE-2021-32278, CVE-2023-38857, CVE-2023-38858) It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-32276) Update Instructions: Run `sudo pro fix USN-6313-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: faad - 2.9.1-1ubuntu0.1 libfaad-dev - 2.9.1-1ubuntu0.1 libfaad2 - 2.9.1-1ubuntu0.1 No subscription required Medium CVE-2021-32272 CVE-2021-32273 CVE-2021-32274 CVE-2021-32276 CVE-2021-32277 CVE-2021-32278 CVE-2023-38857 CVE-2023-38858 Ubuntu 20.04 LTS It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service (infinite recursion). (CVE-2020-36691) Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl() in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-0168) It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2022-1184) It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the btrfs file system implementation in the Linux kernel did not properly handle error conditions in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-3111) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) Update Instructions: Run `sudo pro fix USN-6314-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1054-ibm - 5.4.0-1054.59 linux-headers-5.4.0-1054-ibm - 5.4.0-1054.59 linux-ibm-cloud-tools-common - 5.4.0-1054.59 linux-ibm-headers-5.4.0-1054 - 5.4.0-1054.59 linux-ibm-source-5.4.0 - 5.4.0-1054.59 linux-ibm-tools-5.4.0-1054 - 5.4.0-1054.59 linux-ibm-tools-common - 5.4.0-1054.59 linux-image-5.4.0-1054-ibm - 5.4.0-1054.59 linux-image-unsigned-5.4.0-1054-ibm - 5.4.0-1054.59 linux-modules-5.4.0-1054-ibm - 5.4.0-1054.59 linux-modules-extra-5.4.0-1054-ibm - 5.4.0-1054.59 linux-tools-5.4.0-1054-ibm - 5.4.0-1054.59 No subscription required linux-bluefield-headers-5.4.0-1068 - 5.4.0-1068.74 linux-bluefield-tools-5.4.0-1068 - 5.4.0-1068.74 linux-buildinfo-5.4.0-1068-bluefield - 5.4.0-1068.74 linux-headers-5.4.0-1068-bluefield - 5.4.0-1068.74 linux-image-5.4.0-1068-bluefield - 5.4.0-1068.74 linux-image-unsigned-5.4.0-1068-bluefield - 5.4.0-1068.74 linux-modules-5.4.0-1068-bluefield - 5.4.0-1068.74 linux-tools-5.4.0-1068-bluefield - 5.4.0-1068.74 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1054.83 linux-ibm-lts-20.04 - 5.4.0.1054.83 linux-image-ibm-lts-20.04 - 5.4.0.1054.83 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1054.83 linux-tools-ibm-lts-20.04 - 5.4.0.1054.83 No subscription required linux-bluefield - 5.4.0.1068.63 linux-headers-bluefield - 5.4.0.1068.63 linux-image-bluefield - 5.4.0.1068.63 linux-tools-bluefield - 5.4.0.1068.63 No subscription required Medium CVE-2020-36691 CVE-2022-0168 CVE-2022-1184 CVE-2022-27672 CVE-2022-4269 CVE-2023-0590 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2124 CVE-2023-2194 CVE-2023-28466 CVE-2023-30772 CVE-2023-3111 CVE-2023-3141 CVE-2023-33203 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3610) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle table rules flush in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3777) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle rule additions to bound chains in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3995) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4015) Update Instructions: Run `sudo pro fix USN-6315-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 linux-headers-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 linux-image-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 linux-image-unsigned-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 linux-modules-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 linux-modules-extra-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 linux-oracle-5.15-headers-5.15.0-1041 - 5.15.0-1041.47~20.04.1 linux-oracle-5.15-tools-5.15.0-1041 - 5.15.0-1041.47~20.04.1 linux-tools-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1043 - 5.15.0-1043.48~20.04.1 linux-aws-5.15-headers-5.15.0-1043 - 5.15.0-1043.48~20.04.1 linux-aws-5.15-tools-5.15.0-1043 - 5.15.0-1043.48~20.04.1 linux-buildinfo-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-cloud-tools-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-headers-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-image-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-image-unsigned-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-modules-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-modules-extra-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-tools-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 No subscription required linux-buildinfo-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-buildinfo-5.15.0-82-generic-64k - 5.15.0-82.91~20.04.1 linux-buildinfo-5.15.0-82-generic-lpae - 5.15.0-82.91~20.04.1 linux-buildinfo-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-buildinfo-5.15.0-82-lowlatency-64k - 5.15.0-82.91~20.04.1 linux-cloud-tools-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-cloud-tools-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-headers-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-headers-5.15.0-82-generic-64k - 5.15.0-82.91~20.04.1 linux-headers-5.15.0-82-generic-lpae - 5.15.0-82.91~20.04.1 linux-headers-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-headers-5.15.0-82-lowlatency-64k - 5.15.0-82.91~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-82 - 5.15.0-82.91~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-82.91~20.04.1 linux-hwe-5.15-headers-5.15.0-82 - 5.15.0-82.91~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-82.91~20.04.1 linux-hwe-5.15-tools-5.15.0-82 - 5.15.0-82.91~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-82.91~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-82.91~20.04.1 linux-image-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-image-5.15.0-82-generic-64k - 5.15.0-82.91~20.04.1 linux-image-5.15.0-82-generic-lpae - 5.15.0-82.91~20.04.1 linux-image-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-image-5.15.0-82-lowlatency-64k - 5.15.0-82.91~20.04.1 linux-image-unsigned-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-image-unsigned-5.15.0-82-generic-64k - 5.15.0-82.91~20.04.1 linux-image-unsigned-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-image-unsigned-5.15.0-82-lowlatency-64k - 5.15.0-82.91~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-82 - 5.15.0-82.91~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-82.91~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-82 - 5.15.0-82.91~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-82 - 5.15.0-82.91~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-82.91~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-82.91~20.04.1 linux-modules-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-modules-5.15.0-82-generic-64k - 5.15.0-82.91~20.04.1 linux-modules-5.15.0-82-generic-lpae - 5.15.0-82.91~20.04.1 linux-modules-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-modules-5.15.0-82-lowlatency-64k - 5.15.0-82.91~20.04.1 linux-modules-extra-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-modules-iwlwifi-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-modules-iwlwifi-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-tools-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-tools-5.15.0-82-generic-64k - 5.15.0-82.91~20.04.1 linux-tools-5.15.0-82-generic-lpae - 5.15.0-82.91~20.04.1 linux-tools-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-tools-5.15.0-82-lowlatency-64k - 5.15.0-82.91~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1041.47~20.04.1 linux-headers-oracle-edge - 5.15.0.1041.47~20.04.1 linux-image-oracle - 5.15.0.1041.47~20.04.1 linux-image-oracle-edge - 5.15.0.1041.47~20.04.1 linux-oracle - 5.15.0.1041.47~20.04.1 linux-oracle-edge - 5.15.0.1041.47~20.04.1 linux-tools-oracle - 5.15.0.1041.47~20.04.1 linux-tools-oracle-edge - 5.15.0.1041.47~20.04.1 No subscription required linux-aws - 5.15.0.1043.48~20.04.31 linux-aws-edge - 5.15.0.1043.48~20.04.31 linux-headers-aws - 5.15.0.1043.48~20.04.31 linux-headers-aws-edge - 5.15.0.1043.48~20.04.31 linux-image-aws - 5.15.0.1043.48~20.04.31 linux-image-aws-edge - 5.15.0.1043.48~20.04.31 linux-modules-extra-aws - 5.15.0.1043.48~20.04.31 linux-modules-extra-aws-edge - 5.15.0.1043.48~20.04.31 linux-tools-aws - 5.15.0.1043.48~20.04.31 linux-tools-aws-edge - 5.15.0.1043.48~20.04.31 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-headers-lowlatency-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-image-lowlatency-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-lowlatency-64k-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-lowlatency-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-lowlatency-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-tools-lowlatency-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.82.91~20.04.37 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-generic-64k-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-generic-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-generic-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-generic-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-generic-lpae-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-generic-lpae-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-headers-generic-64k-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-headers-generic-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-headers-generic-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-headers-oem-20.04 - 5.15.0.82.91~20.04.40 linux-headers-oem-20.04b - 5.15.0.82.91~20.04.40 linux-headers-oem-20.04c - 5.15.0.82.91~20.04.40 linux-headers-oem-20.04d - 5.15.0.82.91~20.04.40 linux-headers-virtual-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-headers-virtual-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-image-extra-virtual-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-image-generic-64k-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-image-generic-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-image-generic-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-image-generic-lpae-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-image-oem-20.04 - 5.15.0.82.91~20.04.40 linux-image-oem-20.04b - 5.15.0.82.91~20.04.40 linux-image-oem-20.04c - 5.15.0.82.91~20.04.40 linux-image-oem-20.04d - 5.15.0.82.91~20.04.40 linux-image-virtual-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-image-virtual-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-modules-iwlwifi-oem-20.04 - 5.15.0.82.91~20.04.40 linux-modules-iwlwifi-oem-20.04d - 5.15.0.82.91~20.04.40 linux-oem-20.04 - 5.15.0.82.91~20.04.40 linux-oem-20.04b - 5.15.0.82.91~20.04.40 linux-oem-20.04c - 5.15.0.82.91~20.04.40 linux-oem-20.04d - 5.15.0.82.91~20.04.40 linux-tools-generic-64k-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-tools-generic-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-tools-generic-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-tools-oem-20.04 - 5.15.0.82.91~20.04.40 linux-tools-oem-20.04b - 5.15.0.82.91~20.04.40 linux-tools-oem-20.04c - 5.15.0.82.91~20.04.40 linux-tools-oem-20.04d - 5.15.0.82.91~20.04.40 linux-tools-virtual-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-tools-virtual-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-virtual-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-virtual-hwe-20.04-edge - 5.15.0.82.91~20.04.40 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-21400 CVE-2023-3609 CVE-2023-3610 CVE-2023-3611 CVE-2023-3776 CVE-2023-3777 CVE-2023-4004 CVE-2023-4015 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update Instructions: Run `sudo pro fix USN-6317-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1028-xilinx-zynqmp - 5.4.0-1028.32 linux-headers-5.4.0-1028-xilinx-zynqmp - 5.4.0-1028.32 linux-image-5.4.0-1028-xilinx-zynqmp - 5.4.0-1028.32 linux-modules-5.4.0-1028-xilinx-zynqmp - 5.4.0-1028.32 linux-tools-5.4.0-1028-xilinx-zynqmp - 5.4.0-1028.32 linux-xilinx-zynqmp-headers-5.4.0-1028 - 5.4.0-1028.32 linux-xilinx-zynqmp-tools-5.4.0-1028 - 5.4.0-1028.32 No subscription required linux-buildinfo-5.4.0-1097-kvm - 5.4.0-1097.103 linux-headers-5.4.0-1097-kvm - 5.4.0-1097.103 linux-image-5.4.0-1097-kvm - 5.4.0-1097.103 linux-image-unsigned-5.4.0-1097-kvm - 5.4.0-1097.103 linux-kvm-headers-5.4.0-1097 - 5.4.0-1097.103 linux-kvm-tools-5.4.0-1097 - 5.4.0-1097.103 linux-modules-5.4.0-1097-kvm - 5.4.0-1097.103 linux-tools-5.4.0-1097-kvm - 5.4.0-1097.103 No subscription required linux-buildinfo-5.4.0-1107-oracle - 5.4.0-1107.116 linux-headers-5.4.0-1107-oracle - 5.4.0-1107.116 linux-image-5.4.0-1107-oracle - 5.4.0-1107.116 linux-image-unsigned-5.4.0-1107-oracle - 5.4.0-1107.116 linux-modules-5.4.0-1107-oracle - 5.4.0-1107.116 linux-modules-extra-5.4.0-1107-oracle - 5.4.0-1107.116 linux-oracle-headers-5.4.0-1107 - 5.4.0-1107.116 linux-oracle-tools-5.4.0-1107 - 5.4.0-1107.116 linux-tools-5.4.0-1107-oracle - 5.4.0-1107.116 No subscription required linux-aws-cloud-tools-5.4.0-1108 - 5.4.0-1108.116 linux-aws-headers-5.4.0-1108 - 5.4.0-1108.116 linux-aws-tools-5.4.0-1108 - 5.4.0-1108.116 linux-buildinfo-5.4.0-1108-aws - 5.4.0-1108.116 linux-cloud-tools-5.4.0-1108-aws - 5.4.0-1108.116 linux-headers-5.4.0-1108-aws - 5.4.0-1108.116 linux-image-5.4.0-1108-aws - 5.4.0-1108.116 linux-image-unsigned-5.4.0-1108-aws - 5.4.0-1108.116 linux-modules-5.4.0-1108-aws - 5.4.0-1108.116 linux-modules-extra-5.4.0-1108-aws - 5.4.0-1108.116 linux-tools-5.4.0-1108-aws - 5.4.0-1108.116 No subscription required linux-buildinfo-5.4.0-1111-gcp - 5.4.0-1111.120 linux-gcp-headers-5.4.0-1111 - 5.4.0-1111.120 linux-gcp-tools-5.4.0-1111 - 5.4.0-1111.120 linux-headers-5.4.0-1111-gcp - 5.4.0-1111.120 linux-image-5.4.0-1111-gcp - 5.4.0-1111.120 linux-image-unsigned-5.4.0-1111-gcp - 5.4.0-1111.120 linux-modules-5.4.0-1111-gcp - 5.4.0-1111.120 linux-modules-extra-5.4.0-1111-gcp - 5.4.0-1111.120 linux-tools-5.4.0-1111-gcp - 5.4.0-1111.120 No subscription required linux-buildinfo-5.4.0-159-generic - 5.4.0-159.176 linux-buildinfo-5.4.0-159-generic-lpae - 5.4.0-159.176 linux-buildinfo-5.4.0-159-lowlatency - 5.4.0-159.176 linux-cloud-tools-5.4.0-159 - 5.4.0-159.176 linux-cloud-tools-5.4.0-159-generic - 5.4.0-159.176 linux-cloud-tools-5.4.0-159-lowlatency - 5.4.0-159.176 linux-cloud-tools-common - 5.4.0-159.176 linux-doc - 5.4.0-159.176 linux-headers-5.4.0-159 - 5.4.0-159.176 linux-headers-5.4.0-159-generic - 5.4.0-159.176 linux-headers-5.4.0-159-generic-lpae - 5.4.0-159.176 linux-headers-5.4.0-159-lowlatency - 5.4.0-159.176 linux-image-5.4.0-159-generic - 5.4.0-159.176 linux-image-5.4.0-159-generic-lpae - 5.4.0-159.176 linux-image-5.4.0-159-lowlatency - 5.4.0-159.176 linux-image-unsigned-5.4.0-159-generic - 5.4.0-159.176 linux-image-unsigned-5.4.0-159-lowlatency - 5.4.0-159.176 linux-libc-dev - 5.4.0-159.176 linux-modules-5.4.0-159-generic - 5.4.0-159.176 linux-modules-5.4.0-159-generic-lpae - 5.4.0-159.176 linux-modules-5.4.0-159-lowlatency - 5.4.0-159.176 linux-modules-extra-5.4.0-159-generic - 5.4.0-159.176 linux-source-5.4.0 - 5.4.0-159.176 linux-tools-5.4.0-159 - 5.4.0-159.176 linux-tools-5.4.0-159-generic - 5.4.0-159.176 linux-tools-5.4.0-159-generic-lpae - 5.4.0-159.176 linux-tools-5.4.0-159-lowlatency - 5.4.0-159.176 linux-tools-common - 5.4.0-159.176 linux-tools-host - 5.4.0-159.176 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1028.30 linux-image-xilinx-zynqmp - 5.4.0.1028.30 linux-tools-xilinx-zynqmp - 5.4.0.1028.30 linux-xilinx-zynqmp - 5.4.0.1028.30 No subscription required linux-headers-kvm - 5.4.0.1097.92 linux-image-kvm - 5.4.0.1097.92 linux-kvm - 5.4.0.1097.92 linux-tools-kvm - 5.4.0.1097.92 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1107.100 linux-image-oracle-lts-20.04 - 5.4.0.1107.100 linux-oracle-lts-20.04 - 5.4.0.1107.100 linux-tools-oracle-lts-20.04 - 5.4.0.1107.100 No subscription required linux-aws-lts-20.04 - 5.4.0.1108.105 linux-headers-aws-lts-20.04 - 5.4.0.1108.105 linux-image-aws-lts-20.04 - 5.4.0.1108.105 linux-modules-extra-aws-lts-20.04 - 5.4.0.1108.105 linux-tools-aws-lts-20.04 - 5.4.0.1108.105 No subscription required linux-gcp-lts-20.04 - 5.4.0.1111.113 linux-headers-gcp-lts-20.04 - 5.4.0.1111.113 linux-image-gcp-lts-20.04 - 5.4.0.1111.113 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1111.113 linux-tools-gcp-lts-20.04 - 5.4.0.1111.113 No subscription required linux-cloud-tools-generic - 5.4.0.159.154 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.159.154 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.159.154 linux-cloud-tools-lowlatency - 5.4.0.159.154 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.159.154 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.159.154 linux-cloud-tools-virtual - 5.4.0.159.154 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.159.154 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.159.154 linux-crashdump - 5.4.0.159.154 linux-generic - 5.4.0.159.154 linux-generic-hwe-18.04 - 5.4.0.159.154 linux-generic-hwe-18.04-edge - 5.4.0.159.154 linux-generic-lpae - 5.4.0.159.154 linux-generic-lpae-hwe-18.04 - 5.4.0.159.154 linux-generic-lpae-hwe-18.04-edge - 5.4.0.159.154 linux-headers-generic - 5.4.0.159.154 linux-headers-generic-hwe-18.04 - 5.4.0.159.154 linux-headers-generic-hwe-18.04-edge - 5.4.0.159.154 linux-headers-generic-lpae - 5.4.0.159.154 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.159.154 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.159.154 linux-headers-lowlatency - 5.4.0.159.154 linux-headers-lowlatency-hwe-18.04 - 5.4.0.159.154 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.159.154 linux-headers-oem - 5.4.0.159.154 linux-headers-oem-osp1 - 5.4.0.159.154 linux-headers-virtual - 5.4.0.159.154 linux-headers-virtual-hwe-18.04 - 5.4.0.159.154 linux-headers-virtual-hwe-18.04-edge - 5.4.0.159.154 linux-image-extra-virtual - 5.4.0.159.154 linux-image-extra-virtual-hwe-18.04 - 5.4.0.159.154 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.159.154 linux-image-generic - 5.4.0.159.154 linux-image-generic-hwe-18.04 - 5.4.0.159.154 linux-image-generic-hwe-18.04-edge - 5.4.0.159.154 linux-image-generic-lpae - 5.4.0.159.154 linux-image-generic-lpae-hwe-18.04 - 5.4.0.159.154 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.159.154 linux-image-lowlatency - 5.4.0.159.154 linux-image-lowlatency-hwe-18.04 - 5.4.0.159.154 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.159.154 linux-image-oem - 5.4.0.159.154 linux-image-oem-osp1 - 5.4.0.159.154 linux-image-virtual - 5.4.0.159.154 linux-image-virtual-hwe-18.04 - 5.4.0.159.154 linux-image-virtual-hwe-18.04-edge - 5.4.0.159.154 linux-lowlatency - 5.4.0.159.154 linux-lowlatency-hwe-18.04 - 5.4.0.159.154 linux-lowlatency-hwe-18.04-edge - 5.4.0.159.154 linux-oem - 5.4.0.159.154 linux-oem-osp1 - 5.4.0.159.154 linux-oem-osp1-tools-host - 5.4.0.159.154 linux-oem-tools-host - 5.4.0.159.154 linux-source - 5.4.0.159.154 linux-tools-generic - 5.4.0.159.154 linux-tools-generic-hwe-18.04 - 5.4.0.159.154 linux-tools-generic-hwe-18.04-edge - 5.4.0.159.154 linux-tools-generic-lpae - 5.4.0.159.154 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.159.154 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.159.154 linux-tools-lowlatency - 5.4.0.159.154 linux-tools-lowlatency-hwe-18.04 - 5.4.0.159.154 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.159.154 linux-tools-oem - 5.4.0.159.154 linux-tools-oem-osp1 - 5.4.0.159.154 linux-tools-virtual - 5.4.0.159.154 linux-tools-virtual-hwe-18.04 - 5.4.0.159.154 linux-tools-virtual-hwe-18.04-edge - 5.4.0.159.154 linux-virtual - 5.4.0.159.154 linux-virtual-hwe-18.04 - 5.4.0.159.154 linux-virtual-hwe-18.04-edge - 5.4.0.159.154 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 Ubuntu 20.04 LTS Daniël Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. Update Instructions: Run `sudo pro fix USN-6319-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amd64-microcode - 3.20191218.1ubuntu1.2 No subscription required High CVE-2023-20569 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-4573, CVE-2023-4574, CVE-2023-4575, CVE-2023-4578, CVE-2023-4581, CVE-2023-4583, CVE-2023-4584, CVE-2023-4585) Lukas Bernhard discovered that Firefox did not properly manage memory when the "UpdateRegExpStatics" attempted to access "initialStringHeap". An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4577) Malte Jürgens discovered that Firefox did not properly handle search queries if the search query itself was a well formed URL. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-4579) Harveer Singh discovered that Firefox did not properly handle push notifications stored on disk in private browsing mode. An attacker could potentially exploits this issue to access sensitive information. (CVE-2023-4580) Update Instructions: Run `sudo pro fix USN-6320-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 117.0+build2-0ubuntu0.20.04.1 firefox-dev - 117.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-nl - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 117.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 117.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-4573 CVE-2023-4574 CVE-2023-4575 CVE-2023-4577 CVE-2023-4578 CVE-2023-4579 CVE-2023-4580 CVE-2023-4581 CVE-2023-4583 CVE-2023-4584 CVE-2023-4585 Ubuntu 20.04 LTS It was discovered that elfutils incorrectly handled certain malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-16062, CVE-2018-16403, CVE-2018-18310, CVE-2018-18520, CVE-2018-18521, CVE-2019-7149, CVE-2019-7150, CVE-2019-7665) It was discovered that elfutils incorrectly handled bounds checks in certain functions when processing malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service. (CVE-2020-21047, CVE-2021-33294) Update Instructions: Run `sudo pro fix USN-6322-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: elfutils - 0.176-1.1ubuntu0.1 libasm-dev - 0.176-1.1ubuntu0.1 libasm1 - 0.176-1.1ubuntu0.1 libdw-dev - 0.176-1.1ubuntu0.1 libdw1 - 0.176-1.1ubuntu0.1 libelf-dev - 0.176-1.1ubuntu0.1 libelf1 - 0.176-1.1ubuntu0.1 No subscription required Medium CVE-2018-16062 CVE-2018-16403 CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 CVE-2019-7149 CVE-2019-7150 CVE-2019-7665 CVE-2020-21047 CVE-2021-33294 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update Instructions: Run `sudo pro fix USN-6324-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-cloud-tools-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-gkeop-cloud-tools-5.4.0-1075 - 5.4.0-1075.79 linux-gkeop-headers-5.4.0-1075 - 5.4.0-1075.79 linux-gkeop-source-5.4.0 - 5.4.0-1075.79 linux-gkeop-tools-5.4.0-1075 - 5.4.0-1075.79 linux-headers-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-image-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-image-unsigned-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-modules-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-modules-extra-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-tools-5.4.0-1075-gkeop - 5.4.0-1075.79 No subscription required linux-cloud-tools-gkeop - 5.4.0.1075.73 linux-cloud-tools-gkeop-5.4 - 5.4.0.1075.73 linux-gkeop - 5.4.0.1075.73 linux-gkeop-5.4 - 5.4.0.1075.73 linux-headers-gkeop - 5.4.0.1075.73 linux-headers-gkeop-5.4 - 5.4.0.1075.73 linux-image-gkeop - 5.4.0.1075.73 linux-image-gkeop-5.4 - 5.4.0.1075.73 linux-modules-extra-gkeop - 5.4.0.1075.73 linux-modules-extra-gkeop-5.4 - 5.4.0.1075.73 linux-tools-gkeop - 5.4.0.1075.73 linux-tools-gkeop-5.4 - 5.4.0.1075.73 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3610) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle table rules flush in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3777) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle rule additions to bound chains in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3995) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4015) Update Instructions: Run `sudo pro fix USN-6325-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-cloud-tools-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1026 - 5.15.0-1026.31~20.04.1 linux-gkeop-5.15-headers-5.15.0-1026 - 5.15.0-1026.31~20.04.1 linux-gkeop-5.15-tools-5.15.0-1026 - 5.15.0-1026.31~20.04.1 linux-headers-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-image-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-image-unsigned-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-modules-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-modules-extra-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-tools-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1026.31~20.04.22 linux-cloud-tools-gkeop-edge - 5.15.0.1026.31~20.04.22 linux-gkeop-5.15 - 5.15.0.1026.31~20.04.22 linux-gkeop-edge - 5.15.0.1026.31~20.04.22 linux-headers-gkeop-5.15 - 5.15.0.1026.31~20.04.22 linux-headers-gkeop-edge - 5.15.0.1026.31~20.04.22 linux-image-gkeop-5.15 - 5.15.0.1026.31~20.04.22 linux-image-gkeop-edge - 5.15.0.1026.31~20.04.22 linux-modules-extra-gkeop-5.15 - 5.15.0.1026.31~20.04.22 linux-modules-extra-gkeop-edge - 5.15.0.1026.31~20.04.22 linux-tools-gkeop-5.15 - 5.15.0.1026.31~20.04.22 linux-tools-gkeop-edge - 5.15.0.1026.31~20.04.22 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-21400 CVE-2023-3609 CVE-2023-3610 CVE-2023-3611 CVE-2023-3776 CVE-2023-3777 CVE-2023-4004 CVE-2023-4015 Ubuntu 20.04 LTS It was discovered that GitPython did not block insecure options from user inputs in the clone command. An attacker could possibly use this issue to execute arbitrary commands on the host. Update Instructions: Run `sudo pro fix USN-6326-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-git-doc - 3.0.7-1ubuntu0.1~esm2 python3-git - 3.0.7-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-40267 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3610) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle table rules flush in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3777) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle rule additions to bound chains in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3995) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4015) Update Instructions: Run `sudo pro fix USN-6330-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-gcp-5.15-headers-5.15.0-1040 - 5.15.0-1040.48~20.04.1 linux-gcp-5.15-tools-5.15.0-1040 - 5.15.0-1040.48~20.04.1 linux-headers-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-image-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-image-unsigned-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-modules-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-modules-extra-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-modules-iwlwifi-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-tools-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 No subscription required linux-gcp - 5.15.0.1040.48~20.04.1 linux-gcp-edge - 5.15.0.1040.48~20.04.1 linux-headers-gcp - 5.15.0.1040.48~20.04.1 linux-headers-gcp-edge - 5.15.0.1040.48~20.04.1 linux-image-gcp - 5.15.0.1040.48~20.04.1 linux-image-gcp-edge - 5.15.0.1040.48~20.04.1 linux-modules-extra-gcp - 5.15.0.1040.48~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1040.48~20.04.1 linux-tools-gcp - 5.15.0.1040.48~20.04.1 linux-tools-gcp-edge - 5.15.0.1040.48~20.04.1 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-21400 CVE-2023-3609 CVE-2023-3610 CVE-2023-3611 CVE-2023-3776 CVE-2023-3777 CVE-2023-4004 CVE-2023-4015 Ubuntu 20.04 LTS It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service (infinite recursion). (CVE-2020-36691) Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl() in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-0168) It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2022-1184) It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the btrfs file system implementation in the Linux kernel did not properly handle error conditions in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-3111) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update Instructions: Run `sudo pro fix USN-6331-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-5.4.0-1114 - 5.4.0-1114.120 linux-azure-headers-5.4.0-1114 - 5.4.0-1114.120 linux-azure-tools-5.4.0-1114 - 5.4.0-1114.120 linux-buildinfo-5.4.0-1114-azure - 5.4.0-1114.120 linux-cloud-tools-5.4.0-1114-azure - 5.4.0-1114.120 linux-headers-5.4.0-1114-azure - 5.4.0-1114.120 linux-image-5.4.0-1114-azure - 5.4.0-1114.120 linux-image-unsigned-5.4.0-1114-azure - 5.4.0-1114.120 linux-modules-5.4.0-1114-azure - 5.4.0-1114.120 linux-modules-extra-5.4.0-1114-azure - 5.4.0-1114.120 linux-tools-5.4.0-1114-azure - 5.4.0-1114.120 No subscription required linux-azure-lts-20.04 - 5.4.0.1114.107 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1114.107 linux-headers-azure-lts-20.04 - 5.4.0.1114.107 linux-image-azure-lts-20.04 - 5.4.0.1114.107 linux-modules-extra-azure-lts-20.04 - 5.4.0.1114.107 linux-tools-azure-lts-20.04 - 5.4.0.1114.107 No subscription required High CVE-2020-36691 CVE-2022-0168 CVE-2022-1184 CVE-2022-27672 CVE-2022-40982 CVE-2022-4269 CVE-2023-0590 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-20593 CVE-2023-2124 CVE-2023-2194 CVE-2023-28466 CVE-2023-30772 CVE-2023-3111 CVE-2023-3141 CVE-2023-33203 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-48502) Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that the perf subsystem in the Linux kernel contained a use-after-free vulnerability. A privileged local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2235) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly validate pointers in some situations, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-32248) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) It was discovered that the BQ24190 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33288) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) It was discovered that the Rockchip Video Decoder IP driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35829) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3610) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle table rules flush in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3777) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle rule additions to bound chains in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3995) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4015) Update Instructions: Run `sudo pro fix USN-6332-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1045 - 5.15.0-1045.52~20.04.1 linux-azure-5.15-headers-5.15.0-1045 - 5.15.0-1045.52~20.04.1 linux-azure-5.15-tools-5.15.0-1045 - 5.15.0-1045.52~20.04.1 linux-buildinfo-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-cloud-tools-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-headers-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-image-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-image-unsigned-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-modules-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-modules-extra-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-tools-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 No subscription required linux-azure - 5.15.0.1045.52~20.04.34 linux-azure-cvm - 5.15.0.1045.52~20.04.34 linux-azure-edge - 5.15.0.1045.52~20.04.34 linux-cloud-tools-azure - 5.15.0.1045.52~20.04.34 linux-cloud-tools-azure-cvm - 5.15.0.1045.52~20.04.34 linux-cloud-tools-azure-edge - 5.15.0.1045.52~20.04.34 linux-headers-azure - 5.15.0.1045.52~20.04.34 linux-headers-azure-cvm - 5.15.0.1045.52~20.04.34 linux-headers-azure-edge - 5.15.0.1045.52~20.04.34 linux-image-azure - 5.15.0.1045.52~20.04.34 linux-image-azure-cvm - 5.15.0.1045.52~20.04.34 linux-image-azure-edge - 5.15.0.1045.52~20.04.34 linux-modules-extra-azure - 5.15.0.1045.52~20.04.34 linux-modules-extra-azure-cvm - 5.15.0.1045.52~20.04.34 linux-modules-extra-azure-edge - 5.15.0.1045.52~20.04.34 linux-tools-azure - 5.15.0.1045.52~20.04.34 linux-tools-azure-cvm - 5.15.0.1045.52~20.04.34 linux-tools-azure-edge - 5.15.0.1045.52~20.04.34 No subscription required High CVE-2022-40982 CVE-2022-4269 CVE-2022-48502 CVE-2023-0597 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2002 CVE-2023-20593 CVE-2023-2124 CVE-2023-21400 CVE-2023-2163 CVE-2023-2194 CVE-2023-2235 CVE-2023-2269 CVE-2023-23004 CVE-2023-28466 CVE-2023-30772 CVE-2023-3141 CVE-2023-32248 CVE-2023-3268 CVE-2023-33203 CVE-2023-33288 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-35829 CVE-2023-3609 CVE-2023-3610 CVE-2023-3611 CVE-2023-3776 CVE-2023-3777 CVE-2023-4004 CVE-2023-4015 Ubuntu 20.04 LTS Junsung Lee discovered that Thunderbird did not properly validate the text direction override unicode character in filenames. An attacker could potentially exploits this issue by spoofing file extension while attaching a file in emails. (CVE-2023-3417) Max Vlasov discovered that Thunderbird Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. (CVE-2023-4045) Alexander Guryanov discovered that Thunderbird did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4046) Mark Brand discovered that Thunderbird did not properly validate the size of an untrusted input stream. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4050) Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4055, CVE-2023-4056) Update Instructions: Run `sudo pro fix USN-6333-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.15.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.15.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.15.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.15.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-3417 CVE-2023-4045 CVE-2023-4046 CVE-2023-4047 CVE-2023-4048 CVE-2023-4049 CVE-2023-4050 CVE-2023-4055 CVE-2023-4056 Ubuntu 20.04 LTS Peter Wang discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server to cause a crash. (CVE-2020-6097) Andreas B. Mundt discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server to cause a crash. (CVE-2021-41054) Johannes Krupp discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server and make the server to disclose /etc/group data. (CVE-2021-46671) Update Instructions: Run `sudo pro fix USN-6334-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: atftp - 0.7.git20120829-3.1ubuntu0.1 atftpd - 0.7.git20120829-3.1ubuntu0.1 No subscription required Medium CVE-2020-6097 CVE-2021-41054 CVE-2021-46671 Ubuntu 20.04 LTS It was discovered that Docker Registry incorrectly handled certain crafted input, A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-11468) It was discovered that Docker Registry incorrectly handled certain crafted input. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-2253) Update Instructions: Run `sudo pro fix USN-6336-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: docker-registry - 2.7.1+ds2-7ubuntu0.3 golang-github-docker-distribution-dev - 2.7.1+ds2-7ubuntu0.3 No subscription required Medium CVE-2017-11468 CVE-2023-2253 Ubuntu 20.04 LTS It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-48425) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) It was discovered that a race condition existed in the f2fs file system in the Linux kernel, leading to a null pointer dereference vulnerability. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-2898) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-3212) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an out-of- bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38426, CVE-2023-38428) It was discovered that the KSMBD implementation in the Linux kernel did not properly calculate the size of certain buffers. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-38429) Update Instructions: Run `sudo pro fix USN-6339-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-buildinfo-5.15.0-83-generic-64k - 5.15.0-83.92~20.04.1 linux-buildinfo-5.15.0-83-generic-lpae - 5.15.0-83.92~20.04.1 linux-buildinfo-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-buildinfo-5.15.0-83-lowlatency-64k - 5.15.0-83.92~20.04.1 linux-cloud-tools-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-cloud-tools-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-headers-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-headers-5.15.0-83-generic-64k - 5.15.0-83.92~20.04.1 linux-headers-5.15.0-83-generic-lpae - 5.15.0-83.92~20.04.1 linux-headers-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-headers-5.15.0-83-lowlatency-64k - 5.15.0-83.92~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-83 - 5.15.0-83.92~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-83.92~20.04.1 linux-hwe-5.15-headers-5.15.0-83 - 5.15.0-83.92~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-83.92~20.04.1 linux-hwe-5.15-tools-5.15.0-83 - 5.15.0-83.92~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-83.92~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-83.92~20.04.1 linux-image-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-image-5.15.0-83-generic-64k - 5.15.0-83.92~20.04.1 linux-image-5.15.0-83-generic-lpae - 5.15.0-83.92~20.04.1 linux-image-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-image-5.15.0-83-lowlatency-64k - 5.15.0-83.92~20.04.1 linux-image-unsigned-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-image-unsigned-5.15.0-83-generic-64k - 5.15.0-83.92~20.04.1 linux-image-unsigned-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-image-unsigned-5.15.0-83-lowlatency-64k - 5.15.0-83.92~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-83 - 5.15.0-83.92~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-83.92~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-83 - 5.15.0-83.92~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-83 - 5.15.0-83.92~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-83.92~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-83.92~20.04.1 linux-modules-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-modules-5.15.0-83-generic-64k - 5.15.0-83.92~20.04.1 linux-modules-5.15.0-83-generic-lpae - 5.15.0-83.92~20.04.1 linux-modules-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-modules-5.15.0-83-lowlatency-64k - 5.15.0-83.92~20.04.1 linux-modules-extra-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-modules-iwlwifi-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-modules-iwlwifi-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-tools-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-tools-5.15.0-83-generic-64k - 5.15.0-83.92~20.04.1 linux-tools-5.15.0-83-generic-lpae - 5.15.0-83.92~20.04.1 linux-tools-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-tools-5.15.0-83-lowlatency-64k - 5.15.0-83.92~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-headers-lowlatency-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-image-lowlatency-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-lowlatency-64k-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-lowlatency-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-lowlatency-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-tools-lowlatency-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.83.92~20.04.38 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-generic-64k-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-generic-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-generic-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-generic-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-generic-lpae-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-generic-lpae-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-headers-generic-64k-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-headers-generic-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-headers-generic-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-headers-oem-20.04 - 5.15.0.83.92~20.04.41 linux-headers-oem-20.04b - 5.15.0.83.92~20.04.41 linux-headers-oem-20.04c - 5.15.0.83.92~20.04.41 linux-headers-oem-20.04d - 5.15.0.83.92~20.04.41 linux-headers-virtual-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-headers-virtual-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-image-extra-virtual-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-image-generic-64k-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-image-generic-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-image-generic-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-image-generic-lpae-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-image-oem-20.04 - 5.15.0.83.92~20.04.41 linux-image-oem-20.04b - 5.15.0.83.92~20.04.41 linux-image-oem-20.04c - 5.15.0.83.92~20.04.41 linux-image-oem-20.04d - 5.15.0.83.92~20.04.41 linux-image-virtual-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-image-virtual-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-modules-iwlwifi-oem-20.04 - 5.15.0.83.92~20.04.41 linux-modules-iwlwifi-oem-20.04d - 5.15.0.83.92~20.04.41 linux-oem-20.04 - 5.15.0.83.92~20.04.41 linux-oem-20.04b - 5.15.0.83.92~20.04.41 linux-oem-20.04c - 5.15.0.83.92~20.04.41 linux-oem-20.04d - 5.15.0.83.92~20.04.41 linux-tools-generic-64k-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-tools-generic-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-tools-generic-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-tools-oem-20.04 - 5.15.0.83.92~20.04.41 linux-tools-oem-20.04b - 5.15.0.83.92~20.04.41 linux-tools-oem-20.04c - 5.15.0.83.92~20.04.41 linux-tools-oem-20.04d - 5.15.0.83.92~20.04.41 linux-tools-virtual-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-tools-virtual-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-virtual-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-virtual-hwe-20.04-edge - 5.15.0.83.92~20.04.41 No subscription required Medium CVE-2022-48425 CVE-2023-21255 CVE-2023-2898 CVE-2023-31084 CVE-2023-3212 CVE-2023-38426 CVE-2023-38428 CVE-2023-38429 Ubuntu 20.04 LTS It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-48425) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) It was discovered that a race condition existed in the f2fs file system in the Linux kernel, leading to a null pointer dereference vulnerability. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-2898) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-3212) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an out-of- bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38426, CVE-2023-38428) It was discovered that the KSMBD implementation in the Linux kernel did not properly calculate the size of certain buffers. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-38429) Update Instructions: Run `sudo pro fix USN-6339-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-cloud-tools-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1027 - 5.15.0-1027.32~20.04.1 linux-gkeop-5.15-headers-5.15.0-1027 - 5.15.0-1027.32~20.04.1 linux-gkeop-5.15-tools-5.15.0-1027 - 5.15.0-1027.32~20.04.1 linux-headers-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-image-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-image-unsigned-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-modules-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-modules-extra-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-tools-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 No subscription required linux-buildinfo-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-gcp-5.15-headers-5.15.0-1041 - 5.15.0-1041.49~20.04.1 linux-gcp-5.15-tools-5.15.0-1041 - 5.15.0-1041.49~20.04.1 linux-headers-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-image-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-image-unsigned-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-modules-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-modules-extra-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-modules-iwlwifi-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-tools-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1027.32~20.04.23 linux-cloud-tools-gkeop-edge - 5.15.0.1027.32~20.04.23 linux-gkeop-5.15 - 5.15.0.1027.32~20.04.23 linux-gkeop-edge - 5.15.0.1027.32~20.04.23 linux-headers-gkeop-5.15 - 5.15.0.1027.32~20.04.23 linux-headers-gkeop-edge - 5.15.0.1027.32~20.04.23 linux-image-gkeop-5.15 - 5.15.0.1027.32~20.04.23 linux-image-gkeop-edge - 5.15.0.1027.32~20.04.23 linux-modules-extra-gkeop-5.15 - 5.15.0.1027.32~20.04.23 linux-modules-extra-gkeop-edge - 5.15.0.1027.32~20.04.23 linux-tools-gkeop-5.15 - 5.15.0.1027.32~20.04.23 linux-tools-gkeop-edge - 5.15.0.1027.32~20.04.23 No subscription required linux-gcp - 5.15.0.1041.49~20.04.1 linux-gcp-edge - 5.15.0.1041.49~20.04.1 linux-headers-gcp - 5.15.0.1041.49~20.04.1 linux-headers-gcp-edge - 5.15.0.1041.49~20.04.1 linux-image-gcp - 5.15.0.1041.49~20.04.1 linux-image-gcp-edge - 5.15.0.1041.49~20.04.1 linux-modules-extra-gcp - 5.15.0.1041.49~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1041.49~20.04.1 linux-tools-gcp - 5.15.0.1041.49~20.04.1 linux-tools-gcp-edge - 5.15.0.1041.49~20.04.1 No subscription required Medium CVE-2022-48425 CVE-2023-21255 CVE-2023-2898 CVE-2023-31084 CVE-2023-3212 CVE-2023-38426 CVE-2023-38428 CVE-2023-38429 Ubuntu 20.04 LTS It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-48425) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) It was discovered that a race condition existed in the f2fs file system in the Linux kernel, leading to a null pointer dereference vulnerability. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-2898) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-3212) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an out-of- bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38426, CVE-2023-38428) It was discovered that the KSMBD implementation in the Linux kernel did not properly calculate the size of certain buffers. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-38429) Update Instructions: Run `sudo pro fix USN-6339-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1046 - 5.15.0-1046.53~20.04.1 linux-azure-5.15-headers-5.15.0-1046 - 5.15.0-1046.53~20.04.1 linux-azure-5.15-tools-5.15.0-1046 - 5.15.0-1046.53~20.04.1 linux-buildinfo-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-cloud-tools-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-headers-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-image-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-image-unsigned-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-modules-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-modules-extra-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-tools-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 No subscription required linux-image-5.15.0-1046-azure-fde - 5.15.0-1046.53~20.04.1.1 linux-image-unsigned-5.15.0-1046-azure-fde - 5.15.0-1046.53~20.04.1.1 No subscription required linux-azure-fde - 5.15.0.1046.53~20.04.1.24 linux-azure-fde-edge - 5.15.0.1046.53~20.04.1.24 linux-cloud-tools-azure-fde - 5.15.0.1046.53~20.04.1.24 linux-cloud-tools-azure-fde-edge - 5.15.0.1046.53~20.04.1.24 linux-headers-azure-fde - 5.15.0.1046.53~20.04.1.24 linux-headers-azure-fde-edge - 5.15.0.1046.53~20.04.1.24 linux-image-azure-fde - 5.15.0.1046.53~20.04.1.24 linux-image-azure-fde-edge - 5.15.0.1046.53~20.04.1.24 linux-modules-extra-azure-fde - 5.15.0.1046.53~20.04.1.24 linux-modules-extra-azure-fde-edge - 5.15.0.1046.53~20.04.1.24 linux-tools-azure-fde - 5.15.0.1046.53~20.04.1.24 linux-tools-azure-fde-edge - 5.15.0.1046.53~20.04.1.24 No subscription required linux-azure - 5.15.0.1046.53~20.04.35 linux-azure-cvm - 5.15.0.1046.53~20.04.35 linux-azure-edge - 5.15.0.1046.53~20.04.35 linux-cloud-tools-azure - 5.15.0.1046.53~20.04.35 linux-cloud-tools-azure-cvm - 5.15.0.1046.53~20.04.35 linux-cloud-tools-azure-edge - 5.15.0.1046.53~20.04.35 linux-headers-azure - 5.15.0.1046.53~20.04.35 linux-headers-azure-cvm - 5.15.0.1046.53~20.04.35 linux-headers-azure-edge - 5.15.0.1046.53~20.04.35 linux-image-azure - 5.15.0.1046.53~20.04.35 linux-image-azure-cvm - 5.15.0.1046.53~20.04.35 linux-image-azure-edge - 5.15.0.1046.53~20.04.35 linux-modules-extra-azure - 5.15.0.1046.53~20.04.35 linux-modules-extra-azure-cvm - 5.15.0.1046.53~20.04.35 linux-modules-extra-azure-edge - 5.15.0.1046.53~20.04.35 linux-tools-azure - 5.15.0.1046.53~20.04.35 linux-tools-azure-cvm - 5.15.0.1046.53~20.04.35 linux-tools-azure-edge - 5.15.0.1046.53~20.04.35 No subscription required Medium CVE-2022-48425 CVE-2023-21255 CVE-2023-2898 CVE-2023-31084 CVE-2023-3212 CVE-2023-38426 CVE-2023-38428 CVE-2023-38429 Ubuntu 20.04 LTS Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) Update Instructions: Run `sudo pro fix USN-6340-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1021-iot - 5.4.0-1021.22 linux-headers-5.4.0-1021-iot - 5.4.0-1021.22 linux-image-5.4.0-1021-iot - 5.4.0-1021.22 linux-image-unsigned-5.4.0-1021-iot - 5.4.0-1021.22 linux-iot-headers-5.4.0-1021 - 5.4.0-1021.22 linux-iot-tools-5.4.0-1021 - 5.4.0-1021.22 linux-iot-tools-common - 5.4.0-1021.22 linux-modules-5.4.0-1021-iot - 5.4.0-1021.22 linux-tools-5.4.0-1021-iot - 5.4.0-1021.22 No subscription required linux-buildinfo-5.4.0-1098-kvm - 5.4.0-1098.104 linux-headers-5.4.0-1098-kvm - 5.4.0-1098.104 linux-image-5.4.0-1098-kvm - 5.4.0-1098.104 linux-image-unsigned-5.4.0-1098-kvm - 5.4.0-1098.104 linux-kvm-headers-5.4.0-1098 - 5.4.0-1098.104 linux-kvm-tools-5.4.0-1098 - 5.4.0-1098.104 linux-modules-5.4.0-1098-kvm - 5.4.0-1098.104 linux-tools-5.4.0-1098-kvm - 5.4.0-1098.104 No subscription required linux-buildinfo-5.4.0-1108-oracle - 5.4.0-1108.117 linux-headers-5.4.0-1108-oracle - 5.4.0-1108.117 linux-image-5.4.0-1108-oracle - 5.4.0-1108.117 linux-image-unsigned-5.4.0-1108-oracle - 5.4.0-1108.117 linux-modules-5.4.0-1108-oracle - 5.4.0-1108.117 linux-modules-extra-5.4.0-1108-oracle - 5.4.0-1108.117 linux-oracle-headers-5.4.0-1108 - 5.4.0-1108.117 linux-oracle-tools-5.4.0-1108 - 5.4.0-1108.117 linux-tools-5.4.0-1108-oracle - 5.4.0-1108.117 No subscription required linux-aws-cloud-tools-5.4.0-1109 - 5.4.0-1109.118 linux-aws-headers-5.4.0-1109 - 5.4.0-1109.118 linux-aws-tools-5.4.0-1109 - 5.4.0-1109.118 linux-buildinfo-5.4.0-1109-aws - 5.4.0-1109.118 linux-cloud-tools-5.4.0-1109-aws - 5.4.0-1109.118 linux-headers-5.4.0-1109-aws - 5.4.0-1109.118 linux-image-5.4.0-1109-aws - 5.4.0-1109.118 linux-image-unsigned-5.4.0-1109-aws - 5.4.0-1109.118 linux-modules-5.4.0-1109-aws - 5.4.0-1109.118 linux-modules-extra-5.4.0-1109-aws - 5.4.0-1109.118 linux-tools-5.4.0-1109-aws - 5.4.0-1109.118 No subscription required linux-buildinfo-5.4.0-1112-gcp - 5.4.0-1112.121 linux-gcp-headers-5.4.0-1112 - 5.4.0-1112.121 linux-gcp-tools-5.4.0-1112 - 5.4.0-1112.121 linux-headers-5.4.0-1112-gcp - 5.4.0-1112.121 linux-image-5.4.0-1112-gcp - 5.4.0-1112.121 linux-image-unsigned-5.4.0-1112-gcp - 5.4.0-1112.121 linux-modules-5.4.0-1112-gcp - 5.4.0-1112.121 linux-modules-extra-5.4.0-1112-gcp - 5.4.0-1112.121 linux-tools-5.4.0-1112-gcp - 5.4.0-1112.121 No subscription required linux-buildinfo-5.4.0-162-generic - 5.4.0-162.179 linux-buildinfo-5.4.0-162-generic-lpae - 5.4.0-162.179 linux-buildinfo-5.4.0-162-lowlatency - 5.4.0-162.179 linux-cloud-tools-5.4.0-162 - 5.4.0-162.179 linux-cloud-tools-5.4.0-162-generic - 5.4.0-162.179 linux-cloud-tools-5.4.0-162-lowlatency - 5.4.0-162.179 linux-cloud-tools-common - 5.4.0-162.179 linux-doc - 5.4.0-162.179 linux-headers-5.4.0-162 - 5.4.0-162.179 linux-headers-5.4.0-162-generic - 5.4.0-162.179 linux-headers-5.4.0-162-generic-lpae - 5.4.0-162.179 linux-headers-5.4.0-162-lowlatency - 5.4.0-162.179 linux-image-5.4.0-162-generic - 5.4.0-162.179 linux-image-5.4.0-162-generic-lpae - 5.4.0-162.179 linux-image-5.4.0-162-lowlatency - 5.4.0-162.179 linux-image-unsigned-5.4.0-162-generic - 5.4.0-162.179 linux-image-unsigned-5.4.0-162-lowlatency - 5.4.0-162.179 linux-libc-dev - 5.4.0-162.179 linux-modules-5.4.0-162-generic - 5.4.0-162.179 linux-modules-5.4.0-162-generic-lpae - 5.4.0-162.179 linux-modules-5.4.0-162-lowlatency - 5.4.0-162.179 linux-modules-extra-5.4.0-162-generic - 5.4.0-162.179 linux-source-5.4.0 - 5.4.0-162.179 linux-tools-5.4.0-162 - 5.4.0-162.179 linux-tools-5.4.0-162-generic - 5.4.0-162.179 linux-tools-5.4.0-162-generic-lpae - 5.4.0-162.179 linux-tools-5.4.0-162-lowlatency - 5.4.0-162.179 linux-tools-common - 5.4.0-162.179 linux-tools-host - 5.4.0-162.179 No subscription required linux-headers-iot - 5.4.0.1021.19 linux-image-iot - 5.4.0.1021.19 linux-iot - 5.4.0.1021.19 linux-tools-iot - 5.4.0.1021.19 No subscription required linux-headers-kvm - 5.4.0.1098.93 linux-image-kvm - 5.4.0.1098.93 linux-kvm - 5.4.0.1098.93 linux-tools-kvm - 5.4.0.1098.93 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1108.101 linux-image-oracle-lts-20.04 - 5.4.0.1108.101 linux-oracle-lts-20.04 - 5.4.0.1108.101 linux-tools-oracle-lts-20.04 - 5.4.0.1108.101 No subscription required linux-aws-lts-20.04 - 5.4.0.1109.106 linux-headers-aws-lts-20.04 - 5.4.0.1109.106 linux-image-aws-lts-20.04 - 5.4.0.1109.106 linux-modules-extra-aws-lts-20.04 - 5.4.0.1109.106 linux-tools-aws-lts-20.04 - 5.4.0.1109.106 No subscription required linux-gcp-lts-20.04 - 5.4.0.1112.114 linux-headers-gcp-lts-20.04 - 5.4.0.1112.114 linux-image-gcp-lts-20.04 - 5.4.0.1112.114 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1112.114 linux-tools-gcp-lts-20.04 - 5.4.0.1112.114 No subscription required linux-cloud-tools-generic - 5.4.0.162.159 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.162.159 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.162.159 linux-cloud-tools-lowlatency - 5.4.0.162.159 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.162.159 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.162.159 linux-cloud-tools-virtual - 5.4.0.162.159 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.162.159 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.162.159 linux-crashdump - 5.4.0.162.159 linux-generic - 5.4.0.162.159 linux-generic-hwe-18.04 - 5.4.0.162.159 linux-generic-hwe-18.04-edge - 5.4.0.162.159 linux-generic-lpae - 5.4.0.162.159 linux-generic-lpae-hwe-18.04 - 5.4.0.162.159 linux-generic-lpae-hwe-18.04-edge - 5.4.0.162.159 linux-headers-generic - 5.4.0.162.159 linux-headers-generic-hwe-18.04 - 5.4.0.162.159 linux-headers-generic-hwe-18.04-edge - 5.4.0.162.159 linux-headers-generic-lpae - 5.4.0.162.159 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.162.159 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.162.159 linux-headers-lowlatency - 5.4.0.162.159 linux-headers-lowlatency-hwe-18.04 - 5.4.0.162.159 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.162.159 linux-headers-oem - 5.4.0.162.159 linux-headers-oem-osp1 - 5.4.0.162.159 linux-headers-virtual - 5.4.0.162.159 linux-headers-virtual-hwe-18.04 - 5.4.0.162.159 linux-headers-virtual-hwe-18.04-edge - 5.4.0.162.159 linux-image-extra-virtual - 5.4.0.162.159 linux-image-extra-virtual-hwe-18.04 - 5.4.0.162.159 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.162.159 linux-image-generic - 5.4.0.162.159 linux-image-generic-hwe-18.04 - 5.4.0.162.159 linux-image-generic-hwe-18.04-edge - 5.4.0.162.159 linux-image-generic-lpae - 5.4.0.162.159 linux-image-generic-lpae-hwe-18.04 - 5.4.0.162.159 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.162.159 linux-image-lowlatency - 5.4.0.162.159 linux-image-lowlatency-hwe-18.04 - 5.4.0.162.159 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.162.159 linux-image-oem - 5.4.0.162.159 linux-image-oem-osp1 - 5.4.0.162.159 linux-image-virtual - 5.4.0.162.159 linux-image-virtual-hwe-18.04 - 5.4.0.162.159 linux-image-virtual-hwe-18.04-edge - 5.4.0.162.159 linux-lowlatency - 5.4.0.162.159 linux-lowlatency-hwe-18.04 - 5.4.0.162.159 linux-lowlatency-hwe-18.04-edge - 5.4.0.162.159 linux-oem - 5.4.0.162.159 linux-oem-osp1 - 5.4.0.162.159 linux-oem-osp1-tools-host - 5.4.0.162.159 linux-oem-tools-host - 5.4.0.162.159 linux-source - 5.4.0.162.159 linux-tools-generic - 5.4.0.162.159 linux-tools-generic-hwe-18.04 - 5.4.0.162.159 linux-tools-generic-hwe-18.04-edge - 5.4.0.162.159 linux-tools-generic-lpae - 5.4.0.162.159 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.162.159 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.162.159 linux-tools-lowlatency - 5.4.0.162.159 linux-tools-lowlatency-hwe-18.04 - 5.4.0.162.159 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.162.159 linux-tools-oem - 5.4.0.162.159 linux-tools-oem-osp1 - 5.4.0.162.159 linux-tools-virtual - 5.4.0.162.159 linux-tools-virtual-hwe-18.04 - 5.4.0.162.159 linux-tools-virtual-hwe-18.04-edge - 5.4.0.162.159 linux-virtual - 5.4.0.162.159 linux-virtual-hwe-18.04 - 5.4.0.162.159 linux-virtual-hwe-18.04-edge - 5.4.0.162.159 No subscription required Medium CVE-2023-2002 CVE-2023-21255 CVE-2023-2163 CVE-2023-2269 CVE-2023-31084 CVE-2023-3268 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 Ubuntu 20.04 LTS Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) Update Instructions: Run `sudo pro fix USN-6340-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1029-xilinx-zynqmp - 5.4.0-1029.33 linux-headers-5.4.0-1029-xilinx-zynqmp - 5.4.0-1029.33 linux-image-5.4.0-1029-xilinx-zynqmp - 5.4.0-1029.33 linux-modules-5.4.0-1029-xilinx-zynqmp - 5.4.0-1029.33 linux-tools-5.4.0-1029-xilinx-zynqmp - 5.4.0-1029.33 linux-xilinx-zynqmp-headers-5.4.0-1029 - 5.4.0-1029.33 linux-xilinx-zynqmp-tools-5.4.0-1029 - 5.4.0-1029.33 No subscription required linux-buildinfo-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-cloud-tools-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-gkeop-cloud-tools-5.4.0-1076 - 5.4.0-1076.80 linux-gkeop-headers-5.4.0-1076 - 5.4.0-1076.80 linux-gkeop-source-5.4.0 - 5.4.0-1076.80 linux-gkeop-tools-5.4.0-1076 - 5.4.0-1076.80 linux-headers-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-image-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-image-unsigned-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-modules-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-modules-extra-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-tools-5.4.0-1076-gkeop - 5.4.0-1076.80 No subscription required linux-buildinfo-5.4.0-1093-raspi - 5.4.0-1093.104 linux-headers-5.4.0-1093-raspi - 5.4.0-1093.104 linux-image-5.4.0-1093-raspi - 5.4.0-1093.104 linux-modules-5.4.0-1093-raspi - 5.4.0-1093.104 linux-raspi-headers-5.4.0-1093 - 5.4.0-1093.104 linux-raspi-tools-5.4.0-1093 - 5.4.0-1093.104 linux-tools-5.4.0-1093-raspi - 5.4.0-1093.104 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1029.31 linux-image-xilinx-zynqmp - 5.4.0.1029.31 linux-tools-xilinx-zynqmp - 5.4.0.1029.31 linux-xilinx-zynqmp - 5.4.0.1029.31 No subscription required linux-cloud-tools-gkeop - 5.4.0.1076.74 linux-cloud-tools-gkeop-5.4 - 5.4.0.1076.74 linux-gkeop - 5.4.0.1076.74 linux-gkeop-5.4 - 5.4.0.1076.74 linux-headers-gkeop - 5.4.0.1076.74 linux-headers-gkeop-5.4 - 5.4.0.1076.74 linux-image-gkeop - 5.4.0.1076.74 linux-image-gkeop-5.4 - 5.4.0.1076.74 linux-modules-extra-gkeop - 5.4.0.1076.74 linux-modules-extra-gkeop-5.4 - 5.4.0.1076.74 linux-tools-gkeop - 5.4.0.1076.74 linux-tools-gkeop-5.4 - 5.4.0.1076.74 No subscription required linux-headers-raspi - 5.4.0.1093.123 linux-headers-raspi-hwe-18.04 - 5.4.0.1093.123 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1093.123 linux-headers-raspi2 - 5.4.0.1093.123 linux-headers-raspi2-hwe-18.04 - 5.4.0.1093.123 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1093.123 linux-image-raspi - 5.4.0.1093.123 linux-image-raspi-hwe-18.04 - 5.4.0.1093.123 linux-image-raspi-hwe-18.04-edge - 5.4.0.1093.123 linux-image-raspi2 - 5.4.0.1093.123 linux-image-raspi2-hwe-18.04 - 5.4.0.1093.123 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1093.123 linux-raspi - 5.4.0.1093.123 linux-raspi-hwe-18.04 - 5.4.0.1093.123 linux-raspi-hwe-18.04-edge - 5.4.0.1093.123 linux-raspi2 - 5.4.0.1093.123 linux-raspi2-hwe-18.04 - 5.4.0.1093.123 linux-raspi2-hwe-18.04-edge - 5.4.0.1093.123 linux-tools-raspi - 5.4.0.1093.123 linux-tools-raspi-hwe-18.04 - 5.4.0.1093.123 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1093.123 linux-tools-raspi2 - 5.4.0.1093.123 linux-tools-raspi2-hwe-18.04 - 5.4.0.1093.123 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1093.123 No subscription required Medium CVE-2023-2002 CVE-2023-21255 CVE-2023-2163 CVE-2023-2269 CVE-2023-31084 CVE-2023-3268 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 Ubuntu 20.04 LTS It was discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, an attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6345-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsox-dev - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-fmt-all - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-fmt-alsa - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-fmt-ao - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-fmt-base - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-fmt-mp3 - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-fmt-oss - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-fmt-pulse - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox3 - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 sox - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 No subscription required Medium CVE-2023-32627 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update Instructions: Run `sudo pro fix USN-6346-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1092-raspi - 5.4.0-1092.103 linux-headers-5.4.0-1092-raspi - 5.4.0-1092.103 linux-image-5.4.0-1092-raspi - 5.4.0-1092.103 linux-modules-5.4.0-1092-raspi - 5.4.0-1092.103 linux-raspi-headers-5.4.0-1092 - 5.4.0-1092.103 linux-raspi-tools-5.4.0-1092 - 5.4.0-1092.103 linux-tools-5.4.0-1092-raspi - 5.4.0-1092.103 No subscription required linux-headers-raspi - 5.4.0.1092.122 linux-headers-raspi-hwe-18.04 - 5.4.0.1092.122 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1092.122 linux-headers-raspi2 - 5.4.0.1092.122 linux-headers-raspi2-hwe-18.04 - 5.4.0.1092.122 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1092.122 linux-image-raspi - 5.4.0.1092.122 linux-image-raspi-hwe-18.04 - 5.4.0.1092.122 linux-image-raspi-hwe-18.04-edge - 5.4.0.1092.122 linux-image-raspi2 - 5.4.0.1092.122 linux-image-raspi2-hwe-18.04 - 5.4.0.1092.122 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1092.122 linux-raspi - 5.4.0.1092.122 linux-raspi-hwe-18.04 - 5.4.0.1092.122 linux-raspi-hwe-18.04-edge - 5.4.0.1092.122 linux-raspi2 - 5.4.0.1092.122 linux-raspi2-hwe-18.04 - 5.4.0.1092.122 linux-raspi2-hwe-18.04-edge - 5.4.0.1092.122 linux-tools-raspi - 5.4.0.1092.122 linux-tools-raspi-hwe-18.04 - 5.4.0.1092.122 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1092.122 linux-tools-raspi2 - 5.4.0.1092.122 linux-tools-raspi2-hwe-18.04 - 5.4.0.1092.122 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1092.122 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 Ubuntu 20.04 LTS William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-48502) Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that the perf subsystem in the Linux kernel contained a use-after-free vulnerability. A privileged local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2235) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly validate pointers in some situations, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-32248) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) It was discovered that the BQ24190 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33288) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) It was discovered that the Rockchip Video Decoder IP driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35829) Update Instructions: Run `sudo pro fix USN-6347-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1043-azure-fde - 5.15.0-1043.50~20.04.1.1 linux-image-unsigned-5.15.0-1043-azure-fde - 5.15.0-1043.50~20.04.1.1 No subscription required linux-azure-fde - 5.15.0.1043.50~20.04.1.22 linux-azure-fde-edge - 5.15.0.1043.50~20.04.1.22 linux-cloud-tools-azure-fde - 5.15.0.1043.50~20.04.1.22 linux-cloud-tools-azure-fde-edge - 5.15.0.1043.50~20.04.1.22 linux-headers-azure-fde - 5.15.0.1043.50~20.04.1.22 linux-headers-azure-fde-edge - 5.15.0.1043.50~20.04.1.22 linux-image-azure-fde - 5.15.0.1043.50~20.04.1.22 linux-image-azure-fde-edge - 5.15.0.1043.50~20.04.1.22 linux-modules-extra-azure-fde - 5.15.0.1043.50~20.04.1.22 linux-modules-extra-azure-fde-edge - 5.15.0.1043.50~20.04.1.22 linux-tools-azure-fde - 5.15.0.1043.50~20.04.1.22 linux-tools-azure-fde-edge - 5.15.0.1043.50~20.04.1.22 No subscription required Medium CVE-2022-4269 CVE-2022-48502 CVE-2023-0597 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2002 CVE-2023-2124 CVE-2023-2163 CVE-2023-2194 CVE-2023-2235 CVE-2023-2269 CVE-2023-23004 CVE-2023-28466 CVE-2023-30772 CVE-2023-3141 CVE-2023-32248 CVE-2023-3268 CVE-2023-33203 CVE-2023-33288 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-35829 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3610) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle table rules flush in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3777) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle rule additions to bound chains in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3995) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4015) Update Instructions: Run `sudo pro fix USN-6348-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-cloud-tools-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-headers-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-image-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-image-unsigned-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1038.43~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1038.43~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1038.43~20.04.1 linux-modules-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-modules-extra-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-modules-iwlwifi-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-tools-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1038.43~20.04.28 linux-headers-intel - 5.15.0.1038.43~20.04.28 linux-headers-intel-iotg - 5.15.0.1038.43~20.04.28 linux-headers-intel-iotg-edge - 5.15.0.1038.43~20.04.28 linux-image-intel - 5.15.0.1038.43~20.04.28 linux-image-intel-iotg - 5.15.0.1038.43~20.04.28 linux-image-intel-iotg-edge - 5.15.0.1038.43~20.04.28 linux-intel - 5.15.0.1038.43~20.04.28 linux-intel-iotg - 5.15.0.1038.43~20.04.28 linux-intel-iotg-edge - 5.15.0.1038.43~20.04.28 linux-tools-intel - 5.15.0.1038.43~20.04.28 linux-tools-intel-iotg - 5.15.0.1038.43~20.04.28 linux-tools-intel-iotg-edge - 5.15.0.1038.43~20.04.28 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-21400 CVE-2023-3609 CVE-2023-3610 CVE-2023-3611 CVE-2023-3776 CVE-2023-3777 CVE-2023-4004 CVE-2023-4015 Ubuntu 20.04 LTS Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) Update Instructions: Run `sudo pro fix USN-6349-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-5.4.0-1115 - 5.4.0-1115.122 linux-azure-headers-5.4.0-1115 - 5.4.0-1115.122 linux-azure-tools-5.4.0-1115 - 5.4.0-1115.122 linux-buildinfo-5.4.0-1115-azure - 5.4.0-1115.122 linux-cloud-tools-5.4.0-1115-azure - 5.4.0-1115.122 linux-headers-5.4.0-1115-azure - 5.4.0-1115.122 linux-image-5.4.0-1115-azure - 5.4.0-1115.122 linux-image-unsigned-5.4.0-1115-azure - 5.4.0-1115.122 linux-modules-5.4.0-1115-azure - 5.4.0-1115.122 linux-modules-extra-5.4.0-1115-azure - 5.4.0-1115.122 linux-tools-5.4.0-1115-azure - 5.4.0-1115.122 No subscription required linux-azure-lts-20.04 - 5.4.0.1115.108 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1115.108 linux-headers-azure-lts-20.04 - 5.4.0.1115.108 linux-image-azure-lts-20.04 - 5.4.0.1115.108 linux-modules-extra-azure-lts-20.04 - 5.4.0.1115.108 linux-tools-azure-lts-20.04 - 5.4.0.1115.108 No subscription required Medium CVE-2023-2002 CVE-2023-21255 CVE-2023-2163 CVE-2023-2269 CVE-2023-31084 CVE-2023-3268 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 Ubuntu 20.04 LTS It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-48425) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) It was discovered that a race condition existed in the f2fs file system in the Linux kernel, leading to a null pointer dereference vulnerability. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-2898) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-3212) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an out-of- bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38426, CVE-2023-38428) It was discovered that the KSMBD implementation in the Linux kernel did not properly calculate the size of certain buffers. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-38429) Update Instructions: Run `sudo pro fix USN-6350-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 linux-headers-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 linux-ibm-5.15-headers-5.15.0-1037 - 5.15.0-1037.40~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1037.40~20.04.1 linux-ibm-5.15-tools-5.15.0-1037 - 5.15.0-1037.40~20.04.1 linux-image-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 linux-image-unsigned-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 linux-modules-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 linux-modules-extra-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 linux-tools-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 No subscription required linux-buildinfo-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 linux-headers-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 linux-image-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 linux-image-unsigned-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 linux-modules-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 linux-modules-extra-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 linux-oracle-5.15-headers-5.15.0-1042 - 5.15.0-1042.48~20.04.1 linux-oracle-5.15-tools-5.15.0-1042 - 5.15.0-1042.48~20.04.1 linux-tools-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1044 - 5.15.0-1044.49~20.04.1 linux-aws-5.15-headers-5.15.0-1044 - 5.15.0-1044.49~20.04.1 linux-aws-5.15-tools-5.15.0-1044 - 5.15.0-1044.49~20.04.1 linux-buildinfo-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-cloud-tools-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-headers-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-image-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-image-unsigned-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-modules-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-modules-extra-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-tools-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1037.40~20.04.9 linux-headers-ibm-edge - 5.15.0.1037.40~20.04.9 linux-ibm - 5.15.0.1037.40~20.04.9 linux-ibm-edge - 5.15.0.1037.40~20.04.9 linux-image-ibm - 5.15.0.1037.40~20.04.9 linux-image-ibm-edge - 5.15.0.1037.40~20.04.9 linux-tools-ibm - 5.15.0.1037.40~20.04.9 linux-tools-ibm-edge - 5.15.0.1037.40~20.04.9 No subscription required linux-headers-oracle - 5.15.0.1042.48~20.04.1 linux-headers-oracle-edge - 5.15.0.1042.48~20.04.1 linux-image-oracle - 5.15.0.1042.48~20.04.1 linux-image-oracle-edge - 5.15.0.1042.48~20.04.1 linux-oracle - 5.15.0.1042.48~20.04.1 linux-oracle-edge - 5.15.0.1042.48~20.04.1 linux-tools-oracle - 5.15.0.1042.48~20.04.1 linux-tools-oracle-edge - 5.15.0.1042.48~20.04.1 No subscription required linux-aws - 5.15.0.1044.49~20.04.32 linux-aws-edge - 5.15.0.1044.49~20.04.32 linux-headers-aws - 5.15.0.1044.49~20.04.32 linux-headers-aws-edge - 5.15.0.1044.49~20.04.32 linux-image-aws - 5.15.0.1044.49~20.04.32 linux-image-aws-edge - 5.15.0.1044.49~20.04.32 linux-modules-extra-aws - 5.15.0.1044.49~20.04.32 linux-modules-extra-aws-edge - 5.15.0.1044.49~20.04.32 linux-tools-aws - 5.15.0.1044.49~20.04.32 linux-tools-aws-edge - 5.15.0.1044.49~20.04.32 No subscription required Medium CVE-2022-48425 CVE-2023-21255 CVE-2023-2898 CVE-2023-31084 CVE-2023-3212 CVE-2023-38426 CVE-2023-38428 CVE-2023-38429 Ubuntu 20.04 LTS It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions. (CVE-2020-13933, CVE-2020-17510) Update Instructions: Run `sudo pro fix USN-6352-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libshiro-java - 1.3.2-4ubuntu0.2 No subscription required Medium CVE-2020-13933 CVE-2020-17510 Ubuntu 20.04 LTS Wooseok Kang discovered that PLIB did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted TGA file, an attacker could possibly use this issue to cause applications using PLIB to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6353-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libplib-dev - 1.8.5-8ubuntu0.20.04.1 libplib1 - 1.8.5-8ubuntu0.20.04.1 No subscription required Medium CVE-2021-38714 Ubuntu 20.04 LTS Daniel Axtens discovered that specially crafted images could cause a heap-based out-of-bonds write. A local attacker could possibly use this to circumvent secure boot protections. (CVE-2021-3695) Daniel Axtens discovered that specially crafted images could cause out-of-bonds read and write. A local attacker could possibly use this to circumvent secure boot protections. (CVE-2021-3696) Daniel Axtens discovered that specially crafted images could cause buffer underwrite which allows arbitrary data to be written to a heap. A local attacker could possibly use this to circumvent secure boot protections. (CVE-2021-3697) It was discovered that GRUB2 configuration files were created with the wrong permissions. An attacker could possibly use this to leak encrypted passwords. (CVE-2021-3981) Daniel Axtens discovered that specially crafted IP packets could cause an integer underflow and write past the end of a buffer. An attacker could possibly use this to circumvent secure boot protections. (CVE-2022-28733) Daniel Axtens discovered that specially crafted HTTP headers can cause an out-of-bounds write of a NULL byte. An attacker could possibly use this to corrupt GRUB2's internal data. (CVE-2022-28734) Julian Andres Klode discovered that GRUB2 shim_lock allowed non- kernel files to be loaded. A local attack could possibly use this to circumvent secure boot protections. (CVE-2022-28735) Chris Coulson discovered that executing chainloaders more than once caused a use-after-free vulnerability. A local attack could possibly use this to circumvent secure boot protections. (CVE-2022-28736) Chris Coulson discovered that specially crafted executables could cause shim to make out-of-bound writes. A local attack could possibly use this to circumvent secure boot protections. (CVE-2022-28737) Zhang Boyang discovered that specially crafted unicode sequences could lead to an out-of-bounds write to a heap. A local attacker could possibly use this to circumvent secure boot protections. (CVE-2022-3775) Update Instructions: Run `sudo pro fix USN-6355-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: grub-efi-amd64-signed - 1.187.3~20.04.1+2.06-2ubuntu14.1 grub-efi-arm64-signed - 1.187.3~20.04.1+2.06-2ubuntu14.1 No subscription required shim-signed - 1.40.9+15.7-0ubuntu1 No subscription required shim - 15.7-0ubuntu1 No subscription required grub-efi-amd64 - 2.06-2ubuntu14.1 grub-efi-amd64-bin - 2.06-2ubuntu14.1 grub-efi-arm64 - 2.06-2ubuntu14.1 grub-efi-arm64-bin - 2.06-2ubuntu14.1 No subscription required Medium CVE-2022-28737 CVE-2021-3695 CVE-2021-3696 CVE-2021-3697 CVE-2021-3981 CVE-2022-28733 CVE-2022-28734 CVE-2022-28735 CVE-2022-28736 CVE-2022-3775 https://launchpad.net/bugs/2029518 Ubuntu 20.04 LTS Jianjun Chen, Vern Paxson and Jian Jiang discovered that OpenDMARC incorrectly handled certain inputs. If a user or an automated system were tricked into receiving crafted inputs, an attacker could possibly use this to falsify the domain of an e-mails origin. (CVE-2020-12272) Patrik Lantz discovered that OpenDMARC incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-12460) Update Instructions: Run `sudo pro fix USN-6356-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopendmarc-dev - 1.3.2-7ubuntu0.1 libopendmarc2 - 1.3.2-7ubuntu0.1 opendmarc - 1.3.2-7ubuntu0.1 No subscription required Medium CVE-2020-12272 CVE-2020-12460 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update Instructions: Run `sudo pro fix USN-6357-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1056-ibm - 5.4.0-1056.61 linux-headers-5.4.0-1056-ibm - 5.4.0-1056.61 linux-ibm-cloud-tools-common - 5.4.0-1056.61 linux-ibm-headers-5.4.0-1056 - 5.4.0-1056.61 linux-ibm-source-5.4.0 - 5.4.0-1056.61 linux-ibm-tools-5.4.0-1056 - 5.4.0-1056.61 linux-ibm-tools-common - 5.4.0-1056.61 linux-image-5.4.0-1056-ibm - 5.4.0-1056.61 linux-image-unsigned-5.4.0-1056-ibm - 5.4.0-1056.61 linux-modules-5.4.0-1056-ibm - 5.4.0-1056.61 linux-modules-extra-5.4.0-1056-ibm - 5.4.0-1056.61 linux-tools-5.4.0-1056-ibm - 5.4.0-1056.61 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1056.85 linux-ibm-lts-20.04 - 5.4.0.1056.85 linux-image-ibm-lts-20.04 - 5.4.0.1056.85 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1056.85 linux-tools-ibm-lts-20.04 - 5.4.0.1056.85 No subscription required High CVE-2022-40982 CVE-2023-2002 CVE-2023-20593 CVE-2023-21255 CVE-2023-2163 CVE-2023-2269 CVE-2023-31084 CVE-2023-3268 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 Ubuntu 20.04 LTS It was discovered that RedCloth incorrectly handled certain inputs during html sanitisation. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6358-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-redcloth - 4.3.2-3+deb10u1build0.20.04.1 No subscription required Medium CVE-2023-31606 Ubuntu 20.04 LTS It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause FLAC to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6360-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: flac - 1.3.3-1ubuntu0.2 libflac++-dev - 1.3.3-1ubuntu0.2 libflac++6v5 - 1.3.3-1ubuntu0.2 libflac-dev - 1.3.3-1ubuntu0.2 libflac-doc - 1.3.3-1ubuntu0.2 libflac8 - 1.3.3-1ubuntu0.2 No subscription required Medium CVE-2020-22219 Ubuntu 20.04 LTS It was discovered that CUPS incorrectly authenticated certain remote requests. A remote attacker could possibly use this issue to obtain recently printed documents. Update Instructions: Run `sudo pro fix USN-6361-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cups - 2.3.1-9ubuntu1.5 cups-bsd - 2.3.1-9ubuntu1.5 cups-client - 2.3.1-9ubuntu1.5 cups-common - 2.3.1-9ubuntu1.5 cups-core-drivers - 2.3.1-9ubuntu1.5 cups-daemon - 2.3.1-9ubuntu1.5 cups-ipp-utils - 2.3.1-9ubuntu1.5 cups-ppdc - 2.3.1-9ubuntu1.5 cups-server-common - 2.3.1-9ubuntu1.5 libcups2 - 2.3.1-9ubuntu1.5 libcups2-dev - 2.3.1-9ubuntu1.5 libcupsimage2 - 2.3.1-9ubuntu1.5 libcupsimage2-dev - 2.3.1-9ubuntu1.5 No subscription required Medium CVE-2023-32360 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-21710) It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2020-21890) Update Instructions: Run `sudo pro fix USN-6364-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.10 ghostscript-doc - 9.50~dfsg-5ubuntu4.10 ghostscript-x - 9.50~dfsg-5ubuntu4.10 libgs-dev - 9.50~dfsg-5ubuntu4.10 libgs9 - 9.50~dfsg-5ubuntu4.10 libgs9-common - 9.50~dfsg-5ubuntu4.10 No subscription required Medium CVE-2020-21710 CVE-2020-21890 Ubuntu 20.04 LTS It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations. Update Instructions: Run `sudo pro fix USN-6365-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: open-vm-tools - 2:11.3.0-2ubuntu0~ubuntu20.04.6 open-vm-tools-desktop - 2:11.3.0-2ubuntu0~ubuntu20.04.6 open-vm-tools-dev - 2:11.3.0-2ubuntu0~ubuntu20.04.6 open-vm-tools-sdmp - 2:11.3.0-2ubuntu0~ubuntu20.04.6 No subscription required Medium CVE-2023-20900 Ubuntu 20.04 LTS It was discovered that Firefox did not properly manage memory when handling WebP images. If a user were tricked into opening a webpage containing malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code. (CVE-2023-4863) Update Instructions: Run `sudo pro fix USN-6367-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 117.0.1+build2-0ubuntu0.20.04.1 firefox-dev - 117.0.1+build2-0ubuntu0.20.04.1 firefox-geckodriver - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-af - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-an - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ar - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-as - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ast - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-az - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-be - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bg - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bn - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-br - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bs - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ca - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cak - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cs - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-csb - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cy - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-da - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-de - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-el - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-en - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eo - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-es - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-et - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eu - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fa - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fi - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fr - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fy - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ga - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gd - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gl - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gn - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gu - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-he - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hi - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hr - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hu - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hy - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ia - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-id - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-is - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-it - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ja - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ka - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kab - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kk - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-km - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kn - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ko - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ku - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lg - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lt - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lv - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mai - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mk - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ml - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mn - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mr - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ms - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-my - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nb - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ne - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nl - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nn - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nso - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-oc - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-or - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pa - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pl - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pt - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ro - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ru - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-si - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sk - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sl - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sq - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sr - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sv - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sw - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-szl - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ta - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-te - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-tg - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-th - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-tr - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uk - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ur - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uz - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-vi - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-xh - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zu - 117.0.1+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 117.0.1+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-4863 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-4573, CVE-2023-4574, CVE-2023-4575, CVE-2023-4581, CVE-2023-4584) It was discovered that Thunderbird did not properly manage memory when handling WebP images. If a user were tricked into opening a malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code. (CVE-2023-4863) Update Instructions: Run `sudo pro fix USN-6368-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.15.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.15.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.15.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.15.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-4573 CVE-2023-4574 CVE-2023-4575 CVE-2023-4581 CVE-2023-4584 CVE-2023-4863 Ubuntu 20.04 LTS It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6369-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwebp-dev - 0.6.1-2ubuntu0.20.04.3 libwebp6 - 0.6.1-2ubuntu0.20.04.3 libwebpdemux2 - 0.6.1-2ubuntu0.20.04.3 libwebpmux3 - 0.6.1-2ubuntu0.20.04.3 webp - 0.6.1-2ubuntu0.20.04.3 No subscription required Medium CVE-2023-4863 Ubuntu 20.04 LTS It was discovered that ModSecurity incorrectly handled certain nested JSON objects. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-42717) It was discovered that ModSecurity incorrectly handled certain HTTP multipart requests. A remote attacker could possibly use this issue to bypass ModSecurity restrictions. (CVE-2022-48279) It was discovered that ModSecurity incorrectly handled certain file uploads. A remote attacker could possibly use this issue to cause a buffer overflow and a firewall failure. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-24021) Update Instructions: Run `sudo pro fix USN-6370-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-security2 - 2.9.3-1ubuntu0.1 No subscription required Medium CVE-2021-42717 CVE-2022-48279 CVE-2023-24021 Ubuntu 20.04 LTS It was discovered that libssh2 incorrectly handled memory access. An attacker could possibly use this issue to cause a crash. Update Instructions: Run `sudo pro fix USN-6371-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh2-1 - 1.8.0-2.1ubuntu0.1 libssh2-1-dev - 1.8.0-2.1ubuntu0.1 No subscription required Medium CVE-2020-22218 Ubuntu 20.04 LTS It was discovered that gawk could be made to read out of bounds when processing certain inputs. If a user or an automated system were tricked into opening a specially crafted input, an attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6373-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gawk - 1:5.0.1+dfsg-1ubuntu0.1 No subscription required Medium CVE-2023-4156 Ubuntu 20.04 LTS It was discovered that Mutt incorrectly handled certain email header contents. If a user were tricked into opening a specially crafted message, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-4874, CVE-2023-4875) Update Instructions: Run `sudo pro fix USN-6374-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mutt - 1.13.2-1ubuntu0.6 No subscription required Medium CVE-2023-4874 CVE-2023-4875 Ubuntu 20.04 LTS It was discovered that c-ares incorrectly parsed certain SOA replies. A remote attacker could possibly use this issue to cause c-res to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6376-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc-ares-dev - 1.15.0-1ubuntu0.4 libc-ares2 - 1.15.0-1ubuntu0.4 No subscription required Medium CVE-2020-22217 Ubuntu 20.04 LTS It was discovered that LibRaw incorrectly handled certain photo files. If a user o automated system were tricked into processing a specially crafted photo file, a remote attacker could possibly cause applications linked against LibRaw to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6377-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libraw-bin - 0.19.5-1ubuntu1.3 libraw-dev - 0.19.5-1ubuntu1.3 libraw-doc - 0.19.5-1ubuntu1.3 libraw19 - 0.19.5-1ubuntu1.3 No subscription required Medium CVE-2020-22628 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain URIs with a very large number of Unicode characters. A remote attacker could possibly use this issue to cause Django to consume resources or crash, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6378-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 2:2.2.12-1ubuntu0.19 python3-django - 2:2.2.12-1ubuntu0.19 No subscription required Medium CVE-2023-41164 Ubuntu 20.04 LTS It was discovered that vsftpd was vulnerable to the ALPACA TLS protocol content confusion attack. A remote attacker could possibly use this issue to redirect traffic from one subdomain to another. Update Instructions: Run `sudo pro fix USN-6379-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vsftpd - 3.0.5-0ubuntu0.20.04.1 No subscription required Low CVE-2021-3618 Ubuntu 20.04 LTS Rogier Schouten discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-15604) Ethan Rubinson discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-15605) Alyssa Wilk discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-15606) Tobias Niessen discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-8174) It was discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-8265, CVE-2020-8287) Update Instructions: Run `sudo pro fix USN-6380-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnode-dev - 10.19.0~dfsg-3ubuntu1.1 libnode64 - 10.19.0~dfsg-3ubuntu1.1 nodejs - 10.19.0~dfsg-3ubuntu1.1 nodejs-doc - 10.19.0~dfsg-3ubuntu1.1 No subscription required Medium CVE-2019-15604 CVE-2019-15605 CVE-2019-15606 CVE-2020-8174 CVE-2020-8265 CVE-2020-8287 Ubuntu 20.04 LTS It was discovered that Memcached incorrectly handled certain multi-packet uploads in UDP. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6382-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: memcached - 1.5.22-2ubuntu0.3 No subscription required Medium CVE-2022-48571 Ubuntu 20.04 LTS Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4128) Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-4569) Update Instructions: Run `sudo pro fix USN-6386-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-cloud-tools-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1028 - 5.15.0-1028.33~20.04.1 linux-gkeop-5.15-headers-5.15.0-1028 - 5.15.0-1028.33~20.04.1 linux-gkeop-5.15-tools-5.15.0-1028 - 5.15.0-1028.33~20.04.1 linux-headers-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-image-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-image-unsigned-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-modules-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-modules-extra-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-tools-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 No subscription required linux-buildinfo-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 linux-headers-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 linux-ibm-5.15-headers-5.15.0-1038 - 5.15.0-1038.41~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1038.41~20.04.1 linux-ibm-5.15-tools-5.15.0-1038 - 5.15.0-1038.41~20.04.1 linux-image-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 linux-image-unsigned-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 linux-modules-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 linux-modules-extra-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 linux-tools-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 No subscription required linux-buildinfo-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-gcp-5.15-headers-5.15.0-1042 - 5.15.0-1042.50~20.04.1 linux-gcp-5.15-tools-5.15.0-1042 - 5.15.0-1042.50~20.04.1 linux-headers-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-image-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-image-unsigned-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-modules-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-modules-extra-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-modules-iwlwifi-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-tools-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1045 - 5.15.0-1045.50~20.04.1 linux-aws-5.15-headers-5.15.0-1045 - 5.15.0-1045.50~20.04.1 linux-aws-5.15-tools-5.15.0-1045 - 5.15.0-1045.50~20.04.1 linux-buildinfo-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-cloud-tools-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-headers-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-image-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-image-unsigned-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-modules-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-modules-extra-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-tools-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1047 - 5.15.0-1047.54~20.04.1 linux-azure-5.15-headers-5.15.0-1047 - 5.15.0-1047.54~20.04.1 linux-azure-5.15-tools-5.15.0-1047 - 5.15.0-1047.54~20.04.1 linux-buildinfo-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-cloud-tools-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-headers-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-image-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-image-unsigned-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-modules-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-modules-extra-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-tools-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 No subscription required linux-image-5.15.0-1047-azure-fde - 5.15.0-1047.54~20.04.1.1 linux-image-unsigned-5.15.0-1047-azure-fde - 5.15.0-1047.54~20.04.1.1 No subscription required linux-buildinfo-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-buildinfo-5.15.0-84-generic-64k - 5.15.0-84.93~20.04.1 linux-buildinfo-5.15.0-84-generic-lpae - 5.15.0-84.93~20.04.1 linux-buildinfo-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-buildinfo-5.15.0-84-lowlatency-64k - 5.15.0-84.93~20.04.1 linux-cloud-tools-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-cloud-tools-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-headers-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-headers-5.15.0-84-generic-64k - 5.15.0-84.93~20.04.1 linux-headers-5.15.0-84-generic-lpae - 5.15.0-84.93~20.04.1 linux-headers-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-headers-5.15.0-84-lowlatency-64k - 5.15.0-84.93~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-84 - 5.15.0-84.93~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-84.93~20.04.1 linux-hwe-5.15-headers-5.15.0-84 - 5.15.0-84.93~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-84.93~20.04.1 linux-hwe-5.15-tools-5.15.0-84 - 5.15.0-84.93~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-84.93~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-84.93~20.04.1 linux-image-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-image-5.15.0-84-generic-64k - 5.15.0-84.93~20.04.1 linux-image-5.15.0-84-generic-lpae - 5.15.0-84.93~20.04.1 linux-image-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-image-5.15.0-84-lowlatency-64k - 5.15.0-84.93~20.04.1 linux-image-unsigned-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-image-unsigned-5.15.0-84-generic-64k - 5.15.0-84.93~20.04.1 linux-image-unsigned-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-image-unsigned-5.15.0-84-lowlatency-64k - 5.15.0-84.93~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-84 - 5.15.0-84.93~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-84.93~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-84 - 5.15.0-84.93~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-84 - 5.15.0-84.93~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-84.93~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-84.93~20.04.1 linux-modules-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-modules-5.15.0-84-generic-64k - 5.15.0-84.93~20.04.1 linux-modules-5.15.0-84-generic-lpae - 5.15.0-84.93~20.04.1 linux-modules-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-modules-5.15.0-84-lowlatency-64k - 5.15.0-84.93~20.04.1 linux-modules-extra-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-modules-iwlwifi-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-modules-iwlwifi-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-tools-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-tools-5.15.0-84-generic-64k - 5.15.0-84.93~20.04.1 linux-tools-5.15.0-84-generic-lpae - 5.15.0-84.93~20.04.1 linux-tools-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-tools-5.15.0-84-lowlatency-64k - 5.15.0-84.93~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1028.33~20.04.24 linux-cloud-tools-gkeop-edge - 5.15.0.1028.33~20.04.24 linux-gkeop-5.15 - 5.15.0.1028.33~20.04.24 linux-gkeop-edge - 5.15.0.1028.33~20.04.24 linux-headers-gkeop-5.15 - 5.15.0.1028.33~20.04.24 linux-headers-gkeop-edge - 5.15.0.1028.33~20.04.24 linux-image-gkeop-5.15 - 5.15.0.1028.33~20.04.24 linux-image-gkeop-edge - 5.15.0.1028.33~20.04.24 linux-modules-extra-gkeop-5.15 - 5.15.0.1028.33~20.04.24 linux-modules-extra-gkeop-edge - 5.15.0.1028.33~20.04.24 linux-tools-gkeop-5.15 - 5.15.0.1028.33~20.04.24 linux-tools-gkeop-edge - 5.15.0.1028.33~20.04.24 No subscription required linux-headers-ibm - 5.15.0.1038.41~20.04.10 linux-headers-ibm-edge - 5.15.0.1038.41~20.04.10 linux-ibm - 5.15.0.1038.41~20.04.10 linux-ibm-edge - 5.15.0.1038.41~20.04.10 linux-image-ibm - 5.15.0.1038.41~20.04.10 linux-image-ibm-edge - 5.15.0.1038.41~20.04.10 linux-tools-ibm - 5.15.0.1038.41~20.04.10 linux-tools-ibm-edge - 5.15.0.1038.41~20.04.10 No subscription required linux-gcp - 5.15.0.1042.50~20.04.1 linux-gcp-edge - 5.15.0.1042.50~20.04.1 linux-headers-gcp - 5.15.0.1042.50~20.04.1 linux-headers-gcp-edge - 5.15.0.1042.50~20.04.1 linux-image-gcp - 5.15.0.1042.50~20.04.1 linux-image-gcp-edge - 5.15.0.1042.50~20.04.1 linux-modules-extra-gcp - 5.15.0.1042.50~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1042.50~20.04.1 linux-tools-gcp - 5.15.0.1042.50~20.04.1 linux-tools-gcp-edge - 5.15.0.1042.50~20.04.1 No subscription required linux-aws - 5.15.0.1045.50~20.04.33 linux-aws-edge - 5.15.0.1045.50~20.04.33 linux-headers-aws - 5.15.0.1045.50~20.04.33 linux-headers-aws-edge - 5.15.0.1045.50~20.04.33 linux-image-aws - 5.15.0.1045.50~20.04.33 linux-image-aws-edge - 5.15.0.1045.50~20.04.33 linux-modules-extra-aws - 5.15.0.1045.50~20.04.33 linux-modules-extra-aws-edge - 5.15.0.1045.50~20.04.33 linux-tools-aws - 5.15.0.1045.50~20.04.33 linux-tools-aws-edge - 5.15.0.1045.50~20.04.33 No subscription required linux-azure-fde - 5.15.0.1047.54~20.04.1.25 linux-azure-fde-edge - 5.15.0.1047.54~20.04.1.25 linux-cloud-tools-azure-fde - 5.15.0.1047.54~20.04.1.25 linux-cloud-tools-azure-fde-edge - 5.15.0.1047.54~20.04.1.25 linux-headers-azure-fde - 5.15.0.1047.54~20.04.1.25 linux-headers-azure-fde-edge - 5.15.0.1047.54~20.04.1.25 linux-image-azure-fde - 5.15.0.1047.54~20.04.1.25 linux-image-azure-fde-edge - 5.15.0.1047.54~20.04.1.25 linux-modules-extra-azure-fde - 5.15.0.1047.54~20.04.1.25 linux-modules-extra-azure-fde-edge - 5.15.0.1047.54~20.04.1.25 linux-tools-azure-fde - 5.15.0.1047.54~20.04.1.25 linux-tools-azure-fde-edge - 5.15.0.1047.54~20.04.1.25 No subscription required linux-azure - 5.15.0.1047.54~20.04.36 linux-azure-cvm - 5.15.0.1047.54~20.04.36 linux-azure-edge - 5.15.0.1047.54~20.04.36 linux-cloud-tools-azure - 5.15.0.1047.54~20.04.36 linux-cloud-tools-azure-cvm - 5.15.0.1047.54~20.04.36 linux-cloud-tools-azure-edge - 5.15.0.1047.54~20.04.36 linux-headers-azure - 5.15.0.1047.54~20.04.36 linux-headers-azure-cvm - 5.15.0.1047.54~20.04.36 linux-headers-azure-edge - 5.15.0.1047.54~20.04.36 linux-image-azure - 5.15.0.1047.54~20.04.36 linux-image-azure-cvm - 5.15.0.1047.54~20.04.36 linux-image-azure-edge - 5.15.0.1047.54~20.04.36 linux-modules-extra-azure - 5.15.0.1047.54~20.04.36 linux-modules-extra-azure-cvm - 5.15.0.1047.54~20.04.36 linux-modules-extra-azure-edge - 5.15.0.1047.54~20.04.36 linux-tools-azure - 5.15.0.1047.54~20.04.36 linux-tools-azure-cvm - 5.15.0.1047.54~20.04.36 linux-tools-azure-edge - 5.15.0.1047.54~20.04.36 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-headers-lowlatency-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-image-lowlatency-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-lowlatency-64k-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-lowlatency-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-lowlatency-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-tools-lowlatency-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.84.93~20.04.39 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-generic-64k-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-generic-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-generic-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-generic-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-generic-lpae-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-generic-lpae-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-headers-generic-64k-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-headers-generic-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-headers-generic-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-headers-oem-20.04 - 5.15.0.84.93~20.04.42 linux-headers-oem-20.04b - 5.15.0.84.93~20.04.42 linux-headers-oem-20.04c - 5.15.0.84.93~20.04.42 linux-headers-oem-20.04d - 5.15.0.84.93~20.04.42 linux-headers-virtual-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-headers-virtual-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-image-extra-virtual-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-image-generic-64k-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-image-generic-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-image-generic-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-image-generic-lpae-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-image-oem-20.04 - 5.15.0.84.93~20.04.42 linux-image-oem-20.04b - 5.15.0.84.93~20.04.42 linux-image-oem-20.04c - 5.15.0.84.93~20.04.42 linux-image-oem-20.04d - 5.15.0.84.93~20.04.42 linux-image-virtual-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-image-virtual-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-modules-iwlwifi-oem-20.04 - 5.15.0.84.93~20.04.42 linux-modules-iwlwifi-oem-20.04d - 5.15.0.84.93~20.04.42 linux-oem-20.04 - 5.15.0.84.93~20.04.42 linux-oem-20.04b - 5.15.0.84.93~20.04.42 linux-oem-20.04c - 5.15.0.84.93~20.04.42 linux-oem-20.04d - 5.15.0.84.93~20.04.42 linux-tools-generic-64k-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-tools-generic-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-tools-generic-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-tools-oem-20.04 - 5.15.0.84.93~20.04.42 linux-tools-oem-20.04b - 5.15.0.84.93~20.04.42 linux-tools-oem-20.04c - 5.15.0.84.93~20.04.42 linux-tools-oem-20.04d - 5.15.0.84.93~20.04.42 linux-tools-virtual-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-tools-virtual-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-virtual-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-virtual-hwe-20.04-edge - 5.15.0.84.93~20.04.42 No subscription required High CVE-2023-20588 CVE-2023-40283 CVE-2023-4569 Ubuntu 20.04 LTS Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4128) Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-4569) Update Instructions: Run `sudo pro fix USN-6386-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-cloud-tools-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-headers-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-image-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-image-unsigned-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1040.46~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1040.46~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1040.46~20.04.1 linux-modules-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-modules-extra-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-modules-iwlwifi-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-tools-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 No subscription required linux-buildinfo-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 linux-headers-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 linux-image-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 linux-image-unsigned-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 linux-modules-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 linux-modules-extra-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 linux-oracle-5.15-headers-5.15.0-1044 - 5.15.0-1044.50~20.04.1 linux-oracle-5.15-tools-5.15.0-1044 - 5.15.0-1044.50~20.04.1 linux-tools-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1040.46~20.04.31 linux-headers-intel - 5.15.0.1040.46~20.04.31 linux-headers-intel-iotg - 5.15.0.1040.46~20.04.31 linux-headers-intel-iotg-edge - 5.15.0.1040.46~20.04.31 linux-image-intel - 5.15.0.1040.46~20.04.31 linux-image-intel-iotg - 5.15.0.1040.46~20.04.31 linux-image-intel-iotg-edge - 5.15.0.1040.46~20.04.31 linux-intel - 5.15.0.1040.46~20.04.31 linux-intel-iotg - 5.15.0.1040.46~20.04.31 linux-intel-iotg-edge - 5.15.0.1040.46~20.04.31 linux-tools-intel - 5.15.0.1040.46~20.04.31 linux-tools-intel-iotg - 5.15.0.1040.46~20.04.31 linux-tools-intel-iotg-edge - 5.15.0.1040.46~20.04.31 No subscription required linux-headers-oracle - 5.15.0.1044.50~20.04.1 linux-headers-oracle-edge - 5.15.0.1044.50~20.04.1 linux-image-oracle - 5.15.0.1044.50~20.04.1 linux-image-oracle-edge - 5.15.0.1044.50~20.04.1 linux-oracle - 5.15.0.1044.50~20.04.1 linux-oracle-edge - 5.15.0.1044.50~20.04.1 linux-tools-oracle - 5.15.0.1044.50~20.04.1 linux-tools-oracle-edge - 5.15.0.1044.50~20.04.1 No subscription required High CVE-2023-20588 CVE-2023-40283 CVE-2023-4569 Ubuntu 20.04 LTS Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4128) Update Instructions: Run `sudo pro fix USN-6387-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1022-iot - 5.4.0-1022.23 linux-headers-5.4.0-1022-iot - 5.4.0-1022.23 linux-image-5.4.0-1022-iot - 5.4.0-1022.23 linux-image-unsigned-5.4.0-1022-iot - 5.4.0-1022.23 linux-iot-headers-5.4.0-1022 - 5.4.0-1022.23 linux-iot-tools-5.4.0-1022 - 5.4.0-1022.23 linux-iot-tools-common - 5.4.0-1022.23 linux-modules-5.4.0-1022-iot - 5.4.0-1022.23 linux-tools-5.4.0-1022-iot - 5.4.0-1022.23 No subscription required linux-buildinfo-5.4.0-1030-xilinx-zynqmp - 5.4.0-1030.34 linux-headers-5.4.0-1030-xilinx-zynqmp - 5.4.0-1030.34 linux-image-5.4.0-1030-xilinx-zynqmp - 5.4.0-1030.34 linux-modules-5.4.0-1030-xilinx-zynqmp - 5.4.0-1030.34 linux-tools-5.4.0-1030-xilinx-zynqmp - 5.4.0-1030.34 linux-xilinx-zynqmp-headers-5.4.0-1030 - 5.4.0-1030.34 linux-xilinx-zynqmp-tools-5.4.0-1030 - 5.4.0-1030.34 No subscription required linux-buildinfo-5.4.0-1057-ibm - 5.4.0-1057.62 linux-headers-5.4.0-1057-ibm - 5.4.0-1057.62 linux-ibm-cloud-tools-common - 5.4.0-1057.62 linux-ibm-headers-5.4.0-1057 - 5.4.0-1057.62 linux-ibm-source-5.4.0 - 5.4.0-1057.62 linux-ibm-tools-5.4.0-1057 - 5.4.0-1057.62 linux-ibm-tools-common - 5.4.0-1057.62 linux-image-5.4.0-1057-ibm - 5.4.0-1057.62 linux-image-unsigned-5.4.0-1057-ibm - 5.4.0-1057.62 linux-modules-5.4.0-1057-ibm - 5.4.0-1057.62 linux-modules-extra-5.4.0-1057-ibm - 5.4.0-1057.62 linux-tools-5.4.0-1057-ibm - 5.4.0-1057.62 No subscription required linux-buildinfo-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-cloud-tools-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-gkeop-cloud-tools-5.4.0-1077 - 5.4.0-1077.81 linux-gkeop-headers-5.4.0-1077 - 5.4.0-1077.81 linux-gkeop-source-5.4.0 - 5.4.0-1077.81 linux-gkeop-tools-5.4.0-1077 - 5.4.0-1077.81 linux-headers-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-image-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-image-unsigned-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-modules-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-modules-extra-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-tools-5.4.0-1077-gkeop - 5.4.0-1077.81 No subscription required linux-buildinfo-5.4.0-1099-kvm - 5.4.0-1099.105 linux-headers-5.4.0-1099-kvm - 5.4.0-1099.105 linux-image-5.4.0-1099-kvm - 5.4.0-1099.105 linux-image-unsigned-5.4.0-1099-kvm - 5.4.0-1099.105 linux-kvm-headers-5.4.0-1099 - 5.4.0-1099.105 linux-kvm-tools-5.4.0-1099 - 5.4.0-1099.105 linux-modules-5.4.0-1099-kvm - 5.4.0-1099.105 linux-tools-5.4.0-1099-kvm - 5.4.0-1099.105 No subscription required linux-buildinfo-5.4.0-1109-oracle - 5.4.0-1109.118 linux-headers-5.4.0-1109-oracle - 5.4.0-1109.118 linux-image-5.4.0-1109-oracle - 5.4.0-1109.118 linux-image-unsigned-5.4.0-1109-oracle - 5.4.0-1109.118 linux-modules-5.4.0-1109-oracle - 5.4.0-1109.118 linux-modules-extra-5.4.0-1109-oracle - 5.4.0-1109.118 linux-oracle-headers-5.4.0-1109 - 5.4.0-1109.118 linux-oracle-tools-5.4.0-1109 - 5.4.0-1109.118 linux-tools-5.4.0-1109-oracle - 5.4.0-1109.118 No subscription required linux-aws-cloud-tools-5.4.0-1110 - 5.4.0-1110.119 linux-aws-headers-5.4.0-1110 - 5.4.0-1110.119 linux-aws-tools-5.4.0-1110 - 5.4.0-1110.119 linux-buildinfo-5.4.0-1110-aws - 5.4.0-1110.119 linux-cloud-tools-5.4.0-1110-aws - 5.4.0-1110.119 linux-headers-5.4.0-1110-aws - 5.4.0-1110.119 linux-image-5.4.0-1110-aws - 5.4.0-1110.119 linux-image-unsigned-5.4.0-1110-aws - 5.4.0-1110.119 linux-modules-5.4.0-1110-aws - 5.4.0-1110.119 linux-modules-extra-5.4.0-1110-aws - 5.4.0-1110.119 linux-tools-5.4.0-1110-aws - 5.4.0-1110.119 No subscription required linux-buildinfo-5.4.0-1113-gcp - 5.4.0-1113.122 linux-gcp-headers-5.4.0-1113 - 5.4.0-1113.122 linux-gcp-tools-5.4.0-1113 - 5.4.0-1113.122 linux-headers-5.4.0-1113-gcp - 5.4.0-1113.122 linux-image-5.4.0-1113-gcp - 5.4.0-1113.122 linux-image-unsigned-5.4.0-1113-gcp - 5.4.0-1113.122 linux-modules-5.4.0-1113-gcp - 5.4.0-1113.122 linux-modules-extra-5.4.0-1113-gcp - 5.4.0-1113.122 linux-tools-5.4.0-1113-gcp - 5.4.0-1113.122 No subscription required linux-azure-cloud-tools-5.4.0-1116 - 5.4.0-1116.123 linux-azure-headers-5.4.0-1116 - 5.4.0-1116.123 linux-azure-tools-5.4.0-1116 - 5.4.0-1116.123 linux-buildinfo-5.4.0-1116-azure - 5.4.0-1116.123 linux-cloud-tools-5.4.0-1116-azure - 5.4.0-1116.123 linux-headers-5.4.0-1116-azure - 5.4.0-1116.123 linux-image-5.4.0-1116-azure - 5.4.0-1116.123 linux-image-unsigned-5.4.0-1116-azure - 5.4.0-1116.123 linux-modules-5.4.0-1116-azure - 5.4.0-1116.123 linux-modules-extra-5.4.0-1116-azure - 5.4.0-1116.123 linux-tools-5.4.0-1116-azure - 5.4.0-1116.123 No subscription required linux-buildinfo-5.4.0-163-generic - 5.4.0-163.180 linux-buildinfo-5.4.0-163-generic-lpae - 5.4.0-163.180 linux-buildinfo-5.4.0-163-lowlatency - 5.4.0-163.180 linux-cloud-tools-5.4.0-163 - 5.4.0-163.180 linux-cloud-tools-5.4.0-163-generic - 5.4.0-163.180 linux-cloud-tools-5.4.0-163-lowlatency - 5.4.0-163.180 linux-cloud-tools-common - 5.4.0-163.180 linux-doc - 5.4.0-163.180 linux-headers-5.4.0-163 - 5.4.0-163.180 linux-headers-5.4.0-163-generic - 5.4.0-163.180 linux-headers-5.4.0-163-generic-lpae - 5.4.0-163.180 linux-headers-5.4.0-163-lowlatency - 5.4.0-163.180 linux-image-5.4.0-163-generic - 5.4.0-163.180 linux-image-5.4.0-163-generic-lpae - 5.4.0-163.180 linux-image-5.4.0-163-lowlatency - 5.4.0-163.180 linux-image-unsigned-5.4.0-163-generic - 5.4.0-163.180 linux-image-unsigned-5.4.0-163-lowlatency - 5.4.0-163.180 linux-libc-dev - 5.4.0-163.180 linux-modules-5.4.0-163-generic - 5.4.0-163.180 linux-modules-5.4.0-163-generic-lpae - 5.4.0-163.180 linux-modules-5.4.0-163-lowlatency - 5.4.0-163.180 linux-modules-extra-5.4.0-163-generic - 5.4.0-163.180 linux-source-5.4.0 - 5.4.0-163.180 linux-tools-5.4.0-163 - 5.4.0-163.180 linux-tools-5.4.0-163-generic - 5.4.0-163.180 linux-tools-5.4.0-163-generic-lpae - 5.4.0-163.180 linux-tools-5.4.0-163-lowlatency - 5.4.0-163.180 linux-tools-common - 5.4.0-163.180 linux-tools-host - 5.4.0-163.180 No subscription required linux-headers-iot - 5.4.0.1022.20 linux-image-iot - 5.4.0.1022.20 linux-iot - 5.4.0.1022.20 linux-tools-iot - 5.4.0.1022.20 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1030.32 linux-image-xilinx-zynqmp - 5.4.0.1030.32 linux-tools-xilinx-zynqmp - 5.4.0.1030.32 linux-xilinx-zynqmp - 5.4.0.1030.32 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1057.86 linux-ibm-lts-20.04 - 5.4.0.1057.86 linux-image-ibm-lts-20.04 - 5.4.0.1057.86 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1057.86 linux-tools-ibm-lts-20.04 - 5.4.0.1057.86 No subscription required linux-cloud-tools-gkeop - 5.4.0.1077.75 linux-cloud-tools-gkeop-5.4 - 5.4.0.1077.75 linux-gkeop - 5.4.0.1077.75 linux-gkeop-5.4 - 5.4.0.1077.75 linux-headers-gkeop - 5.4.0.1077.75 linux-headers-gkeop-5.4 - 5.4.0.1077.75 linux-image-gkeop - 5.4.0.1077.75 linux-image-gkeop-5.4 - 5.4.0.1077.75 linux-modules-extra-gkeop - 5.4.0.1077.75 linux-modules-extra-gkeop-5.4 - 5.4.0.1077.75 linux-tools-gkeop - 5.4.0.1077.75 linux-tools-gkeop-5.4 - 5.4.0.1077.75 No subscription required linux-headers-kvm - 5.4.0.1099.94 linux-image-kvm - 5.4.0.1099.94 linux-kvm - 5.4.0.1099.94 linux-tools-kvm - 5.4.0.1099.94 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1109.102 linux-image-oracle-lts-20.04 - 5.4.0.1109.102 linux-oracle-lts-20.04 - 5.4.0.1109.102 linux-tools-oracle-lts-20.04 - 5.4.0.1109.102 No subscription required linux-aws-lts-20.04 - 5.4.0.1110.107 linux-headers-aws-lts-20.04 - 5.4.0.1110.107 linux-image-aws-lts-20.04 - 5.4.0.1110.107 linux-modules-extra-aws-lts-20.04 - 5.4.0.1110.107 linux-tools-aws-lts-20.04 - 5.4.0.1110.107 No subscription required linux-gcp-lts-20.04 - 5.4.0.1113.115 linux-headers-gcp-lts-20.04 - 5.4.0.1113.115 linux-image-gcp-lts-20.04 - 5.4.0.1113.115 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1113.115 linux-tools-gcp-lts-20.04 - 5.4.0.1113.115 No subscription required linux-azure-lts-20.04 - 5.4.0.1116.109 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1116.109 linux-headers-azure-lts-20.04 - 5.4.0.1116.109 linux-image-azure-lts-20.04 - 5.4.0.1116.109 linux-modules-extra-azure-lts-20.04 - 5.4.0.1116.109 linux-tools-azure-lts-20.04 - 5.4.0.1116.109 No subscription required linux-cloud-tools-generic - 5.4.0.163.160 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.163.160 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.163.160 linux-cloud-tools-lowlatency - 5.4.0.163.160 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.163.160 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.163.160 linux-cloud-tools-virtual - 5.4.0.163.160 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.163.160 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.163.160 linux-crashdump - 5.4.0.163.160 linux-generic - 5.4.0.163.160 linux-generic-hwe-18.04 - 5.4.0.163.160 linux-generic-hwe-18.04-edge - 5.4.0.163.160 linux-generic-lpae - 5.4.0.163.160 linux-generic-lpae-hwe-18.04 - 5.4.0.163.160 linux-generic-lpae-hwe-18.04-edge - 5.4.0.163.160 linux-headers-generic - 5.4.0.163.160 linux-headers-generic-hwe-18.04 - 5.4.0.163.160 linux-headers-generic-hwe-18.04-edge - 5.4.0.163.160 linux-headers-generic-lpae - 5.4.0.163.160 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.163.160 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.163.160 linux-headers-lowlatency - 5.4.0.163.160 linux-headers-lowlatency-hwe-18.04 - 5.4.0.163.160 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.163.160 linux-headers-oem - 5.4.0.163.160 linux-headers-oem-osp1 - 5.4.0.163.160 linux-headers-virtual - 5.4.0.163.160 linux-headers-virtual-hwe-18.04 - 5.4.0.163.160 linux-headers-virtual-hwe-18.04-edge - 5.4.0.163.160 linux-image-extra-virtual - 5.4.0.163.160 linux-image-extra-virtual-hwe-18.04 - 5.4.0.163.160 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.163.160 linux-image-generic - 5.4.0.163.160 linux-image-generic-hwe-18.04 - 5.4.0.163.160 linux-image-generic-hwe-18.04-edge - 5.4.0.163.160 linux-image-generic-lpae - 5.4.0.163.160 linux-image-generic-lpae-hwe-18.04 - 5.4.0.163.160 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.163.160 linux-image-lowlatency - 5.4.0.163.160 linux-image-lowlatency-hwe-18.04 - 5.4.0.163.160 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.163.160 linux-image-oem - 5.4.0.163.160 linux-image-oem-osp1 - 5.4.0.163.160 linux-image-virtual - 5.4.0.163.160 linux-image-virtual-hwe-18.04 - 5.4.0.163.160 linux-image-virtual-hwe-18.04-edge - 5.4.0.163.160 linux-lowlatency - 5.4.0.163.160 linux-lowlatency-hwe-18.04 - 5.4.0.163.160 linux-lowlatency-hwe-18.04-edge - 5.4.0.163.160 linux-oem - 5.4.0.163.160 linux-oem-osp1 - 5.4.0.163.160 linux-oem-osp1-tools-host - 5.4.0.163.160 linux-oem-tools-host - 5.4.0.163.160 linux-source - 5.4.0.163.160 linux-tools-generic - 5.4.0.163.160 linux-tools-generic-hwe-18.04 - 5.4.0.163.160 linux-tools-generic-hwe-18.04-edge - 5.4.0.163.160 linux-tools-generic-lpae - 5.4.0.163.160 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.163.160 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.163.160 linux-tools-lowlatency - 5.4.0.163.160 linux-tools-lowlatency-hwe-18.04 - 5.4.0.163.160 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.163.160 linux-tools-oem - 5.4.0.163.160 linux-tools-oem-osp1 - 5.4.0.163.160 linux-tools-virtual - 5.4.0.163.160 linux-tools-virtual-hwe-18.04 - 5.4.0.163.160 linux-tools-virtual-hwe-18.04-edge - 5.4.0.163.160 linux-virtual - 5.4.0.163.160 linux-virtual-hwe-18.04 - 5.4.0.163.160 linux-virtual-hwe-18.04-edge - 5.4.0.163.160 No subscription required High CVE-2023-20588 CVE-2023-40283 Ubuntu 20.04 LTS Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4128) Update Instructions: Run `sudo pro fix USN-6387-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-headers-5.4.0-1071 - 5.4.0-1071.77 linux-bluefield-tools-5.4.0-1071 - 5.4.0-1071.77 linux-buildinfo-5.4.0-1071-bluefield - 5.4.0-1071.77 linux-headers-5.4.0-1071-bluefield - 5.4.0-1071.77 linux-image-5.4.0-1071-bluefield - 5.4.0-1071.77 linux-image-unsigned-5.4.0-1071-bluefield - 5.4.0-1071.77 linux-modules-5.4.0-1071-bluefield - 5.4.0-1071.77 linux-tools-5.4.0-1071-bluefield - 5.4.0-1071.77 No subscription required linux-buildinfo-5.4.0-1094-raspi - 5.4.0-1094.105 linux-headers-5.4.0-1094-raspi - 5.4.0-1094.105 linux-image-5.4.0-1094-raspi - 5.4.0-1094.105 linux-modules-5.4.0-1094-raspi - 5.4.0-1094.105 linux-raspi-headers-5.4.0-1094 - 5.4.0-1094.105 linux-raspi-tools-5.4.0-1094 - 5.4.0-1094.105 linux-tools-5.4.0-1094-raspi - 5.4.0-1094.105 No subscription required linux-bluefield - 5.4.0.1071.66 linux-headers-bluefield - 5.4.0.1071.66 linux-image-bluefield - 5.4.0.1071.66 linux-tools-bluefield - 5.4.0.1071.66 No subscription required linux-headers-raspi - 5.4.0.1094.124 linux-headers-raspi-hwe-18.04 - 5.4.0.1094.124 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1094.124 linux-headers-raspi2 - 5.4.0.1094.124 linux-headers-raspi2-hwe-18.04 - 5.4.0.1094.124 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1094.124 linux-image-raspi - 5.4.0.1094.124 linux-image-raspi-hwe-18.04 - 5.4.0.1094.124 linux-image-raspi-hwe-18.04-edge - 5.4.0.1094.124 linux-image-raspi2 - 5.4.0.1094.124 linux-image-raspi2-hwe-18.04 - 5.4.0.1094.124 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1094.124 linux-raspi - 5.4.0.1094.124 linux-raspi-hwe-18.04 - 5.4.0.1094.124 linux-raspi-hwe-18.04-edge - 5.4.0.1094.124 linux-raspi2 - 5.4.0.1094.124 linux-raspi2-hwe-18.04 - 5.4.0.1094.124 linux-raspi2-hwe-18.04-edge - 5.4.0.1094.124 linux-tools-raspi - 5.4.0.1094.124 linux-tools-raspi-hwe-18.04 - 5.4.0.1094.124 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1094.124 linux-tools-raspi2 - 5.4.0.1094.124 linux-tools-raspi2-hwe-18.04 - 5.4.0.1094.124 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1094.124 No subscription required High CVE-2023-20588 CVE-2023-40283 Ubuntu 20.04 LTS It was discovered that Indent incorrectly handled parsing certain source files. If a user or automated system were tricked into processing a specially crafted source file, a remote attacker could use this issue to cause Indent to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6389-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: indent - 2.2.12-1ubuntu0.20.04.1 indent-doc - 2.2.12-1ubuntu0.20.04.1 No subscription required Medium CVE-2023-40305 Ubuntu 20.04 LTS It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2023-3341) Robert Story discovered that Bind incorrectly handled certain DNS-over-TLS queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-4236) Update Instructions: Run `sudo pro fix USN-6390-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bind9 - 1:9.16.1-0ubuntu2.16 bind9-dnsutils - 1:9.16.1-0ubuntu2.16 bind9-doc - 1:9.16.1-0ubuntu2.16 bind9-host - 1:9.16.1-0ubuntu2.16 bind9-libs - 1:9.16.1-0ubuntu2.16 bind9-utils - 1:9.16.1-0ubuntu2.16 bind9utils - 1:9.16.1-0ubuntu2.16 dnsutils - 1:9.16.1-0ubuntu2.16 No subscription required Medium CVE-2023-3341 CVE-2023-4236 Ubuntu 20.04 LTS It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6391-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cups - 2.3.1-9ubuntu1.6 cups-bsd - 2.3.1-9ubuntu1.6 cups-client - 2.3.1-9ubuntu1.6 cups-common - 2.3.1-9ubuntu1.6 cups-core-drivers - 2.3.1-9ubuntu1.6 cups-daemon - 2.3.1-9ubuntu1.6 cups-ipp-utils - 2.3.1-9ubuntu1.6 cups-ppdc - 2.3.1-9ubuntu1.6 cups-server-common - 2.3.1-9ubuntu1.6 libcups2 - 2.3.1-9ubuntu1.6 libcups2-dev - 2.3.1-9ubuntu1.6 libcupsimage2 - 2.3.1-9ubuntu1.6 libcupsimage2-dev - 2.3.1-9ubuntu1.6 No subscription required Medium CVE-2023-4504 Ubuntu 20.04 LTS It was discovered that ImageMagick did not properly handle memory when processing the -help option. An attacker could potentially use this issue to cause a crash. Update Instructions: Run `sudo pro fix USN-6393-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Low CVE-2022-48541 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update Instructions: Run `sudo pro fix USN-6397-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-headers-5.4.0-1070 - 5.4.0-1070.76 linux-bluefield-tools-5.4.0-1070 - 5.4.0-1070.76 linux-buildinfo-5.4.0-1070-bluefield - 5.4.0-1070.76 linux-headers-5.4.0-1070-bluefield - 5.4.0-1070.76 linux-image-5.4.0-1070-bluefield - 5.4.0-1070.76 linux-image-unsigned-5.4.0-1070-bluefield - 5.4.0-1070.76 linux-modules-5.4.0-1070-bluefield - 5.4.0-1070.76 linux-tools-5.4.0-1070-bluefield - 5.4.0-1070.76 No subscription required linux-bluefield - 5.4.0.1070.65 linux-headers-bluefield - 5.4.0.1070.65 linux-image-bluefield - 5.4.0.1070.65 linux-tools-bluefield - 5.4.0.1070.65 No subscription required High CVE-2022-40982 CVE-2023-2002 CVE-2023-20593 CVE-2023-21255 CVE-2023-2163 CVE-2023-2269 CVE-2023-31084 CVE-2023-3268 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 Ubuntu 20.04 LTS It was discovered that ReadyMedia was vulnerable to DNS rebinding attacks. A remote attacker could possibly use this issue to trick the local DLNA server to leak information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-26505) It was discovered that ReadyMedia incorrectly handled certain HTTP requests using chunked transport encoding. A remote attacker could possibly use this issue to cause buffer overflows, resulting in out-of-bounds reads and writes. (CVE-2023-33476) Update Instructions: Run `sudo pro fix USN-6398-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: minidlna - 1.2.1+dfsg-1ubuntu0.20.04.2 No subscription required Medium CVE-2022-26505 CVE-2023-33476 Ubuntu 20.04 LTS It was discovered that FreeRDP did not properly manage certain inputs. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2023-39350, CVE-2023-39351, CVE-2023-39353, CVE-2023-39354, CVE-2023-40181, CVE-2023-40188, CVE-2023-40589) It was discovered that FreeRDP did not properly manage certain inputs. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-40186, CVE-2023-40567, CVE-2023-40569) Update Instructions: Run `sudo pro fix USN-6401-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freerdp2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.5 freerdp2-shadow-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.5 freerdp2-wayland - 2.2.0+dfsg1-0ubuntu0.20.04.5 freerdp2-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libfreerdp-client2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libfreerdp-server2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libfreerdp-shadow-subsystem2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libfreerdp-shadow2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libfreerdp2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libuwac0-0 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libuwac0-dev - 2.2.0+dfsg1-0ubuntu0.20.04.5 libwinpr-tools2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libwinpr2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libwinpr2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.5 winpr-utils - 2.2.0+dfsg1-0ubuntu0.20.04.5 No subscription required Medium CVE-2023-39350 CVE-2023-39351 CVE-2023-39353 CVE-2023-39354 CVE-2023-40181 CVE-2023-40186 CVE-2023-40188 CVE-2023-40567 CVE-2023-40569 CVE-2023-40589 Ubuntu 20.04 LTS It was discovered that LibTomMath incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code and cause a denial of service (DoS). Update Instructions: Run `sudo pro fix USN-6402-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtommath-dev - 1.2.0-3ubuntu0.1 libtommath-doc - 1.2.0-3ubuntu0.1 libtommath1 - 1.2.0-3ubuntu0.1 No subscription required Medium CVE-2023-36328 Ubuntu 20.04 LTS It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6403-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvpx-dev - 1.8.2-1ubuntu0.2 libvpx-doc - 1.8.2-1ubuntu0.2 libvpx6 - 1.8.2-1ubuntu0.2 vpx-tools - 1.8.2-1ubuntu0.2 No subscription required Medium CVE-2023-44488 CVE-2023-5217 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-5169, CVE-2023-5170, CVE-2023-5171, CVE-2023-5172, CVE-2023-5175, CVE-2023-5176) Ronald Crane discovered that Firefox did not properly manage memory when non-HTTPS Alternate Services (network.http.altsvc.oe) is enabled. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-5173) Clément Lecigne discovered that Firefox did not properly manage memory when handling VP8 media stream. An attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-5217) Update Instructions: Run `sudo pro fix USN-6404-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 118.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 118.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nl - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 118.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 118.0.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-5169 CVE-2023-5170 CVE-2023-5171 CVE-2023-5172 CVE-2023-5173 CVE-2023-5175 CVE-2023-5176 CVE-2023-5217 Ubuntu 20.04 LTS USN-6404-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-5169, CVE-2023-5170, CVE-2023-5171, CVE-2023-5172, CVE-2023-5175, CVE-2023-5176) Ronald Crane discovered that Firefox did not properly manage memory when non-HTTPS Alternate Services (network.http.altsvc.oe) is enabled. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-5173) Clément Lecigne discovered that Firefox did not properly manage memory when handling VP8 media stream. An attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-5217) Update Instructions: Run `sudo pro fix USN-6404-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 118.0.2+build2-0ubuntu0.20.04.1 firefox-dev - 118.0.2+build2-0ubuntu0.20.04.1 firefox-geckodriver - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-af - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-an - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ar - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-as - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ast - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-az - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-be - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-bg - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-bn - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-br - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-bs - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ca - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-cak - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-cs - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-csb - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-cy - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-da - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-de - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-el - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-en - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-eo - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-es - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-et - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-eu - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fa - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fi - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fr - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fy - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ga - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gd - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gl - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gn - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gu - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-he - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hi - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hr - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hu - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hy - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ia - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-id - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-is - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-it - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ja - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ka - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-kab - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-kk - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-km - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-kn - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ko - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ku - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-lg - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-lt - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-lv - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mai - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mk - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ml - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mn - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mr - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ms - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-my - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-nb - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ne - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-nl - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-nn - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-nso - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-oc - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-or - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-pa - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-pl - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-pt - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ro - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ru - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-si - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sk - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sl - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sq - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sr - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sv - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sw - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-szl - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ta - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-te - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-tg - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-th - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-tr - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-uk - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ur - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-uz - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-vi - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-xh - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-zu - 118.0.2+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 118.0.2+build2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2038977 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-4057, CVE-2023-4577, CVE-2023-4578, CVE-2023-4583, CVE-2023-4585, CVE-2023-5169, CVE-2023-5171, CVE-2023-5176) Andrew McCreight discovered that Thunderbird did not properly manage during the worker lifecycle. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-3600) Harveer Singh discovered that Thunderbird did not store push notifications in private browsing mode in encrypted form. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-4580) Clément Lecigne discovered that Thunderbird did not properly manage memory when handling VP8 media stream. An attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-5217) Update Instructions: Run `sudo pro fix USN-6405-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.3.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.3.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.3.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.3.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-3600 CVE-2023-4057 CVE-2023-4577 CVE-2023-4578 CVE-2023-4580 CVE-2023-4583 CVE-2023-4585 CVE-2023-5169 CVE-2023-5171 CVE-2023-5176 CVE-2023-5217 Ubuntu 20.04 LTS Gregory James Duck discovered that libx11 incorrectly handled certain keyboard symbols. If a user were tricked into connecting to a malicious X server, a remote attacker could use this issue to cause libx11 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-43785) Yair Mizrahi discovered that libx11 incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could possibly use this issue to consume memory, leading to a denial of service. (CVE-2023-43786) Yair Mizrahi discovered that libx11 incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could use this issue to cause libx11 to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2023-43787) Update Instructions: Run `sudo pro fix USN-6407-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libx11-6 - 2:1.6.9-2ubuntu1.6 libx11-data - 2:1.6.9-2ubuntu1.6 libx11-dev - 2:1.6.9-2ubuntu1.6 libx11-doc - 2:1.6.9-2ubuntu1.6 libx11-xcb-dev - 2:1.6.9-2ubuntu1.6 libx11-xcb1 - 2:1.6.9-2ubuntu1.6 No subscription required Medium CVE-2023-43785 CVE-2023-43786 CVE-2023-43787 Ubuntu 20.04 LTS Yair Mizrahi discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could possibly use this issue to consume memory, leading to a denial of service. (CVE-2023-43786) Yair Mizrahi discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could use this issue to cause libXpm to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2023-43787) Alan Coopersmith discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could possibly use this issue to cause libXpm to crash, leading to a denial of service. (CVE-2023-43788, CVE-2023-43789) Update Instructions: Run `sudo pro fix USN-6408-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxpm-dev - 1:3.5.12-1ubuntu0.20.04.2 libxpm4 - 1:3.5.12-1ubuntu0.20.04.2 xpmutils - 1:3.5.12-1ubuntu0.20.04.2 No subscription required Medium CVE-2023-43786 CVE-2023-43787 CVE-2023-43788 CVE-2023-43789 Ubuntu 20.04 LTS It was discovered that a specially crafted file system image could cause a heap-based out-of-bounds write. A local attacker could potentially use this to perform arbitrary code execution bypass and bypass secure boot protections. (CVE-2023-4692) It was discovered that a specially crafted file system image could cause an out-of-bounds read. A physically-present attacker could possibly use this to leak sensitive information to the GRUB pager. (CVE-2023-4693) Update Instructions: Run `sudo pro fix USN-6410-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: grub-efi-amd64-signed - 1.187.6~20.04.1+2.06-2ubuntu14.4 grub-efi-arm64-signed - 1.187.6~20.04.1+2.06-2ubuntu14.4 No subscription required Medium CVE-2023-4692 CVE-2023-4693 Ubuntu 20.04 LTS It was discovered that Exim incorrectly handled certain challenge requests. A remote attacker could possibly use this issue to perform out-of-bounds reads, resulting in information leakage. (CVE-2023-42114) It was discovered that Exim incorrectly handled validation of user-supplied data. A remote attacker could possibly use this issue to perform out-of-bounds writes, resulting in arbitrary code execution. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-42115) It was discovered that Exim incorrectly handled certain challenge requests. A remote attacker could possibly use this issue to perform out-of-bounds writes, resulting in arbitrary code execution. (CVE-2023-42116) Update Instructions: Run `sudo pro fix USN-6411-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4 - 4.93-13ubuntu1.8 exim4-base - 4.93-13ubuntu1.8 exim4-config - 4.93-13ubuntu1.8 exim4-daemon-heavy - 4.93-13ubuntu1.8 exim4-daemon-light - 4.93-13ubuntu1.8 exim4-dev - 4.93-13ubuntu1.8 eximon4 - 4.93-13ubuntu1.8 No subscription required Medium CVE-2023-42114 CVE-2023-42115 CVE-2023-42116 Ubuntu 20.04 LTS Wenchao Li discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6414-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 2:2.2.12-1ubuntu0.20 python3-django - 2:2.2.12-1ubuntu0.20 No subscription required Medium CVE-2023-43665 Ubuntu 20.04 LTS It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service (excessive CPU consumption). (CVE-2023-1206) Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2023-20569) It was discovered that the IPv6 RPL protocol implementation in the Linux kernel did not properly handle user-supplied data. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-2156) Davide Ornaghi discovered that the DECnet network protocol implementation in the Linux kernel contained a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Please note that kernel support for the DECnet has been removed to resolve this CVE. (CVE-2023-3338) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate command payload size, leading to a out-of-bounds read vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-38432) It was discovered that the NFC implementation in the Linux kernel contained a use-after-free vulnerability when performing peer-to-peer communication in certain conditions. A privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3863) Laurence Wit discovered that the KSMBD implementation in the Linux kernel did not properly validate a buffer size in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-3865) Laurence Wit discovered that the KSMBD implementation in the Linux kernel contained a null pointer dereference vulnerability when handling handling chained requests. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-3866) It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel did not properly handle device initialization failures in certain situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2023-4132) Andy Nguyen discovered that the KVM implementation for AMD processors in the Linux kernel with Secure Encrypted Virtualization (SEV) contained a race condition when accessing the GHCB page. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (host system crash). (CVE-2023-4155) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-4194) Maxim Suhanov discovered that the exFAT file system implementation in the Linux kernel did not properly check a file name length, leading to an out- of-bounds write vulnerability. An attacker could use this to construct a malicious exFAT image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4273) Thelford Williams discovered that the Ceph file system messenger protocol implementation in the Linux kernel did not properly validate frame segment length in certain situation, leading to a buffer overflow vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-44466) Update Instructions: Run `sudo pro fix USN-6416-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-cloud-tools-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1030 - 5.15.0-1030.35~20.04.1 linux-gkeop-5.15-headers-5.15.0-1030 - 5.15.0-1030.35~20.04.1 linux-gkeop-5.15-tools-5.15.0-1030 - 5.15.0-1030.35~20.04.1 linux-headers-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-image-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-image-unsigned-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-modules-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-modules-extra-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-tools-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 No subscription required linux-buildinfo-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 linux-headers-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 linux-ibm-5.15-headers-5.15.0-1040 - 5.15.0-1040.43~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1040.43~20.04.1 linux-ibm-5.15-tools-5.15.0-1040 - 5.15.0-1040.43~20.04.1 linux-image-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 linux-image-unsigned-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 linux-modules-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 linux-modules-extra-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 linux-tools-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 No subscription required linux-buildinfo-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-gcp-5.15-headers-5.15.0-1044 - 5.15.0-1044.52~20.04.1 linux-gcp-5.15-tools-5.15.0-1044 - 5.15.0-1044.52~20.04.1 linux-headers-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-image-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-image-unsigned-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-modules-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-modules-extra-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-modules-iwlwifi-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-tools-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1047 - 5.15.0-1047.52~20.04.1 linux-aws-5.15-headers-5.15.0-1047 - 5.15.0-1047.52~20.04.1 linux-aws-5.15-tools-5.15.0-1047 - 5.15.0-1047.52~20.04.1 linux-buildinfo-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-cloud-tools-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-headers-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-image-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-image-unsigned-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-modules-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-modules-extra-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-tools-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1049 - 5.15.0-1049.56~20.04.1 linux-azure-5.15-headers-5.15.0-1049 - 5.15.0-1049.56~20.04.1 linux-azure-5.15-tools-5.15.0-1049 - 5.15.0-1049.56~20.04.1 linux-buildinfo-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-cloud-tools-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-headers-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-image-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-image-unsigned-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-modules-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-modules-extra-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-tools-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 No subscription required linux-image-5.15.0-1049-azure-fde - 5.15.0-1049.56~20.04.1.1 linux-image-unsigned-5.15.0-1049-azure-fde - 5.15.0-1049.56~20.04.1.1 No subscription required linux-buildinfo-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-buildinfo-5.15.0-86-lowlatency-64k - 5.15.0-86.95~20.04.1 linux-cloud-tools-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-headers-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-headers-5.15.0-86-lowlatency-64k - 5.15.0-86.95~20.04.1 linux-image-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-image-5.15.0-86-lowlatency-64k - 5.15.0-86.95~20.04.1 linux-image-unsigned-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-image-unsigned-5.15.0-86-lowlatency-64k - 5.15.0-86.95~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-86 - 5.15.0-86.95~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-86.95~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-86 - 5.15.0-86.95~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-86 - 5.15.0-86.95~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-86.95~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-86.95~20.04.1 linux-modules-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-modules-5.15.0-86-lowlatency-64k - 5.15.0-86.95~20.04.1 linux-modules-iwlwifi-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-tools-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-tools-5.15.0-86-lowlatency-64k - 5.15.0-86.95~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1030.35~20.04.26 linux-cloud-tools-gkeop-edge - 5.15.0.1030.35~20.04.26 linux-gkeop-5.15 - 5.15.0.1030.35~20.04.26 linux-gkeop-edge - 5.15.0.1030.35~20.04.26 linux-headers-gkeop-5.15 - 5.15.0.1030.35~20.04.26 linux-headers-gkeop-edge - 5.15.0.1030.35~20.04.26 linux-image-gkeop-5.15 - 5.15.0.1030.35~20.04.26 linux-image-gkeop-edge - 5.15.0.1030.35~20.04.26 linux-modules-extra-gkeop-5.15 - 5.15.0.1030.35~20.04.26 linux-modules-extra-gkeop-edge - 5.15.0.1030.35~20.04.26 linux-tools-gkeop-5.15 - 5.15.0.1030.35~20.04.26 linux-tools-gkeop-edge - 5.15.0.1030.35~20.04.26 No subscription required linux-headers-ibm - 5.15.0.1040.43~20.04.12 linux-headers-ibm-edge - 5.15.0.1040.43~20.04.12 linux-ibm - 5.15.0.1040.43~20.04.12 linux-ibm-edge - 5.15.0.1040.43~20.04.12 linux-image-ibm - 5.15.0.1040.43~20.04.12 linux-image-ibm-edge - 5.15.0.1040.43~20.04.12 linux-tools-ibm - 5.15.0.1040.43~20.04.12 linux-tools-ibm-edge - 5.15.0.1040.43~20.04.12 No subscription required linux-gcp - 5.15.0.1044.52~20.04.1 linux-gcp-edge - 5.15.0.1044.52~20.04.1 linux-headers-gcp - 5.15.0.1044.52~20.04.1 linux-headers-gcp-edge - 5.15.0.1044.52~20.04.1 linux-image-gcp - 5.15.0.1044.52~20.04.1 linux-image-gcp-edge - 5.15.0.1044.52~20.04.1 linux-modules-extra-gcp - 5.15.0.1044.52~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1044.52~20.04.1 linux-tools-gcp - 5.15.0.1044.52~20.04.1 linux-tools-gcp-edge - 5.15.0.1044.52~20.04.1 No subscription required linux-aws - 5.15.0.1047.52~20.04.35 linux-aws-edge - 5.15.0.1047.52~20.04.35 linux-headers-aws - 5.15.0.1047.52~20.04.35 linux-headers-aws-edge - 5.15.0.1047.52~20.04.35 linux-image-aws - 5.15.0.1047.52~20.04.35 linux-image-aws-edge - 5.15.0.1047.52~20.04.35 linux-modules-extra-aws - 5.15.0.1047.52~20.04.35 linux-modules-extra-aws-edge - 5.15.0.1047.52~20.04.35 linux-tools-aws - 5.15.0.1047.52~20.04.35 linux-tools-aws-edge - 5.15.0.1047.52~20.04.35 No subscription required linux-azure-fde - 5.15.0.1049.56~20.04.1.27 linux-azure-fde-edge - 5.15.0.1049.56~20.04.1.27 linux-cloud-tools-azure-fde - 5.15.0.1049.56~20.04.1.27 linux-cloud-tools-azure-fde-edge - 5.15.0.1049.56~20.04.1.27 linux-headers-azure-fde - 5.15.0.1049.56~20.04.1.27 linux-headers-azure-fde-edge - 5.15.0.1049.56~20.04.1.27 linux-image-azure-fde - 5.15.0.1049.56~20.04.1.27 linux-image-azure-fde-edge - 5.15.0.1049.56~20.04.1.27 linux-modules-extra-azure-fde - 5.15.0.1049.56~20.04.1.27 linux-modules-extra-azure-fde-edge - 5.15.0.1049.56~20.04.1.27 linux-tools-azure-fde - 5.15.0.1049.56~20.04.1.27 linux-tools-azure-fde-edge - 5.15.0.1049.56~20.04.1.27 No subscription required linux-azure - 5.15.0.1049.56~20.04.38 linux-azure-cvm - 5.15.0.1049.56~20.04.38 linux-azure-edge - 5.15.0.1049.56~20.04.38 linux-cloud-tools-azure - 5.15.0.1049.56~20.04.38 linux-cloud-tools-azure-cvm - 5.15.0.1049.56~20.04.38 linux-cloud-tools-azure-edge - 5.15.0.1049.56~20.04.38 linux-headers-azure - 5.15.0.1049.56~20.04.38 linux-headers-azure-cvm - 5.15.0.1049.56~20.04.38 linux-headers-azure-edge - 5.15.0.1049.56~20.04.38 linux-image-azure - 5.15.0.1049.56~20.04.38 linux-image-azure-cvm - 5.15.0.1049.56~20.04.38 linux-image-azure-edge - 5.15.0.1049.56~20.04.38 linux-modules-extra-azure - 5.15.0.1049.56~20.04.38 linux-modules-extra-azure-cvm - 5.15.0.1049.56~20.04.38 linux-modules-extra-azure-edge - 5.15.0.1049.56~20.04.38 linux-tools-azure - 5.15.0.1049.56~20.04.38 linux-tools-azure-cvm - 5.15.0.1049.56~20.04.38 linux-tools-azure-edge - 5.15.0.1049.56~20.04.38 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-headers-lowlatency-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-image-lowlatency-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-lowlatency-64k-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-lowlatency-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-lowlatency-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-tools-lowlatency-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.86.95~20.04.41 No subscription required High CVE-2023-1206 CVE-2023-20569 CVE-2023-2156 CVE-2023-3338 CVE-2023-38432 CVE-2023-3863 CVE-2023-3865 CVE-2023-3866 CVE-2023-4132 CVE-2023-4155 CVE-2023-4194 CVE-2023-4273 CVE-2023-44466 Ubuntu 20.04 LTS It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service (excessive CPU consumption). (CVE-2023-1206) Daniël Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2023-20569) It was discovered that the IPv6 RPL protocol implementation in the Linux kernel did not properly handle user-supplied data. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-2156) Davide Ornaghi discovered that the DECnet network protocol implementation in the Linux kernel contained a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Please note that kernel support for the DECnet has been removed to resolve this CVE. (CVE-2023-3338) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate command payload size, leading to a out-of-bounds read vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-38432) It was discovered that the NFC implementation in the Linux kernel contained a use-after-free vulnerability when performing peer-to-peer communication in certain conditions. A privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3863) Laurence Wit discovered that the KSMBD implementation in the Linux kernel did not properly validate a buffer size in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-3865) Laurence Wit discovered that the KSMBD implementation in the Linux kernel contained a null pointer dereference vulnerability when handling handling chained requests. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-3866) It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel did not properly handle device initialization failures in certain situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2023-4132) Andy Nguyen discovered that the KVM implementation for AMD processors in the Linux kernel with Secure Encrypted Virtualization (SEV) contained a race condition when accessing the GHCB page. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (host system crash). (CVE-2023-4155) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-4194) Maxim Suhanov discovered that the exFAT file system implementation in the Linux kernel did not properly check a file name length, leading to an out- of-bounds write vulnerability. An attacker could use this to construct a malicious exFAT image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4273) Thelford Williams discovered that the Ceph file system messenger protocol implementation in the Linux kernel did not properly validate frame segment length in certain situation, leading to a buffer overflow vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-44466) Update Instructions: Run `sudo pro fix USN-6416-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 linux-headers-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 linux-image-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 linux-image-unsigned-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 linux-modules-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 linux-modules-extra-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 linux-oracle-5.15-headers-5.15.0-1045 - 5.15.0-1045.51~20.04.1 linux-oracle-5.15-tools-5.15.0-1045 - 5.15.0-1045.51~20.04.1 linux-tools-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 No subscription required linux-buildinfo-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-buildinfo-5.15.0-86-generic-64k - 5.15.0-86.96~20.04.1 linux-buildinfo-5.15.0-86-generic-lpae - 5.15.0-86.96~20.04.1 linux-cloud-tools-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-headers-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-headers-5.15.0-86-generic-64k - 5.15.0-86.96~20.04.1 linux-headers-5.15.0-86-generic-lpae - 5.15.0-86.96~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-86 - 5.15.0-86.96~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-86.96~20.04.1 linux-hwe-5.15-headers-5.15.0-86 - 5.15.0-86.96~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-86.96~20.04.1 linux-hwe-5.15-tools-5.15.0-86 - 5.15.0-86.96~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-86.96~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-86.96~20.04.1 linux-image-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-image-5.15.0-86-generic-64k - 5.15.0-86.96~20.04.1 linux-image-5.15.0-86-generic-lpae - 5.15.0-86.96~20.04.1 linux-image-unsigned-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-image-unsigned-5.15.0-86-generic-64k - 5.15.0-86.96~20.04.1 linux-modules-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-modules-5.15.0-86-generic-64k - 5.15.0-86.96~20.04.1 linux-modules-5.15.0-86-generic-lpae - 5.15.0-86.96~20.04.1 linux-modules-extra-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-modules-iwlwifi-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-tools-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-tools-5.15.0-86-generic-64k - 5.15.0-86.96~20.04.1 linux-tools-5.15.0-86-generic-lpae - 5.15.0-86.96~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1045.51~20.04.1 linux-headers-oracle-edge - 5.15.0.1045.51~20.04.1 linux-image-oracle - 5.15.0.1045.51~20.04.1 linux-image-oracle-edge - 5.15.0.1045.51~20.04.1 linux-oracle - 5.15.0.1045.51~20.04.1 linux-oracle-edge - 5.15.0.1045.51~20.04.1 linux-tools-oracle - 5.15.0.1045.51~20.04.1 linux-tools-oracle-edge - 5.15.0.1045.51~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-generic-64k-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-generic-64k-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-generic-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-generic-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-generic-lpae-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-generic-lpae-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-headers-generic-64k-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-headers-generic-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-headers-generic-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-headers-oem-20.04 - 5.15.0.86.96~20.04.44 linux-headers-oem-20.04b - 5.15.0.86.96~20.04.44 linux-headers-oem-20.04c - 5.15.0.86.96~20.04.44 linux-headers-oem-20.04d - 5.15.0.86.96~20.04.44 linux-headers-virtual-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-headers-virtual-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-image-extra-virtual-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-image-generic-64k-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-image-generic-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-image-generic-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-image-generic-lpae-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-image-oem-20.04 - 5.15.0.86.96~20.04.44 linux-image-oem-20.04b - 5.15.0.86.96~20.04.44 linux-image-oem-20.04c - 5.15.0.86.96~20.04.44 linux-image-oem-20.04d - 5.15.0.86.96~20.04.44 linux-image-virtual-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-image-virtual-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-modules-iwlwifi-oem-20.04 - 5.15.0.86.96~20.04.44 linux-modules-iwlwifi-oem-20.04d - 5.15.0.86.96~20.04.44 linux-oem-20.04 - 5.15.0.86.96~20.04.44 linux-oem-20.04b - 5.15.0.86.96~20.04.44 linux-oem-20.04c - 5.15.0.86.96~20.04.44 linux-oem-20.04d - 5.15.0.86.96~20.04.44 linux-tools-generic-64k-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-tools-generic-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-tools-generic-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-tools-oem-20.04 - 5.15.0.86.96~20.04.44 linux-tools-oem-20.04b - 5.15.0.86.96~20.04.44 linux-tools-oem-20.04c - 5.15.0.86.96~20.04.44 linux-tools-oem-20.04d - 5.15.0.86.96~20.04.44 linux-tools-virtual-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-tools-virtual-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-virtual-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-virtual-hwe-20.04-edge - 5.15.0.86.96~20.04.44 No subscription required High CVE-2023-1206 CVE-2023-20569 CVE-2023-2156 CVE-2023-3338 CVE-2023-38432 CVE-2023-3863 CVE-2023-3865 CVE-2023-3866 CVE-2023-4132 CVE-2023-4155 CVE-2023-4194 CVE-2023-4273 CVE-2023-44466 Ubuntu 20.04 LTS It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. (CVE-2021-4001) It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service (excessive CPU consumption). (CVE-2023-1206) Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-3212) Davide Ornaghi discovered that the DECnet network protocol implementation in the Linux kernel contained a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Please note that kernel support for the DECnet has been removed to resolve this CVE. (CVE-2023-3338) It was discovered that the NFC implementation in the Linux kernel contained a use-after-free vulnerability when performing peer-to-peer communication in certain conditions. A privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3863) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-4194) Update Instructions: Run `sudo pro fix USN-6417-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1023-iot - 5.4.0-1023.24 linux-headers-5.4.0-1023-iot - 5.4.0-1023.24 linux-image-5.4.0-1023-iot - 5.4.0-1023.24 linux-image-unsigned-5.4.0-1023-iot - 5.4.0-1023.24 linux-iot-headers-5.4.0-1023 - 5.4.0-1023.24 linux-iot-tools-5.4.0-1023 - 5.4.0-1023.24 linux-iot-tools-common - 5.4.0-1023.24 linux-modules-5.4.0-1023-iot - 5.4.0-1023.24 linux-tools-5.4.0-1023-iot - 5.4.0-1023.24 No subscription required linux-buildinfo-5.4.0-1031-xilinx-zynqmp - 5.4.0-1031.35 linux-headers-5.4.0-1031-xilinx-zynqmp - 5.4.0-1031.35 linux-image-5.4.0-1031-xilinx-zynqmp - 5.4.0-1031.35 linux-modules-5.4.0-1031-xilinx-zynqmp - 5.4.0-1031.35 linux-tools-5.4.0-1031-xilinx-zynqmp - 5.4.0-1031.35 linux-xilinx-zynqmp-headers-5.4.0-1031 - 5.4.0-1031.35 linux-xilinx-zynqmp-tools-5.4.0-1031 - 5.4.0-1031.35 No subscription required linux-buildinfo-5.4.0-1058-ibm - 5.4.0-1058.63 linux-headers-5.4.0-1058-ibm - 5.4.0-1058.63 linux-ibm-cloud-tools-common - 5.4.0-1058.63 linux-ibm-headers-5.4.0-1058 - 5.4.0-1058.63 linux-ibm-source-5.4.0 - 5.4.0-1058.63 linux-ibm-tools-5.4.0-1058 - 5.4.0-1058.63 linux-ibm-tools-common - 5.4.0-1058.63 linux-image-5.4.0-1058-ibm - 5.4.0-1058.63 linux-image-unsigned-5.4.0-1058-ibm - 5.4.0-1058.63 linux-modules-5.4.0-1058-ibm - 5.4.0-1058.63 linux-modules-extra-5.4.0-1058-ibm - 5.4.0-1058.63 linux-tools-5.4.0-1058-ibm - 5.4.0-1058.63 No subscription required linux-bluefield-headers-5.4.0-1072 - 5.4.0-1072.78 linux-bluefield-tools-5.4.0-1072 - 5.4.0-1072.78 linux-buildinfo-5.4.0-1072-bluefield - 5.4.0-1072.78 linux-headers-5.4.0-1072-bluefield - 5.4.0-1072.78 linux-image-5.4.0-1072-bluefield - 5.4.0-1072.78 linux-image-unsigned-5.4.0-1072-bluefield - 5.4.0-1072.78 linux-modules-5.4.0-1072-bluefield - 5.4.0-1072.78 linux-tools-5.4.0-1072-bluefield - 5.4.0-1072.78 No subscription required linux-buildinfo-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-cloud-tools-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-gkeop-cloud-tools-5.4.0-1078 - 5.4.0-1078.82 linux-gkeop-headers-5.4.0-1078 - 5.4.0-1078.82 linux-gkeop-source-5.4.0 - 5.4.0-1078.82 linux-gkeop-tools-5.4.0-1078 - 5.4.0-1078.82 linux-headers-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-image-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-image-unsigned-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-modules-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-modules-extra-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-tools-5.4.0-1078-gkeop - 5.4.0-1078.82 No subscription required linux-buildinfo-5.4.0-1095-raspi - 5.4.0-1095.106 linux-headers-5.4.0-1095-raspi - 5.4.0-1095.106 linux-image-5.4.0-1095-raspi - 5.4.0-1095.106 linux-modules-5.4.0-1095-raspi - 5.4.0-1095.106 linux-raspi-headers-5.4.0-1095 - 5.4.0-1095.106 linux-raspi-tools-5.4.0-1095 - 5.4.0-1095.106 linux-tools-5.4.0-1095-raspi - 5.4.0-1095.106 No subscription required linux-buildinfo-5.4.0-1100-kvm - 5.4.0-1100.106 linux-headers-5.4.0-1100-kvm - 5.4.0-1100.106 linux-image-5.4.0-1100-kvm - 5.4.0-1100.106 linux-image-unsigned-5.4.0-1100-kvm - 5.4.0-1100.106 linux-kvm-headers-5.4.0-1100 - 5.4.0-1100.106 linux-kvm-tools-5.4.0-1100 - 5.4.0-1100.106 linux-modules-5.4.0-1100-kvm - 5.4.0-1100.106 linux-tools-5.4.0-1100-kvm - 5.4.0-1100.106 No subscription required linux-buildinfo-5.4.0-1110-oracle - 5.4.0-1110.119 linux-headers-5.4.0-1110-oracle - 5.4.0-1110.119 linux-image-5.4.0-1110-oracle - 5.4.0-1110.119 linux-image-unsigned-5.4.0-1110-oracle - 5.4.0-1110.119 linux-modules-5.4.0-1110-oracle - 5.4.0-1110.119 linux-modules-extra-5.4.0-1110-oracle - 5.4.0-1110.119 linux-oracle-headers-5.4.0-1110 - 5.4.0-1110.119 linux-oracle-tools-5.4.0-1110 - 5.4.0-1110.119 linux-tools-5.4.0-1110-oracle - 5.4.0-1110.119 No subscription required linux-aws-cloud-tools-5.4.0-1111 - 5.4.0-1111.120 linux-aws-headers-5.4.0-1111 - 5.4.0-1111.120 linux-aws-tools-5.4.0-1111 - 5.4.0-1111.120 linux-buildinfo-5.4.0-1111-aws - 5.4.0-1111.120 linux-cloud-tools-5.4.0-1111-aws - 5.4.0-1111.120 linux-headers-5.4.0-1111-aws - 5.4.0-1111.120 linux-image-5.4.0-1111-aws - 5.4.0-1111.120 linux-image-unsigned-5.4.0-1111-aws - 5.4.0-1111.120 linux-modules-5.4.0-1111-aws - 5.4.0-1111.120 linux-modules-extra-5.4.0-1111-aws - 5.4.0-1111.120 linux-tools-5.4.0-1111-aws - 5.4.0-1111.120 No subscription required linux-buildinfo-5.4.0-1115-gcp - 5.4.0-1115.124 linux-gcp-headers-5.4.0-1115 - 5.4.0-1115.124 linux-gcp-tools-5.4.0-1115 - 5.4.0-1115.124 linux-headers-5.4.0-1115-gcp - 5.4.0-1115.124 linux-image-5.4.0-1115-gcp - 5.4.0-1115.124 linux-image-unsigned-5.4.0-1115-gcp - 5.4.0-1115.124 linux-modules-5.4.0-1115-gcp - 5.4.0-1115.124 linux-modules-extra-5.4.0-1115-gcp - 5.4.0-1115.124 linux-tools-5.4.0-1115-gcp - 5.4.0-1115.124 No subscription required linux-azure-cloud-tools-5.4.0-1117 - 5.4.0-1117.124 linux-azure-headers-5.4.0-1117 - 5.4.0-1117.124 linux-azure-tools-5.4.0-1117 - 5.4.0-1117.124 linux-buildinfo-5.4.0-1117-azure - 5.4.0-1117.124 linux-cloud-tools-5.4.0-1117-azure - 5.4.0-1117.124 linux-headers-5.4.0-1117-azure - 5.4.0-1117.124 linux-image-5.4.0-1117-azure - 5.4.0-1117.124 linux-image-unsigned-5.4.0-1117-azure - 5.4.0-1117.124 linux-modules-5.4.0-1117-azure - 5.4.0-1117.124 linux-modules-extra-5.4.0-1117-azure - 5.4.0-1117.124 linux-tools-5.4.0-1117-azure - 5.4.0-1117.124 No subscription required linux-buildinfo-5.4.0-164-generic - 5.4.0-164.181 linux-buildinfo-5.4.0-164-generic-lpae - 5.4.0-164.181 linux-buildinfo-5.4.0-164-lowlatency - 5.4.0-164.181 linux-cloud-tools-5.4.0-164 - 5.4.0-164.181 linux-cloud-tools-5.4.0-164-generic - 5.4.0-164.181 linux-cloud-tools-5.4.0-164-lowlatency - 5.4.0-164.181 linux-cloud-tools-common - 5.4.0-164.181 linux-doc - 5.4.0-164.181 linux-headers-5.4.0-164 - 5.4.0-164.181 linux-headers-5.4.0-164-generic - 5.4.0-164.181 linux-headers-5.4.0-164-generic-lpae - 5.4.0-164.181 linux-headers-5.4.0-164-lowlatency - 5.4.0-164.181 linux-image-5.4.0-164-generic - 5.4.0-164.181 linux-image-5.4.0-164-generic-lpae - 5.4.0-164.181 linux-image-5.4.0-164-lowlatency - 5.4.0-164.181 linux-image-unsigned-5.4.0-164-generic - 5.4.0-164.181 linux-image-unsigned-5.4.0-164-lowlatency - 5.4.0-164.181 linux-libc-dev - 5.4.0-164.181 linux-modules-5.4.0-164-generic - 5.4.0-164.181 linux-modules-5.4.0-164-generic-lpae - 5.4.0-164.181 linux-modules-5.4.0-164-lowlatency - 5.4.0-164.181 linux-modules-extra-5.4.0-164-generic - 5.4.0-164.181 linux-source-5.4.0 - 5.4.0-164.181 linux-tools-5.4.0-164 - 5.4.0-164.181 linux-tools-5.4.0-164-generic - 5.4.0-164.181 linux-tools-5.4.0-164-generic-lpae - 5.4.0-164.181 linux-tools-5.4.0-164-lowlatency - 5.4.0-164.181 linux-tools-common - 5.4.0-164.181 linux-tools-host - 5.4.0-164.181 No subscription required linux-headers-iot - 5.4.0.1023.21 linux-image-iot - 5.4.0.1023.21 linux-iot - 5.4.0.1023.21 linux-tools-iot - 5.4.0.1023.21 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1031.32 linux-image-xilinx-zynqmp - 5.4.0.1031.32 linux-tools-xilinx-zynqmp - 5.4.0.1031.32 linux-xilinx-zynqmp - 5.4.0.1031.32 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1058.87 linux-ibm-lts-20.04 - 5.4.0.1058.87 linux-image-ibm-lts-20.04 - 5.4.0.1058.87 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1058.87 linux-tools-ibm-lts-20.04 - 5.4.0.1058.87 No subscription required linux-bluefield - 5.4.0.1072.67 linux-headers-bluefield - 5.4.0.1072.67 linux-image-bluefield - 5.4.0.1072.67 linux-tools-bluefield - 5.4.0.1072.67 No subscription required linux-cloud-tools-gkeop - 5.4.0.1078.76 linux-cloud-tools-gkeop-5.4 - 5.4.0.1078.76 linux-gkeop - 5.4.0.1078.76 linux-gkeop-5.4 - 5.4.0.1078.76 linux-headers-gkeop - 5.4.0.1078.76 linux-headers-gkeop-5.4 - 5.4.0.1078.76 linux-image-gkeop - 5.4.0.1078.76 linux-image-gkeop-5.4 - 5.4.0.1078.76 linux-modules-extra-gkeop - 5.4.0.1078.76 linux-modules-extra-gkeop-5.4 - 5.4.0.1078.76 linux-tools-gkeop - 5.4.0.1078.76 linux-tools-gkeop-5.4 - 5.4.0.1078.76 No subscription required linux-headers-raspi - 5.4.0.1095.125 linux-headers-raspi-hwe-18.04 - 5.4.0.1095.125 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1095.125 linux-headers-raspi2 - 5.4.0.1095.125 linux-headers-raspi2-hwe-18.04 - 5.4.0.1095.125 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1095.125 linux-image-raspi - 5.4.0.1095.125 linux-image-raspi-hwe-18.04 - 5.4.0.1095.125 linux-image-raspi-hwe-18.04-edge - 5.4.0.1095.125 linux-image-raspi2 - 5.4.0.1095.125 linux-image-raspi2-hwe-18.04 - 5.4.0.1095.125 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1095.125 linux-raspi - 5.4.0.1095.125 linux-raspi-hwe-18.04 - 5.4.0.1095.125 linux-raspi-hwe-18.04-edge - 5.4.0.1095.125 linux-raspi2 - 5.4.0.1095.125 linux-raspi2-hwe-18.04 - 5.4.0.1095.125 linux-raspi2-hwe-18.04-edge - 5.4.0.1095.125 linux-tools-raspi - 5.4.0.1095.125 linux-tools-raspi-hwe-18.04 - 5.4.0.1095.125 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1095.125 linux-tools-raspi2 - 5.4.0.1095.125 linux-tools-raspi2-hwe-18.04 - 5.4.0.1095.125 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1095.125 No subscription required linux-headers-kvm - 5.4.0.1100.95 linux-image-kvm - 5.4.0.1100.95 linux-kvm - 5.4.0.1100.95 linux-tools-kvm - 5.4.0.1100.95 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1110.103 linux-image-oracle-lts-20.04 - 5.4.0.1110.103 linux-oracle-lts-20.04 - 5.4.0.1110.103 linux-tools-oracle-lts-20.04 - 5.4.0.1110.103 No subscription required linux-aws-lts-20.04 - 5.4.0.1111.108 linux-headers-aws-lts-20.04 - 5.4.0.1111.108 linux-image-aws-lts-20.04 - 5.4.0.1111.108 linux-modules-extra-aws-lts-20.04 - 5.4.0.1111.108 linux-tools-aws-lts-20.04 - 5.4.0.1111.108 No subscription required linux-gcp-lts-20.04 - 5.4.0.1115.117 linux-headers-gcp-lts-20.04 - 5.4.0.1115.117 linux-image-gcp-lts-20.04 - 5.4.0.1115.117 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1115.117 linux-tools-gcp-lts-20.04 - 5.4.0.1115.117 No subscription required linux-azure-lts-20.04 - 5.4.0.1117.110 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1117.110 linux-headers-azure-lts-20.04 - 5.4.0.1117.110 linux-image-azure-lts-20.04 - 5.4.0.1117.110 linux-modules-extra-azure-lts-20.04 - 5.4.0.1117.110 linux-tools-azure-lts-20.04 - 5.4.0.1117.110 No subscription required linux-cloud-tools-generic - 5.4.0.164.161 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.164.161 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.164.161 linux-cloud-tools-lowlatency - 5.4.0.164.161 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.164.161 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.164.161 linux-cloud-tools-virtual - 5.4.0.164.161 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.164.161 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.164.161 linux-crashdump - 5.4.0.164.161 linux-generic - 5.4.0.164.161 linux-generic-hwe-18.04 - 5.4.0.164.161 linux-generic-hwe-18.04-edge - 5.4.0.164.161 linux-generic-lpae - 5.4.0.164.161 linux-generic-lpae-hwe-18.04 - 5.4.0.164.161 linux-generic-lpae-hwe-18.04-edge - 5.4.0.164.161 linux-headers-generic - 5.4.0.164.161 linux-headers-generic-hwe-18.04 - 5.4.0.164.161 linux-headers-generic-hwe-18.04-edge - 5.4.0.164.161 linux-headers-generic-lpae - 5.4.0.164.161 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.164.161 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.164.161 linux-headers-lowlatency - 5.4.0.164.161 linux-headers-lowlatency-hwe-18.04 - 5.4.0.164.161 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.164.161 linux-headers-oem - 5.4.0.164.161 linux-headers-oem-osp1 - 5.4.0.164.161 linux-headers-virtual - 5.4.0.164.161 linux-headers-virtual-hwe-18.04 - 5.4.0.164.161 linux-headers-virtual-hwe-18.04-edge - 5.4.0.164.161 linux-image-extra-virtual - 5.4.0.164.161 linux-image-extra-virtual-hwe-18.04 - 5.4.0.164.161 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.164.161 linux-image-generic - 5.4.0.164.161 linux-image-generic-hwe-18.04 - 5.4.0.164.161 linux-image-generic-hwe-18.04-edge - 5.4.0.164.161 linux-image-generic-lpae - 5.4.0.164.161 linux-image-generic-lpae-hwe-18.04 - 5.4.0.164.161 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.164.161 linux-image-lowlatency - 5.4.0.164.161 linux-image-lowlatency-hwe-18.04 - 5.4.0.164.161 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.164.161 linux-image-oem - 5.4.0.164.161 linux-image-oem-osp1 - 5.4.0.164.161 linux-image-virtual - 5.4.0.164.161 linux-image-virtual-hwe-18.04 - 5.4.0.164.161 linux-image-virtual-hwe-18.04-edge - 5.4.0.164.161 linux-lowlatency - 5.4.0.164.161 linux-lowlatency-hwe-18.04 - 5.4.0.164.161 linux-lowlatency-hwe-18.04-edge - 5.4.0.164.161 linux-oem - 5.4.0.164.161 linux-oem-osp1 - 5.4.0.164.161 linux-oem-osp1-tools-host - 5.4.0.164.161 linux-oem-tools-host - 5.4.0.164.161 linux-source - 5.4.0.164.161 linux-tools-generic - 5.4.0.164.161 linux-tools-generic-hwe-18.04 - 5.4.0.164.161 linux-tools-generic-hwe-18.04-edge - 5.4.0.164.161 linux-tools-generic-lpae - 5.4.0.164.161 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.164.161 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.164.161 linux-tools-lowlatency - 5.4.0.164.161 linux-tools-lowlatency-hwe-18.04 - 5.4.0.164.161 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.164.161 linux-tools-oem - 5.4.0.164.161 linux-tools-oem-osp1 - 5.4.0.164.161 linux-tools-virtual - 5.4.0.164.161 linux-tools-virtual-hwe-18.04 - 5.4.0.164.161 linux-tools-virtual-hwe-18.04-edge - 5.4.0.164.161 linux-virtual - 5.4.0.164.161 linux-virtual-hwe-18.04 - 5.4.0.164.161 linux-virtual-hwe-18.04-edge - 5.4.0.164.161 No subscription required Medium CVE-2021-4001 CVE-2023-1206 CVE-2023-3212 CVE-2023-3338 CVE-2023-3863 CVE-2023-4194 Ubuntu 20.04 LTS It was discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue was only fixed in Ubuntu 20.04 LTS. (CVE-2021-22883) Vít Šesták discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-22884) Update Instructions: Run `sudo pro fix USN-6418-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnode-dev - 10.19.0~dfsg-3ubuntu1.2 libnode64 - 10.19.0~dfsg-3ubuntu1.2 nodejs - 10.19.0~dfsg-3ubuntu1.2 nodejs-doc - 10.19.0~dfsg-3ubuntu1.2 No subscription required Medium CVE-2021-22883 CVE-2021-22884 Ubuntu 20.04 LTS Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary web script or HTML code injection. A remote attacker could possibly use this issue to perform a cross-site scripting (XSS) attack. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-7103) Esben Sparre Andreasen discovered that jQuery UI did not properly handle values from untrusted sources in the Datepicker widget. A remote attacker could possibly use this issue to perform a cross-site scripting (XSS) attack and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-41182, CVE-2021-41183) It was discovered that jQuery UI did not properly validate values from untrusted sources. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-41184) It was discovered that the jQuery UI checkboxradio widget did not properly decode certain values from HTML entities. An attacker could possibly use this issue to perform a cross-site scripting (XSS) attack and cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-31160) Update Instructions: Run `sudo pro fix USN-6419-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjs-jquery-ui - 1.12.1+dfsg-5ubuntu0.20.04.1 libjs-jquery-ui-docs - 1.12.1+dfsg-5ubuntu0.20.04.1 node-jquery-ui - 1.12.1+dfsg-5ubuntu0.20.04.1 No subscription required Medium CVE-2016-7103 CVE-2021-41182 CVE-2021-41183 CVE-2021-41184 CVE-2022-31160 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-3235, CVE-2022-3278, CVE-2022-3297, CVE-2022-3491) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3352, CVE-2022-4292) It was discovered that Vim incorrectly handled memory when replacing in virtualedit mode. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3234) It was discovered that Vim incorrectly handled memory when autocmd changes mark. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-3256) It was discovered that Vim did not properly perform checks on array index with negative width window. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2022-3324) It was discovered that Vim did not properly perform checks on a put command column with a visual block. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3520) It was discovered that Vim incorrectly handled memory when using autocommand to open a window. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-3591) It was discovered that Vim incorrectly handled memory when updating buffer of the component autocmd handler. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3705) It was discovered that Vim incorrectly handled floating point comparison with incorrect operator. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. and Ubuntu 22.04 LTS. (CVE-2022-4293) Update Instructions: Run `sudo pro fix USN-6420-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:8.1.2269-1ubuntu5.18 vim-athena - 2:8.1.2269-1ubuntu5.18 vim-common - 2:8.1.2269-1ubuntu5.18 vim-doc - 2:8.1.2269-1ubuntu5.18 vim-gtk - 2:8.1.2269-1ubuntu5.18 vim-gtk3 - 2:8.1.2269-1ubuntu5.18 vim-gui-common - 2:8.1.2269-1ubuntu5.18 vim-nox - 2:8.1.2269-1ubuntu5.18 vim-runtime - 2:8.1.2269-1ubuntu5.18 vim-tiny - 2:8.1.2269-1ubuntu5.18 xxd - 2:8.1.2269-1ubuntu5.18 No subscription required Medium CVE-2022-3234 CVE-2022-3235 CVE-2022-3256 CVE-2022-3278 CVE-2022-3297 CVE-2022-3324 CVE-2022-3352 CVE-2022-3491 CVE-2022-3520 CVE-2022-3591 CVE-2022-3705 CVE-2022-4292 CVE-2022-4293 Ubuntu 20.04 LTS It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-37706) It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-43299, CVE-2021-43300, CVE-2021-43301, CVE-2021-43302, CVE-2021-43303, CVE-2021-43804, CVE-2021-43845, CVE-2022-21723, CVE-2022-23537, CVE-2022-23547, CVE-2022-23608, CVE-2022-24754, CVE-2022-24763, CVE-2022-24764, CVE-2022-24793, CVE-2022-31031, CVE-2022-39244) It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-21722) It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-27585) Update Instructions: Run `sudo pro fix USN-6422-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: jami - 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1 jami-daemon - 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1 ring - 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1 ring-daemon - 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1 No subscription required Medium CVE-2021-37706 CVE-2021-43299 CVE-2021-43300 CVE-2021-43301 CVE-2021-43302 CVE-2021-43303 CVE-2021-43804 CVE-2021-43845 CVE-2022-21722 CVE-2022-21723 CVE-2022-23537 CVE-2022-23547 CVE-2022-23608 CVE-2022-24754 CVE-2022-24763 CVE-2022-24764 CVE-2022-24793 CVE-2022-31031 CVE-2022-39244 CVE-2023-27585 Ubuntu 20.04 LTS It was discovered that CUE incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6423-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcue-dev - 2.2.1-2ubuntu0.1 libcue2 - 2.2.1-2ubuntu0.1 No subscription required Medium CVE-2023-43641 Ubuntu 20.04 LTS It was discovered that kramdown did not restrict Rouge formatters to the correct namespace. An attacker could use this issue to cause kramdown to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6424-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: kramdown - 1.17.0-4ubuntu0.2 ruby-kramdown - 1.17.0-4ubuntu0.2 No subscription required Medium CVE-2021-28834 Ubuntu 20.04 LTS Sri Nagasubramanian discovered that the Samba acl_xattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to truncate read-only files. (CVE-2023-4091) Andrew Bartlett discovered that Samba incorrectly handled the DirSync control. A remote attacker with an RODC DC account could possibly use this issue to obtain all domain secrets. (CVE-2023-4154) Andrew Bartlett discovered that Samba incorrectly handled the rpcecho development server. A remote attacker could possibly use this issue to cause Samba to stop responding, resulting in a denial of service. (CVE-2023-42669) Kirin van der Veer discovered that Samba incorrectly handled certain RPC service listeners. A remote attacker could possibly use this issue to cause Samba to start multiple incompatible RPC listeners, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-42670) Update Instructions: Run `sudo pro fix USN-6425-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ctdb - 2:4.15.13+dfsg-0ubuntu0.20.04.6 libnss-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.6 libpam-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.6 libsmbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.6 libsmbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.6 libwbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.6 libwbclient0 - 2:4.15.13+dfsg-0ubuntu0.20.04.6 python3-samba - 2:4.15.13+dfsg-0ubuntu0.20.04.6 registry-tools - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-common - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-common-bin - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-dsdb-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-libs - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-testsuite - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-vfs-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.6 smbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.6 winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.6 No subscription required Medium CVE-2023-4091 CVE-2023-4154 CVE-2023-42669 CVE-2023-42670 Ubuntu 20.04 LTS USN-6425-1 fixed vulnerabilities in Samba. Due to a build issue on Ubuntu 20.04 LTS, the update introduced regressions in macro handling and possibly other functionality. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Sri Nagasubramanian discovered that the Samba acl_xattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to truncate read-only files. (CVE-2023-4091) Andrew Bartlett discovered that Samba incorrectly handled the DirSync control. A remote attacker with an RODC DC account could possibly use this issue to obtain all domain secrets. (CVE-2023-4154) Andrew Bartlett discovered that Samba incorrectly handled the rpcecho development server. A remote attacker could possibly use this issue to cause Samba to stop responding, resulting in a denial of service. (CVE-2023-42669) Kirin van der Veer discovered that Samba incorrectly handled certain RPC service listeners. A remote attacker could possibly use this issue to cause Samba to start multiple incompatible RPC listeners, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-42670) Update Instructions: Run `sudo pro fix USN-6425-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ctdb - 2:4.15.13+dfsg-0ubuntu0.20.04.7 libnss-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.7 libpam-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.7 libsmbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.7 libsmbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.7 libwbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.7 libwbclient0 - 2:4.15.13+dfsg-0ubuntu0.20.04.7 python3-samba - 2:4.15.13+dfsg-0ubuntu0.20.04.7 registry-tools - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-common - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-common-bin - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-dsdb-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-libs - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-testsuite - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-vfs-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.7 smbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.7 winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.7 No subscription required None https://launchpad.net/bugs/2039031 Ubuntu 20.04 LTS It was discovered that LibTIFF could be made to read out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6428-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.10 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.10 libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.10 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.10 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.10 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.10 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.10 No subscription required Low CVE-2023-1916 Ubuntu 20.04 LTS Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-38545) It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections. (CVE-2023-38546) Update Instructions: Run `sudo pro fix USN-6429-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: curl - 7.68.0-1ubuntu2.20 libcurl3-gnutls - 7.68.0-1ubuntu2.20 libcurl3-nss - 7.68.0-1ubuntu2.20 libcurl4 - 7.68.0-1ubuntu2.20 libcurl4-doc - 7.68.0-1ubuntu2.20 libcurl4-gnutls-dev - 7.68.0-1ubuntu2.20 libcurl4-nss-dev - 7.68.0-1ubuntu2.20 libcurl4-openssl-dev - 7.68.0-1ubuntu2.20 No subscription required High CVE-2023-38545 CVE-2023-38546 Ubuntu 20.04 LTS It was discovered that FFmpeg did not properly handle certain inputs in vf_lagfun.c, resulting in a buffer overflow vulnerability. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-22024) It was discovered that FFmpeg incorrectly managed memory in avienc.c, resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service via application crash. (CVE-2020-22039) It was discovered that FFmpeg incorrectly handled certain files due to a memory leak in frame.c. An attacker could possibly use this issue to cause a denial of service via application crash. This issue affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-22040) It was discovered that FFmpeg incorrectly handled certain files due to a memory leak in fifo.c. An attacker could possibly use this issue to cause a denial of service via application crash. (CVE-2020-22043) It was discovered that FFmpeg incorrectly handled certain files due to a memory leak in vf_tile.c. If a user or automated system were tricked into processing a specially crafted MOV file, an attacker could possibly use this issue to cause a denial of service. (CVE-2020-22051) It was discovered that FFmpeg incorrectly handled certain MOV files in timecode.c, leading to an integer overflow. An attacker could possibly use this issue to cause a denial of service using a crafted MOV file. This issue only affected Ubuntu 16.04 LTS. (CVE-2021-28429) Update Instructions: Run `sudo pro fix USN-6430-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ffmpeg - 7:4.2.7-0ubuntu0.1+esm2 ffmpeg-doc - 7:4.2.7-0ubuntu0.1+esm2 libavcodec-dev - 7:4.2.7-0ubuntu0.1+esm2 libavcodec-extra - 7:4.2.7-0ubuntu0.1+esm2 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1+esm2 libavcodec58 - 7:4.2.7-0ubuntu0.1+esm2 libavdevice-dev - 7:4.2.7-0ubuntu0.1+esm2 libavdevice58 - 7:4.2.7-0ubuntu0.1+esm2 libavfilter-dev - 7:4.2.7-0ubuntu0.1+esm2 libavfilter-extra - 7:4.2.7-0ubuntu0.1+esm2 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1+esm2 libavfilter7 - 7:4.2.7-0ubuntu0.1+esm2 libavformat-dev - 7:4.2.7-0ubuntu0.1+esm2 libavformat58 - 7:4.2.7-0ubuntu0.1+esm2 libavresample-dev - 7:4.2.7-0ubuntu0.1+esm2 libavresample4 - 7:4.2.7-0ubuntu0.1+esm2 libavutil-dev - 7:4.2.7-0ubuntu0.1+esm2 libavutil56 - 7:4.2.7-0ubuntu0.1+esm2 libpostproc-dev - 7:4.2.7-0ubuntu0.1+esm2 libpostproc55 - 7:4.2.7-0ubuntu0.1+esm2 libswresample-dev - 7:4.2.7-0ubuntu0.1+esm2 libswresample3 - 7:4.2.7-0ubuntu0.1+esm2 libswscale-dev - 7:4.2.7-0ubuntu0.1+esm2 libswscale5 - 7:4.2.7-0ubuntu0.1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-22024 CVE-2020-22039 CVE-2020-22040 CVE-2020-22043 CVE-2020-22051 CVE-2021-28429 Ubuntu 20.04 LTS It was discovered that iperf3 did not properly manage certain inputs, which could lead to a crash. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-38403) Jorge Sancho Larraz discovered that iperf3 did not properly manage certain inputs, which could cause the server process to stop responding, waiting for input on the control connection. A remote attacker could possibly use this issue to cause a denial of service. (LP: #2038654) Update Instructions: Run `sudo pro fix USN-6431-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: iperf3 - 3.7-3ubuntu0.1~esm1 libiperf-dev - 3.7-3ubuntu0.1~esm1 libiperf0 - 3.7-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-38403 https://launchpad.net/bugs/2038654 Ubuntu 20.04 LTS It was discovered that the Quagga BGP daemon did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-41358) It was discovered that the Quagga BGP daemon did not properly manage memory when reading initial bytes of ORF header. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-41360) Update Instructions: Run `sudo pro fix USN-6432-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: quagga - 1.2.4-4ubuntu0.1 quagga-bgpd - 1.2.4-4ubuntu0.1 quagga-core - 1.2.4-4ubuntu0.1 quagga-doc - 1.2.4-4ubuntu0.1 quagga-isisd - 1.2.4-4ubuntu0.1 quagga-ospf6d - 1.2.4-4ubuntu0.1 quagga-ospfd - 1.2.4-4ubuntu0.1 quagga-pimd - 1.2.4-4ubuntu0.1 quagga-ripd - 1.2.4-4ubuntu0.1 quagga-ripngd - 1.2.4-4ubuntu0.1 No subscription required Medium CVE-2023-41358 CVE-2023-41360 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled certain PDF documents. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6433-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.11 ghostscript-doc - 9.50~dfsg-5ubuntu4.11 ghostscript-x - 9.50~dfsg-5ubuntu4.11 libgs-dev - 9.50~dfsg-5ubuntu4.11 libgs9 - 9.50~dfsg-5ubuntu4.11 libgs9-common - 9.50~dfsg-5ubuntu4.11 No subscription required Medium CVE-2023-43115 Ubuntu 20.04 LTS Francois Diakhate discovered that PMIx did not properly handle race conditions in the pmix library, which could lead to unwanted privilege escalation. An attacker could possibly use this issue to obtain ownership of an arbitrary file on the filesystem, under the default configuration of the application. Update Instructions: Run `sudo pro fix USN-6434-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpmi-pmix-dev - 3.1.5-1ubuntu0.1~esm1 libpmi1-pmix - 3.1.5-1ubuntu0.1~esm1 libpmi2-pmix - 3.1.5-1ubuntu0.1~esm1 libpmix-dev - 3.1.5-1ubuntu0.1~esm1 libpmix2 - 3.1.5-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2023-41915 Ubuntu 20.04 LTS USN-6435-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-3446) Bernd Edlinger discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-3817) Update Instructions: Run `sudo pro fix USN-6435-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl-dev - 1.1.1f-1ubuntu2.20 libssl-doc - 1.1.1f-1ubuntu2.20 libssl1.1 - 1.1.1f-1ubuntu2.20 openssl - 1.1.1f-1ubuntu2.20 No subscription required Low CVE-2023-3446 CVE-2023-3817 Ubuntu 20.04 LTS It was discovered that the FRR did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-41358) It was discovered that the FRR did not properly manage memory when reading initial bytes of ORF header. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-41360) It was discovered that FRR did not properly validate the attributes in the BGP FlowSpec functionality. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-41909) Update Instructions: Run `sudo pro fix USN-6436-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: frr - 7.2.1-1ubuntu0.2+esm1 frr-doc - 7.2.1-1ubuntu0.2+esm1 frr-pythontools - 7.2.1-1ubuntu0.2+esm1 frr-rpki-rtrlib - 7.2.1-1ubuntu0.2+esm1 frr-snmp - 7.2.1-1ubuntu0.2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-41358 CVE-2023-41360 CVE-2023-41909 Ubuntu 20.04 LTS Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Update Instructions: Run `sudo pro fix USN-6441-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1032-xilinx-zynqmp - 5.4.0-1032.36 linux-headers-5.4.0-1032-xilinx-zynqmp - 5.4.0-1032.36 linux-image-5.4.0-1032-xilinx-zynqmp - 5.4.0-1032.36 linux-modules-5.4.0-1032-xilinx-zynqmp - 5.4.0-1032.36 linux-tools-5.4.0-1032-xilinx-zynqmp - 5.4.0-1032.36 linux-xilinx-zynqmp-headers-5.4.0-1032 - 5.4.0-1032.36 linux-xilinx-zynqmp-tools-5.4.0-1032 - 5.4.0-1032.36 No subscription required linux-buildinfo-5.4.0-1059-ibm - 5.4.0-1059.64 linux-headers-5.4.0-1059-ibm - 5.4.0-1059.64 linux-ibm-cloud-tools-common - 5.4.0-1059.64 linux-ibm-headers-5.4.0-1059 - 5.4.0-1059.64 linux-ibm-source-5.4.0 - 5.4.0-1059.64 linux-ibm-tools-5.4.0-1059 - 5.4.0-1059.64 linux-ibm-tools-common - 5.4.0-1059.64 linux-image-5.4.0-1059-ibm - 5.4.0-1059.64 linux-image-unsigned-5.4.0-1059-ibm - 5.4.0-1059.64 linux-modules-5.4.0-1059-ibm - 5.4.0-1059.64 linux-modules-extra-5.4.0-1059-ibm - 5.4.0-1059.64 linux-tools-5.4.0-1059-ibm - 5.4.0-1059.64 No subscription required linux-buildinfo-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-cloud-tools-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-gkeop-cloud-tools-5.4.0-1079 - 5.4.0-1079.83 linux-gkeop-headers-5.4.0-1079 - 5.4.0-1079.83 linux-gkeop-source-5.4.0 - 5.4.0-1079.83 linux-gkeop-tools-5.4.0-1079 - 5.4.0-1079.83 linux-headers-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-image-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-image-unsigned-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-modules-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-modules-extra-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-tools-5.4.0-1079-gkeop - 5.4.0-1079.83 No subscription required linux-buildinfo-5.4.0-1101-kvm - 5.4.0-1101.107 linux-headers-5.4.0-1101-kvm - 5.4.0-1101.107 linux-image-5.4.0-1101-kvm - 5.4.0-1101.107 linux-image-unsigned-5.4.0-1101-kvm - 5.4.0-1101.107 linux-kvm-headers-5.4.0-1101 - 5.4.0-1101.107 linux-kvm-tools-5.4.0-1101 - 5.4.0-1101.107 linux-modules-5.4.0-1101-kvm - 5.4.0-1101.107 linux-tools-5.4.0-1101-kvm - 5.4.0-1101.107 No subscription required linux-buildinfo-5.4.0-1111-oracle - 5.4.0-1111.120 linux-headers-5.4.0-1111-oracle - 5.4.0-1111.120 linux-image-5.4.0-1111-oracle - 5.4.0-1111.120 linux-image-unsigned-5.4.0-1111-oracle - 5.4.0-1111.120 linux-modules-5.4.0-1111-oracle - 5.4.0-1111.120 linux-modules-extra-5.4.0-1111-oracle - 5.4.0-1111.120 linux-oracle-headers-5.4.0-1111 - 5.4.0-1111.120 linux-oracle-tools-5.4.0-1111 - 5.4.0-1111.120 linux-tools-5.4.0-1111-oracle - 5.4.0-1111.120 No subscription required linux-aws-cloud-tools-5.4.0-1112 - 5.4.0-1112.121 linux-aws-headers-5.4.0-1112 - 5.4.0-1112.121 linux-aws-tools-5.4.0-1112 - 5.4.0-1112.121 linux-buildinfo-5.4.0-1112-aws - 5.4.0-1112.121 linux-cloud-tools-5.4.0-1112-aws - 5.4.0-1112.121 linux-headers-5.4.0-1112-aws - 5.4.0-1112.121 linux-image-5.4.0-1112-aws - 5.4.0-1112.121 linux-image-unsigned-5.4.0-1112-aws - 5.4.0-1112.121 linux-modules-5.4.0-1112-aws - 5.4.0-1112.121 linux-modules-extra-5.4.0-1112-aws - 5.4.0-1112.121 linux-tools-5.4.0-1112-aws - 5.4.0-1112.121 No subscription required linux-buildinfo-5.4.0-1116-gcp - 5.4.0-1116.125 linux-gcp-headers-5.4.0-1116 - 5.4.0-1116.125 linux-gcp-tools-5.4.0-1116 - 5.4.0-1116.125 linux-headers-5.4.0-1116-gcp - 5.4.0-1116.125 linux-image-5.4.0-1116-gcp - 5.4.0-1116.125 linux-image-unsigned-5.4.0-1116-gcp - 5.4.0-1116.125 linux-modules-5.4.0-1116-gcp - 5.4.0-1116.125 linux-modules-extra-5.4.0-1116-gcp - 5.4.0-1116.125 linux-tools-5.4.0-1116-gcp - 5.4.0-1116.125 No subscription required linux-azure-cloud-tools-5.4.0-1118 - 5.4.0-1118.125 linux-azure-headers-5.4.0-1118 - 5.4.0-1118.125 linux-azure-tools-5.4.0-1118 - 5.4.0-1118.125 linux-buildinfo-5.4.0-1118-azure - 5.4.0-1118.125 linux-cloud-tools-5.4.0-1118-azure - 5.4.0-1118.125 linux-headers-5.4.0-1118-azure - 5.4.0-1118.125 linux-image-5.4.0-1118-azure - 5.4.0-1118.125 linux-image-unsigned-5.4.0-1118-azure - 5.4.0-1118.125 linux-modules-5.4.0-1118-azure - 5.4.0-1118.125 linux-modules-extra-5.4.0-1118-azure - 5.4.0-1118.125 linux-tools-5.4.0-1118-azure - 5.4.0-1118.125 No subscription required linux-buildinfo-5.4.0-165-generic - 5.4.0-165.182 linux-buildinfo-5.4.0-165-generic-lpae - 5.4.0-165.182 linux-buildinfo-5.4.0-165-lowlatency - 5.4.0-165.182 linux-cloud-tools-5.4.0-165 - 5.4.0-165.182 linux-cloud-tools-5.4.0-165-generic - 5.4.0-165.182 linux-cloud-tools-5.4.0-165-lowlatency - 5.4.0-165.182 linux-cloud-tools-common - 5.4.0-165.182 linux-doc - 5.4.0-165.182 linux-headers-5.4.0-165 - 5.4.0-165.182 linux-headers-5.4.0-165-generic - 5.4.0-165.182 linux-headers-5.4.0-165-generic-lpae - 5.4.0-165.182 linux-headers-5.4.0-165-lowlatency - 5.4.0-165.182 linux-image-5.4.0-165-generic - 5.4.0-165.182 linux-image-5.4.0-165-generic-lpae - 5.4.0-165.182 linux-image-5.4.0-165-lowlatency - 5.4.0-165.182 linux-image-unsigned-5.4.0-165-generic - 5.4.0-165.182 linux-image-unsigned-5.4.0-165-lowlatency - 5.4.0-165.182 linux-libc-dev - 5.4.0-165.182 linux-modules-5.4.0-165-generic - 5.4.0-165.182 linux-modules-5.4.0-165-generic-lpae - 5.4.0-165.182 linux-modules-5.4.0-165-lowlatency - 5.4.0-165.182 linux-modules-extra-5.4.0-165-generic - 5.4.0-165.182 linux-source-5.4.0 - 5.4.0-165.182 linux-tools-5.4.0-165 - 5.4.0-165.182 linux-tools-5.4.0-165-generic - 5.4.0-165.182 linux-tools-5.4.0-165-generic-lpae - 5.4.0-165.182 linux-tools-5.4.0-165-lowlatency - 5.4.0-165.182 linux-tools-common - 5.4.0-165.182 linux-tools-host - 5.4.0-165.182 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1032.32 linux-image-xilinx-zynqmp - 5.4.0.1032.32 linux-tools-xilinx-zynqmp - 5.4.0.1032.32 linux-xilinx-zynqmp - 5.4.0.1032.32 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1059.88 linux-ibm-lts-20.04 - 5.4.0.1059.88 linux-image-ibm-lts-20.04 - 5.4.0.1059.88 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1059.88 linux-tools-ibm-lts-20.04 - 5.4.0.1059.88 No subscription required linux-cloud-tools-gkeop - 5.4.0.1079.77 linux-cloud-tools-gkeop-5.4 - 5.4.0.1079.77 linux-gkeop - 5.4.0.1079.77 linux-gkeop-5.4 - 5.4.0.1079.77 linux-headers-gkeop - 5.4.0.1079.77 linux-headers-gkeop-5.4 - 5.4.0.1079.77 linux-image-gkeop - 5.4.0.1079.77 linux-image-gkeop-5.4 - 5.4.0.1079.77 linux-modules-extra-gkeop - 5.4.0.1079.77 linux-modules-extra-gkeop-5.4 - 5.4.0.1079.77 linux-tools-gkeop - 5.4.0.1079.77 linux-tools-gkeop-5.4 - 5.4.0.1079.77 No subscription required linux-headers-kvm - 5.4.0.1101.96 linux-image-kvm - 5.4.0.1101.96 linux-kvm - 5.4.0.1101.96 linux-tools-kvm - 5.4.0.1101.96 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1111.104 linux-image-oracle-lts-20.04 - 5.4.0.1111.104 linux-oracle-lts-20.04 - 5.4.0.1111.104 linux-tools-oracle-lts-20.04 - 5.4.0.1111.104 No subscription required linux-aws-lts-20.04 - 5.4.0.1112.109 linux-headers-aws-lts-20.04 - 5.4.0.1112.109 linux-image-aws-lts-20.04 - 5.4.0.1112.109 linux-modules-extra-aws-lts-20.04 - 5.4.0.1112.109 linux-tools-aws-lts-20.04 - 5.4.0.1112.109 No subscription required linux-gcp-lts-20.04 - 5.4.0.1116.118 linux-headers-gcp-lts-20.04 - 5.4.0.1116.118 linux-image-gcp-lts-20.04 - 5.4.0.1116.118 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1116.118 linux-tools-gcp-lts-20.04 - 5.4.0.1116.118 No subscription required linux-azure-lts-20.04 - 5.4.0.1118.111 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1118.111 linux-headers-azure-lts-20.04 - 5.4.0.1118.111 linux-image-azure-lts-20.04 - 5.4.0.1118.111 linux-modules-extra-azure-lts-20.04 - 5.4.0.1118.111 linux-tools-azure-lts-20.04 - 5.4.0.1118.111 No subscription required linux-cloud-tools-generic - 5.4.0.165.162 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.165.162 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.165.162 linux-cloud-tools-lowlatency - 5.4.0.165.162 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.165.162 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.165.162 linux-cloud-tools-virtual - 5.4.0.165.162 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.165.162 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.165.162 linux-crashdump - 5.4.0.165.162 linux-generic - 5.4.0.165.162 linux-generic-hwe-18.04 - 5.4.0.165.162 linux-generic-hwe-18.04-edge - 5.4.0.165.162 linux-generic-lpae - 5.4.0.165.162 linux-generic-lpae-hwe-18.04 - 5.4.0.165.162 linux-generic-lpae-hwe-18.04-edge - 5.4.0.165.162 linux-headers-generic - 5.4.0.165.162 linux-headers-generic-hwe-18.04 - 5.4.0.165.162 linux-headers-generic-hwe-18.04-edge - 5.4.0.165.162 linux-headers-generic-lpae - 5.4.0.165.162 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.165.162 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.165.162 linux-headers-lowlatency - 5.4.0.165.162 linux-headers-lowlatency-hwe-18.04 - 5.4.0.165.162 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.165.162 linux-headers-oem - 5.4.0.165.162 linux-headers-oem-osp1 - 5.4.0.165.162 linux-headers-virtual - 5.4.0.165.162 linux-headers-virtual-hwe-18.04 - 5.4.0.165.162 linux-headers-virtual-hwe-18.04-edge - 5.4.0.165.162 linux-image-extra-virtual - 5.4.0.165.162 linux-image-extra-virtual-hwe-18.04 - 5.4.0.165.162 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.165.162 linux-image-generic - 5.4.0.165.162 linux-image-generic-hwe-18.04 - 5.4.0.165.162 linux-image-generic-hwe-18.04-edge - 5.4.0.165.162 linux-image-generic-lpae - 5.4.0.165.162 linux-image-generic-lpae-hwe-18.04 - 5.4.0.165.162 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.165.162 linux-image-lowlatency - 5.4.0.165.162 linux-image-lowlatency-hwe-18.04 - 5.4.0.165.162 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.165.162 linux-image-oem - 5.4.0.165.162 linux-image-oem-osp1 - 5.4.0.165.162 linux-image-virtual - 5.4.0.165.162 linux-image-virtual-hwe-18.04 - 5.4.0.165.162 linux-image-virtual-hwe-18.04-edge - 5.4.0.165.162 linux-lowlatency - 5.4.0.165.162 linux-lowlatency-hwe-18.04 - 5.4.0.165.162 linux-lowlatency-hwe-18.04-edge - 5.4.0.165.162 linux-oem - 5.4.0.165.162 linux-oem-osp1 - 5.4.0.165.162 linux-oem-osp1-tools-host - 5.4.0.165.162 linux-oem-tools-host - 5.4.0.165.162 linux-source - 5.4.0.165.162 linux-tools-generic - 5.4.0.165.162 linux-tools-generic-hwe-18.04 - 5.4.0.165.162 linux-tools-generic-hwe-18.04-edge - 5.4.0.165.162 linux-tools-generic-lpae - 5.4.0.165.162 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.165.162 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.165.162 linux-tools-lowlatency - 5.4.0.165.162 linux-tools-lowlatency-hwe-18.04 - 5.4.0.165.162 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.165.162 linux-tools-oem - 5.4.0.165.162 linux-tools-oem-osp1 - 5.4.0.165.162 linux-tools-virtual - 5.4.0.165.162 linux-tools-virtual-hwe-18.04 - 5.4.0.165.162 linux-tools-virtual-hwe-18.04-edge - 5.4.0.165.162 linux-virtual - 5.4.0.165.162 linux-virtual-hwe-18.04 - 5.4.0.165.162 linux-virtual-hwe-18.04-edge - 5.4.0.165.162 No subscription required High CVE-2023-34319 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 Ubuntu 20.04 LTS Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Update Instructions: Run `sudo pro fix USN-6441-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1024-iot - 5.4.0-1024.25 linux-headers-5.4.0-1024-iot - 5.4.0-1024.25 linux-image-5.4.0-1024-iot - 5.4.0-1024.25 linux-image-unsigned-5.4.0-1024-iot - 5.4.0-1024.25 linux-iot-headers-5.4.0-1024 - 5.4.0-1024.25 linux-iot-tools-5.4.0-1024 - 5.4.0-1024.25 linux-iot-tools-common - 5.4.0-1024.25 linux-modules-5.4.0-1024-iot - 5.4.0-1024.25 linux-tools-5.4.0-1024-iot - 5.4.0-1024.25 No subscription required linux-buildinfo-5.4.0-1096-raspi - 5.4.0-1096.107 linux-headers-5.4.0-1096-raspi - 5.4.0-1096.107 linux-image-5.4.0-1096-raspi - 5.4.0-1096.107 linux-modules-5.4.0-1096-raspi - 5.4.0-1096.107 linux-raspi-headers-5.4.0-1096 - 5.4.0-1096.107 linux-raspi-tools-5.4.0-1096 - 5.4.0-1096.107 linux-tools-5.4.0-1096-raspi - 5.4.0-1096.107 No subscription required linux-headers-iot - 5.4.0.1024.22 linux-image-iot - 5.4.0.1024.22 linux-iot - 5.4.0.1024.22 linux-tools-iot - 5.4.0.1024.22 No subscription required linux-headers-raspi - 5.4.0.1096.126 linux-headers-raspi-hwe-18.04 - 5.4.0.1096.126 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1096.126 linux-headers-raspi2 - 5.4.0.1096.126 linux-headers-raspi2-hwe-18.04 - 5.4.0.1096.126 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1096.126 linux-image-raspi - 5.4.0.1096.126 linux-image-raspi-hwe-18.04 - 5.4.0.1096.126 linux-image-raspi-hwe-18.04-edge - 5.4.0.1096.126 linux-image-raspi2 - 5.4.0.1096.126 linux-image-raspi2-hwe-18.04 - 5.4.0.1096.126 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1096.126 linux-raspi - 5.4.0.1096.126 linux-raspi-hwe-18.04 - 5.4.0.1096.126 linux-raspi-hwe-18.04-edge - 5.4.0.1096.126 linux-raspi2 - 5.4.0.1096.126 linux-raspi2-hwe-18.04 - 5.4.0.1096.126 linux-raspi2-hwe-18.04-edge - 5.4.0.1096.126 linux-tools-raspi - 5.4.0.1096.126 linux-tools-raspi-hwe-18.04 - 5.4.0.1096.126 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1096.126 linux-tools-raspi2 - 5.4.0.1096.126 linux-tools-raspi2-hwe-18.04 - 5.4.0.1096.126 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1096.126 No subscription required High CVE-2023-34319 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 Ubuntu 20.04 LTS Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Update Instructions: Run `sudo pro fix USN-6442-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-headers-5.4.0-1073 - 5.4.0-1073.79 linux-bluefield-tools-5.4.0-1073 - 5.4.0-1073.79 linux-buildinfo-5.4.0-1073-bluefield - 5.4.0-1073.79 linux-headers-5.4.0-1073-bluefield - 5.4.0-1073.79 linux-image-5.4.0-1073-bluefield - 5.4.0-1073.79 linux-image-unsigned-5.4.0-1073-bluefield - 5.4.0-1073.79 linux-modules-5.4.0-1073-bluefield - 5.4.0-1073.79 linux-tools-5.4.0-1073-bluefield - 5.4.0-1073.79 No subscription required linux-bluefield - 5.4.0.1073.68 linux-headers-bluefield - 5.4.0.1073.68 linux-image-bluefield - 5.4.0.1073.68 linux-tools-bluefield - 5.4.0.1073.68 No subscription required High CVE-2023-34319 CVE-2023-4004 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 Ubuntu 20.04 LTS It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service (excessive CPU consumption). (CVE-2023-1206) Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2023-20569) It was discovered that the IPv6 RPL protocol implementation in the Linux kernel did not properly handle user-supplied data. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-2156) Davide Ornaghi discovered that the DECnet network protocol implementation in the Linux kernel contained a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Please note that kernel support for the DECnet has been removed to resolve this CVE. (CVE-2023-3338) Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate command payload size, leading to a out-of-bounds read vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-38432) It was discovered that the NFC implementation in the Linux kernel contained a use-after-free vulnerability when performing peer-to-peer communication in certain conditions. A privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3863) Laurence Wit discovered that the KSMBD implementation in the Linux kernel did not properly validate a buffer size in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-3865) Laurence Wit discovered that the KSMBD implementation in the Linux kernel contained a null pointer dereference vulnerability when handling handling chained requests. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-3866) It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel did not properly handle device initialization failures in certain situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2023-4132) Andy Nguyen discovered that the KVM implementation for AMD processors in the Linux kernel with Secure Encrypted Virtualization (SEV) contained a race condition when accessing the GHCB page. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (host system crash). (CVE-2023-4155) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-4194) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) Maxim Suhanov discovered that the exFAT file system implementation in the Linux kernel did not properly check a file name length, leading to an out- of-bounds write vulnerability. An attacker could use this to construct a malicious exFAT image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4273) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Thelford Williams discovered that the Ceph file system messenger protocol implementation in the Linux kernel did not properly validate frame segment length in certain situation, leading to a buffer overflow vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-44466) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle removal of rules from chain bindings in certain circumstances, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-5197) Update Instructions: Run `sudo pro fix USN-6445-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-cloud-tools-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-headers-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-image-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-image-unsigned-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1043 - 5.15.0-1043.49~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1043.49~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1043 - 5.15.0-1043.49~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1043 - 5.15.0-1043.49~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1043.49~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1043.49~20.04.1 linux-modules-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-modules-extra-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-modules-iwlwifi-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-tools-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1043.49~20.04.33 linux-headers-intel - 5.15.0.1043.49~20.04.33 linux-headers-intel-iotg - 5.15.0.1043.49~20.04.33 linux-headers-intel-iotg-edge - 5.15.0.1043.49~20.04.33 linux-image-intel - 5.15.0.1043.49~20.04.33 linux-image-intel-iotg - 5.15.0.1043.49~20.04.33 linux-image-intel-iotg-edge - 5.15.0.1043.49~20.04.33 linux-intel - 5.15.0.1043.49~20.04.33 linux-intel-iotg - 5.15.0.1043.49~20.04.33 linux-intel-iotg-edge - 5.15.0.1043.49~20.04.33 linux-tools-intel - 5.15.0.1043.49~20.04.33 linux-tools-intel-iotg - 5.15.0.1043.49~20.04.33 linux-tools-intel-iotg-edge - 5.15.0.1043.49~20.04.33 No subscription required High CVE-2023-1206 CVE-2023-20569 CVE-2023-2156 CVE-2023-3338 CVE-2023-34319 CVE-2023-38432 CVE-2023-3863 CVE-2023-3865 CVE-2023-3866 CVE-2023-4132 CVE-2023-4155 CVE-2023-4194 CVE-2023-4244 CVE-2023-4273 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-44466 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 CVE-2023-5197 Ubuntu 20.04 LTS Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle removal of rules from chain bindings in certain circumstances, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-5197) Update Instructions: Run `sudo pro fix USN-6446-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 linux-headers-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 linux-ibm-5.15-headers-5.15.0-1041 - 5.15.0-1041.44~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1041.44~20.04.1 linux-ibm-5.15-tools-5.15.0-1041 - 5.15.0-1041.44~20.04.1 linux-image-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 linux-image-unsigned-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 linux-modules-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 linux-modules-extra-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 linux-tools-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1048 - 5.15.0-1048.53~20.04.1 linux-aws-5.15-headers-5.15.0-1048 - 5.15.0-1048.53~20.04.1 linux-aws-5.15-tools-5.15.0-1048 - 5.15.0-1048.53~20.04.1 linux-buildinfo-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-cloud-tools-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-headers-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-image-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-image-unsigned-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-modules-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-modules-extra-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-tools-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1050 - 5.15.0-1050.57~20.04.1 linux-azure-5.15-headers-5.15.0-1050 - 5.15.0-1050.57~20.04.1 linux-azure-5.15-tools-5.15.0-1050 - 5.15.0-1050.57~20.04.1 linux-buildinfo-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-cloud-tools-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-headers-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-image-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-image-unsigned-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-modules-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-modules-extra-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-tools-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 No subscription required linux-image-5.15.0-1050-azure-fde - 5.15.0-1050.57~20.04.1.1 linux-image-unsigned-5.15.0-1050-azure-fde - 5.15.0-1050.57~20.04.1.1 No subscription required linux-buildinfo-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-buildinfo-5.15.0-87-lowlatency-64k - 5.15.0-87.96~20.04.1 linux-cloud-tools-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-headers-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-headers-5.15.0-87-lowlatency-64k - 5.15.0-87.96~20.04.1 linux-image-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-image-5.15.0-87-lowlatency-64k - 5.15.0-87.96~20.04.1 linux-image-unsigned-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-image-unsigned-5.15.0-87-lowlatency-64k - 5.15.0-87.96~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-87 - 5.15.0-87.96~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-87.96~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-87 - 5.15.0-87.96~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-87 - 5.15.0-87.96~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-87.96~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-87.96~20.04.1 linux-modules-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-modules-5.15.0-87-lowlatency-64k - 5.15.0-87.96~20.04.1 linux-modules-iwlwifi-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-tools-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-tools-5.15.0-87-lowlatency-64k - 5.15.0-87.96~20.04.1 No subscription required linux-buildinfo-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-buildinfo-5.15.0-87-generic-64k - 5.15.0-87.97~20.04.1 linux-buildinfo-5.15.0-87-generic-lpae - 5.15.0-87.97~20.04.1 linux-cloud-tools-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-headers-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-headers-5.15.0-87-generic-64k - 5.15.0-87.97~20.04.1 linux-headers-5.15.0-87-generic-lpae - 5.15.0-87.97~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-87 - 5.15.0-87.97~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-87.97~20.04.1 linux-hwe-5.15-headers-5.15.0-87 - 5.15.0-87.97~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-87.97~20.04.1 linux-hwe-5.15-tools-5.15.0-87 - 5.15.0-87.97~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-87.97~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-87.97~20.04.1 linux-image-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-image-5.15.0-87-generic-64k - 5.15.0-87.97~20.04.1 linux-image-5.15.0-87-generic-lpae - 5.15.0-87.97~20.04.1 linux-image-unsigned-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-image-unsigned-5.15.0-87-generic-64k - 5.15.0-87.97~20.04.1 linux-modules-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-modules-5.15.0-87-generic-64k - 5.15.0-87.97~20.04.1 linux-modules-5.15.0-87-generic-lpae - 5.15.0-87.97~20.04.1 linux-modules-extra-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-modules-iwlwifi-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-tools-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-tools-5.15.0-87-generic-64k - 5.15.0-87.97~20.04.1 linux-tools-5.15.0-87-generic-lpae - 5.15.0-87.97~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1041.44~20.04.13 linux-headers-ibm-edge - 5.15.0.1041.44~20.04.13 linux-ibm - 5.15.0.1041.44~20.04.13 linux-ibm-edge - 5.15.0.1041.44~20.04.13 linux-image-ibm - 5.15.0.1041.44~20.04.13 linux-image-ibm-edge - 5.15.0.1041.44~20.04.13 linux-tools-ibm - 5.15.0.1041.44~20.04.13 linux-tools-ibm-edge - 5.15.0.1041.44~20.04.13 No subscription required linux-aws - 5.15.0.1048.53~20.04.36 linux-aws-edge - 5.15.0.1048.53~20.04.36 linux-headers-aws - 5.15.0.1048.53~20.04.36 linux-headers-aws-edge - 5.15.0.1048.53~20.04.36 linux-image-aws - 5.15.0.1048.53~20.04.36 linux-image-aws-edge - 5.15.0.1048.53~20.04.36 linux-modules-extra-aws - 5.15.0.1048.53~20.04.36 linux-modules-extra-aws-edge - 5.15.0.1048.53~20.04.36 linux-tools-aws - 5.15.0.1048.53~20.04.36 linux-tools-aws-edge - 5.15.0.1048.53~20.04.36 No subscription required linux-azure-fde - 5.15.0.1050.57~20.04.1.28 linux-azure-fde-edge - 5.15.0.1050.57~20.04.1.28 linux-cloud-tools-azure-fde - 5.15.0.1050.57~20.04.1.28 linux-cloud-tools-azure-fde-edge - 5.15.0.1050.57~20.04.1.28 linux-headers-azure-fde - 5.15.0.1050.57~20.04.1.28 linux-headers-azure-fde-edge - 5.15.0.1050.57~20.04.1.28 linux-image-azure-fde - 5.15.0.1050.57~20.04.1.28 linux-image-azure-fde-edge - 5.15.0.1050.57~20.04.1.28 linux-modules-extra-azure-fde - 5.15.0.1050.57~20.04.1.28 linux-modules-extra-azure-fde-edge - 5.15.0.1050.57~20.04.1.28 linux-tools-azure-fde - 5.15.0.1050.57~20.04.1.28 linux-tools-azure-fde-edge - 5.15.0.1050.57~20.04.1.28 No subscription required linux-azure - 5.15.0.1050.57~20.04.39 linux-azure-cvm - 5.15.0.1050.57~20.04.39 linux-azure-edge - 5.15.0.1050.57~20.04.39 linux-cloud-tools-azure - 5.15.0.1050.57~20.04.39 linux-cloud-tools-azure-cvm - 5.15.0.1050.57~20.04.39 linux-cloud-tools-azure-edge - 5.15.0.1050.57~20.04.39 linux-headers-azure - 5.15.0.1050.57~20.04.39 linux-headers-azure-cvm - 5.15.0.1050.57~20.04.39 linux-headers-azure-edge - 5.15.0.1050.57~20.04.39 linux-image-azure - 5.15.0.1050.57~20.04.39 linux-image-azure-cvm - 5.15.0.1050.57~20.04.39 linux-image-azure-edge - 5.15.0.1050.57~20.04.39 linux-modules-extra-azure - 5.15.0.1050.57~20.04.39 linux-modules-extra-azure-cvm - 5.15.0.1050.57~20.04.39 linux-modules-extra-azure-edge - 5.15.0.1050.57~20.04.39 linux-tools-azure - 5.15.0.1050.57~20.04.39 linux-tools-azure-cvm - 5.15.0.1050.57~20.04.39 linux-tools-azure-edge - 5.15.0.1050.57~20.04.39 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-headers-lowlatency-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-image-lowlatency-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-lowlatency-64k-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-lowlatency-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-lowlatency-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-tools-lowlatency-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.87.96~20.04.42 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-generic-64k-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-generic-64k-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-generic-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-generic-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-generic-lpae-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-generic-lpae-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-headers-generic-64k-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-headers-generic-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-headers-generic-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-headers-oem-20.04 - 5.15.0.87.97~20.04.45 linux-headers-oem-20.04b - 5.15.0.87.97~20.04.45 linux-headers-oem-20.04c - 5.15.0.87.97~20.04.45 linux-headers-oem-20.04d - 5.15.0.87.97~20.04.45 linux-headers-virtual-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-headers-virtual-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-image-extra-virtual-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-image-generic-64k-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-image-generic-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-image-generic-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-image-generic-lpae-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-image-oem-20.04 - 5.15.0.87.97~20.04.45 linux-image-oem-20.04b - 5.15.0.87.97~20.04.45 linux-image-oem-20.04c - 5.15.0.87.97~20.04.45 linux-image-oem-20.04d - 5.15.0.87.97~20.04.45 linux-image-virtual-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-image-virtual-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-modules-iwlwifi-oem-20.04 - 5.15.0.87.97~20.04.45 linux-modules-iwlwifi-oem-20.04d - 5.15.0.87.97~20.04.45 linux-oem-20.04 - 5.15.0.87.97~20.04.45 linux-oem-20.04b - 5.15.0.87.97~20.04.45 linux-oem-20.04c - 5.15.0.87.97~20.04.45 linux-oem-20.04d - 5.15.0.87.97~20.04.45 linux-tools-generic-64k-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-tools-generic-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-tools-generic-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-tools-oem-20.04 - 5.15.0.87.97~20.04.45 linux-tools-oem-20.04b - 5.15.0.87.97~20.04.45 linux-tools-oem-20.04c - 5.15.0.87.97~20.04.45 linux-tools-oem-20.04d - 5.15.0.87.97~20.04.45 linux-tools-virtual-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-tools-virtual-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-virtual-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-virtual-hwe-20.04-edge - 5.15.0.87.97~20.04.45 No subscription required High CVE-2023-34319 CVE-2023-4244 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 CVE-2023-5197 Ubuntu 20.04 LTS Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle removal of rules from chain bindings in certain circumstances, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-5197) Update Instructions: Run `sudo pro fix USN-6446-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-cloud-tools-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1031 - 5.15.0-1031.37~20.04.1 linux-gkeop-5.15-headers-5.15.0-1031 - 5.15.0-1031.37~20.04.1 linux-gkeop-5.15-tools-5.15.0-1031 - 5.15.0-1031.37~20.04.1 linux-headers-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-image-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-image-unsigned-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-modules-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-modules-extra-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-tools-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 No subscription required linux-buildinfo-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-gcp-5.15-headers-5.15.0-1045 - 5.15.0-1045.53~20.04.2 linux-gcp-5.15-tools-5.15.0-1045 - 5.15.0-1045.53~20.04.2 linux-headers-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-image-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-image-unsigned-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-modules-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-modules-extra-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-modules-iwlwifi-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-tools-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1031.37~20.04.27 linux-cloud-tools-gkeop-edge - 5.15.0.1031.37~20.04.27 linux-gkeop-5.15 - 5.15.0.1031.37~20.04.27 linux-gkeop-edge - 5.15.0.1031.37~20.04.27 linux-headers-gkeop-5.15 - 5.15.0.1031.37~20.04.27 linux-headers-gkeop-edge - 5.15.0.1031.37~20.04.27 linux-image-gkeop-5.15 - 5.15.0.1031.37~20.04.27 linux-image-gkeop-edge - 5.15.0.1031.37~20.04.27 linux-modules-extra-gkeop-5.15 - 5.15.0.1031.37~20.04.27 linux-modules-extra-gkeop-edge - 5.15.0.1031.37~20.04.27 linux-tools-gkeop-5.15 - 5.15.0.1031.37~20.04.27 linux-tools-gkeop-edge - 5.15.0.1031.37~20.04.27 No subscription required linux-gcp - 5.15.0.1045.53~20.04.1 linux-gcp-edge - 5.15.0.1045.53~20.04.1 linux-headers-gcp - 5.15.0.1045.53~20.04.1 linux-headers-gcp-edge - 5.15.0.1045.53~20.04.1 linux-image-gcp - 5.15.0.1045.53~20.04.1 linux-image-gcp-edge - 5.15.0.1045.53~20.04.1 linux-modules-extra-gcp - 5.15.0.1045.53~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1045.53~20.04.1 linux-tools-gcp - 5.15.0.1045.53~20.04.1 linux-tools-gcp-edge - 5.15.0.1045.53~20.04.1 No subscription required High CVE-2023-34319 CVE-2023-4244 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 CVE-2023-5197 Ubuntu 20.04 LTS Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle removal of rules from chain bindings in certain circumstances, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-5197) Update Instructions: Run `sudo pro fix USN-6446-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 linux-headers-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 linux-image-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 linux-image-unsigned-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 linux-modules-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 linux-modules-extra-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 linux-oracle-5.15-headers-5.15.0-1046 - 5.15.0-1046.52~20.04.1 linux-oracle-5.15-tools-5.15.0-1046 - 5.15.0-1046.52~20.04.1 linux-tools-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1046.52~20.04.1 linux-headers-oracle-edge - 5.15.0.1046.52~20.04.1 linux-image-oracle - 5.15.0.1046.52~20.04.1 linux-image-oracle-edge - 5.15.0.1046.52~20.04.1 linux-oracle - 5.15.0.1046.52~20.04.1 linux-oracle-edge - 5.15.0.1046.52~20.04.1 linux-tools-oracle - 5.15.0.1046.52~20.04.1 linux-tools-oracle-edge - 5.15.0.1046.52~20.04.1 No subscription required High CVE-2023-34319 CVE-2023-4244 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 CVE-2023-5197 Ubuntu 20.04 LTS It was discovered that AOM incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-36130, CVE-2020-36131, CVE-2020-36133, CVE-2020-36135, CVE-2021-30473, CVE-2021-30474, CVE-2021-30475) Update Instructions: Run `sudo pro fix USN-6447-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aom-tools - 1.0.0.errata1-3+deb11u1build0.20.04.1 libaom-dev - 1.0.0.errata1-3+deb11u1build0.20.04.1 libaom-doc - 1.0.0.errata1-3+deb11u1build0.20.04.1 libaom0 - 1.0.0.errata1-3+deb11u1build0.20.04.1 No subscription required Medium CVE-2020-36130 CVE-2020-36131 CVE-2020-36133 CVE-2020-36135 CVE-2021-30473 CVE-2021-30474 CVE-2021-30475 Ubuntu 20.04 LTS Xu Biang discovered that Sofia-SIP did not properly manage memory when handling STUN packets. An attacker could use this issue to cause Sofia-SIP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6448-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsofia-sip-ua-dev - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 libsofia-sip-ua-glib-dev - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 libsofia-sip-ua-glib3 - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 libsofia-sip-ua0 - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 sofia-sip-bin - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 sofia-sip-doc - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 No subscription required Medium CVE-2023-32307 Ubuntu 20.04 LTS It was discovered that FFmpeg incorrectly managed memory resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-22038) It was discovered that FFmpeg incorrectly handled certain input files, leading to an integer overflow. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-20898, CVE-2021-38090, CVE-2021-38091, CVE-2021-38092, CVE-2021-38093, CVE-2021-38094) It was discovered that FFmpeg incorrectly managed memory, resulting in a memory leak. If a user or automated system were tricked into processing a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2022-48434) Update Instructions: Run `sudo pro fix USN-6449-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ffmpeg - 7:4.2.7-0ubuntu0.1+esm3 ffmpeg-doc - 7:4.2.7-0ubuntu0.1+esm3 libavcodec-dev - 7:4.2.7-0ubuntu0.1+esm3 libavcodec-extra - 7:4.2.7-0ubuntu0.1+esm3 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1+esm3 libavcodec58 - 7:4.2.7-0ubuntu0.1+esm3 libavdevice-dev - 7:4.2.7-0ubuntu0.1+esm3 libavdevice58 - 7:4.2.7-0ubuntu0.1+esm3 libavfilter-dev - 7:4.2.7-0ubuntu0.1+esm3 libavfilter-extra - 7:4.2.7-0ubuntu0.1+esm3 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1+esm3 libavfilter7 - 7:4.2.7-0ubuntu0.1+esm3 libavformat-dev - 7:4.2.7-0ubuntu0.1+esm3 libavformat58 - 7:4.2.7-0ubuntu0.1+esm3 libavresample-dev - 7:4.2.7-0ubuntu0.1+esm3 libavresample4 - 7:4.2.7-0ubuntu0.1+esm3 libavutil-dev - 7:4.2.7-0ubuntu0.1+esm3 libavutil56 - 7:4.2.7-0ubuntu0.1+esm3 libpostproc-dev - 7:4.2.7-0ubuntu0.1+esm3 libpostproc55 - 7:4.2.7-0ubuntu0.1+esm3 libswresample-dev - 7:4.2.7-0ubuntu0.1+esm3 libswresample3 - 7:4.2.7-0ubuntu0.1+esm3 libswscale-dev - 7:4.2.7-0ubuntu0.1+esm3 libswscale5 - 7:4.2.7-0ubuntu0.1+esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-20898 CVE-2020-22038 CVE-2021-38090 CVE-2021-38091 CVE-2021-38092 CVE-2021-38093 CVE-2021-38094 CVE-2022-48434 Ubuntu 20.04 LTS USN-6449-1 fixed vulnerabilities in FFmpeg. Unfortunately that update could introduce a regression in tools using an FFmpeg library, like VLC. This updated fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that FFmpeg incorrectly managed memory resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-22038) It was discovered that FFmpeg incorrectly handled certain input files, leading to an integer overflow. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-20898, CVE-2021-38090, CVE-2021-38091, CVE-2021-38092, CVE-2021-38093, CVE-2021-38094) It was discovered that FFmpeg incorrectly managed memory, resulting in a memory leak. If a user or automated system were tricked into processing a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2022-48434) Update Instructions: Run `sudo pro fix USN-6449-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ffmpeg - 7:4.2.7-0ubuntu0.1+esm4 ffmpeg-doc - 7:4.2.7-0ubuntu0.1+esm4 libavcodec-dev - 7:4.2.7-0ubuntu0.1+esm4 libavcodec-extra - 7:4.2.7-0ubuntu0.1+esm4 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1+esm4 libavcodec58 - 7:4.2.7-0ubuntu0.1+esm4 libavdevice-dev - 7:4.2.7-0ubuntu0.1+esm4 libavdevice58 - 7:4.2.7-0ubuntu0.1+esm4 libavfilter-dev - 7:4.2.7-0ubuntu0.1+esm4 libavfilter-extra - 7:4.2.7-0ubuntu0.1+esm4 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1+esm4 libavfilter7 - 7:4.2.7-0ubuntu0.1+esm4 libavformat-dev - 7:4.2.7-0ubuntu0.1+esm4 libavformat58 - 7:4.2.7-0ubuntu0.1+esm4 libavresample-dev - 7:4.2.7-0ubuntu0.1+esm4 libavresample4 - 7:4.2.7-0ubuntu0.1+esm4 libavutil-dev - 7:4.2.7-0ubuntu0.1+esm4 libavutil56 - 7:4.2.7-0ubuntu0.1+esm4 libpostproc-dev - 7:4.2.7-0ubuntu0.1+esm4 libpostproc55 - 7:4.2.7-0ubuntu0.1+esm4 libswresample-dev - 7:4.2.7-0ubuntu0.1+esm4 libswresample3 - 7:4.2.7-0ubuntu0.1+esm4 libswscale-dev - 7:4.2.7-0ubuntu0.1+esm4 libswscale5 - 7:4.2.7-0ubuntu0.1+esm4 Available with Ubuntu Pro: https://ubuntu.com/pro None https://launchpad.net/bugs/2042743 Ubuntu 20.04 LTS It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. (CVE-2023-3896) It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-4733, CVE-2023-4750) It was discovered that Vim contained an arithmetic overflow. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-4734) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-4735, CVE-2023-5344) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-4738) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-4751) It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-4752, CVE-2023-5535) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-4781) It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-5441) Update Instructions: Run `sudo pro fix USN-6452-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:8.1.2269-1ubuntu5.20 vim-athena - 2:8.1.2269-1ubuntu5.20 vim-common - 2:8.1.2269-1ubuntu5.20 vim-doc - 2:8.1.2269-1ubuntu5.20 vim-gtk - 2:8.1.2269-1ubuntu5.20 vim-gtk3 - 2:8.1.2269-1ubuntu5.20 vim-gui-common - 2:8.1.2269-1ubuntu5.20 vim-nox - 2:8.1.2269-1ubuntu5.20 vim-runtime - 2:8.1.2269-1ubuntu5.20 vim-tiny - 2:8.1.2269-1ubuntu5.20 xxd - 2:8.1.2269-1ubuntu5.20 No subscription required Medium CVE-2023-3896 CVE-2023-4733 CVE-2023-4734 CVE-2023-4735 CVE-2023-4738 CVE-2023-4750 CVE-2023-4751 CVE-2023-4752 CVE-2023-4781 CVE-2023-5344 CVE-2023-5441 CVE-2023-5535 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled prepending values to certain properties. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. (CVE-2023-5367) Sri discovered that the X.Org X Server incorrectly handled detroying windows in certain legacy multi-screen setups. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. (CVE-2023-5380) Update Instructions: Run `sudo pro fix USN-6453-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xdmx - 2:1.20.13-1ubuntu1~20.04.9 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.9 xnest - 2:1.20.13-1ubuntu1~20.04.9 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.9 xserver-common - 2:1.20.13-1ubuntu1~20.04.9 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.9 xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.9 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.9 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.9 xvfb - 2:1.20.13-1ubuntu1~20.04.9 xwayland - 2:1.20.13-1ubuntu1~20.04.9 No subscription required Medium CVE-2023-5367 CVE-2023-5380 Ubuntu 20.04 LTS It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to memory corruption. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2023-42117) It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. (CVE-2023-42119) Update Instructions: Run `sudo pro fix USN-6455-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4 - 4.93-13ubuntu1.9 exim4-base - 4.93-13ubuntu1.9 exim4-config - 4.93-13ubuntu1.9 exim4-daemon-heavy - 4.93-13ubuntu1.9 exim4-daemon-light - 4.93-13ubuntu1.9 exim4-dev - 4.93-13ubuntu1.9 eximon4 - 4.93-13ubuntu1.9 No subscription required Medium CVE-2023-42117 CVE-2023-42119 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-5722, CVE-2023-5724, CVE-2023-5728, CVE-2023-5729, CVE-2023-5730, CVE-2023-5731) Kelsey Gilbert discovered that Firefox did not properly manage certain browser prompts and dialogs due to an insufficient activation-delay. An attacker could potentially exploit this issue to perform clickjacking. (CVE-2023-5721) Daniel Veditz discovered that Firefox did not properly validate a cookie containing invalid characters. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-5723) Shaheen Fazim discovered that Firefox did not properly validate the URLs open by installed WebExtension. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-5725) Update Instructions: Run `sudo pro fix USN-6456-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 119.0+build2-0ubuntu0.20.04.1 firefox-dev - 119.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-nl - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 119.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 119.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-5721 CVE-2023-5722 CVE-2023-5723 CVE-2023-5724 CVE-2023-5725 CVE-2023-5728 CVE-2023-5729 CVE-2023-5730 CVE-2023-5731 Ubuntu 20.04 LTS USN-6456-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-5722, CVE-2023-5724, CVE-2023-5728, CVE-2023-5729, CVE-2023-5730, CVE-2023-5731) Kelsey Gilbert discovered that Firefox did not properly manage certain browser prompts and dialogs due to an insufficient activation-delay. An attacker could potentially exploit this issue to perform clickjacking. (CVE-2023-5721) Daniel Veditz discovered that Firefox did not properly validate a cookie containing invalid characters. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-5723) Shaheen Fazim discovered that Firefox did not properly validate the URLs open by installed WebExtension. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-5725) Update Instructions: Run `sudo pro fix USN-6456-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 119.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 119.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nl - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 119.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 119.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2043441 Ubuntu 20.04 LTS It was discovered that Slurm did not properly handle credential management, which could allow an unprivileged user to impersonate the SlurmUser account. An attacker could possibly use this issue to execute arbitrary code as the root user. (CVE-2022-29500) It was discovered that Slurm did not properly handle access control when dealing with RPC traffic through PMI2 and PMIx, which could allow an unprivileged user to send data to an arbitrary unix socket in the host. An attacker could possibly use this issue to execute arbitrary code as the root user. (CVE-2022-29501) It was discovered that Slurm did not properly handle validation logic when processing input and output data with the srun client, which could lead to the interception of process I/O. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-29502) Update Instructions: Run `sudo pro fix USN-6458-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpam-slurm - 19.05.5-1ubuntu0.1~esm2 libpam-slurm-adopt - 19.05.5-1ubuntu0.1~esm2 libpmi0 - 19.05.5-1ubuntu0.1~esm2 libpmi0-dev - 19.05.5-1ubuntu0.1~esm2 libpmi2-0 - 19.05.5-1ubuntu0.1~esm2 libpmi2-0-dev - 19.05.5-1ubuntu0.1~esm2 libslurm-dev - 19.05.5-1ubuntu0.1~esm2 libslurm-perl - 19.05.5-1ubuntu0.1~esm2 libslurm34 - 19.05.5-1ubuntu0.1~esm2 libslurmdb-perl - 19.05.5-1ubuntu0.1~esm2 slurm-client - 19.05.5-1ubuntu0.1~esm2 slurm-client-emulator - 19.05.5-1ubuntu0.1~esm2 slurm-wlm - 19.05.5-1ubuntu0.1~esm2 slurm-wlm-basic-plugins - 19.05.5-1ubuntu0.1~esm2 slurm-wlm-basic-plugins-dev - 19.05.5-1ubuntu0.1~esm2 slurm-wlm-doc - 19.05.5-1ubuntu0.1~esm2 slurm-wlm-emulator - 19.05.5-1ubuntu0.1~esm2 slurm-wlm-torque - 19.05.5-1ubuntu0.1~esm2 slurmctld - 19.05.5-1ubuntu0.1~esm2 slurmd - 19.05.5-1ubuntu0.1~esm2 slurmdbd - 19.05.5-1ubuntu0.1~esm2 sview - 19.05.5-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2022-29500 CVE-2022-29501 CVE-2022-29502 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.35 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-35.html https://www.oracle.com/security-alerts/cpuoct2023.html Update Instructions: Run `sudo pro fix USN-6459-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmysqlclient-dev - 8.0.35-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.35-0ubuntu0.20.04.1 mysql-client - 8.0.35-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.35-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.35-0ubuntu0.20.04.1 mysql-router - 8.0.35-0ubuntu0.20.04.1 mysql-server - 8.0.35-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.35-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.35-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.35-0ubuntu0.20.04.1 mysql-testsuite - 8.0.35-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.35-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-22032 CVE-2023-22059 CVE-2023-22064 CVE-2023-22066 CVE-2023-22068 CVE-2023-22070 CVE-2023-22078 CVE-2023-22079 CVE-2023-22084 CVE-2023-22092 CVE-2023-22097 CVE-2023-22103 CVE-2023-22112 CVE-2023-22114 Ubuntu 20.04 LTS Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597) Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-31083) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-3772) It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel did not properly handle device initialization failures in certain situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2023-4132) Update Instructions: Run `sudo pro fix USN-6462-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1033-xilinx-zynqmp - 5.4.0-1033.37 linux-headers-5.4.0-1033-xilinx-zynqmp - 5.4.0-1033.37 linux-image-5.4.0-1033-xilinx-zynqmp - 5.4.0-1033.37 linux-modules-5.4.0-1033-xilinx-zynqmp - 5.4.0-1033.37 linux-tools-5.4.0-1033-xilinx-zynqmp - 5.4.0-1033.37 linux-xilinx-zynqmp-headers-5.4.0-1033 - 5.4.0-1033.37 linux-xilinx-zynqmp-tools-5.4.0-1033 - 5.4.0-1033.37 No subscription required linux-buildinfo-5.4.0-1060-ibm - 5.4.0-1060.65 linux-headers-5.4.0-1060-ibm - 5.4.0-1060.65 linux-ibm-cloud-tools-common - 5.4.0-1060.65 linux-ibm-headers-5.4.0-1060 - 5.4.0-1060.65 linux-ibm-source-5.4.0 - 5.4.0-1060.65 linux-ibm-tools-5.4.0-1060 - 5.4.0-1060.65 linux-ibm-tools-common - 5.4.0-1060.65 linux-image-5.4.0-1060-ibm - 5.4.0-1060.65 linux-image-unsigned-5.4.0-1060-ibm - 5.4.0-1060.65 linux-modules-5.4.0-1060-ibm - 5.4.0-1060.65 linux-modules-extra-5.4.0-1060-ibm - 5.4.0-1060.65 linux-tools-5.4.0-1060-ibm - 5.4.0-1060.65 No subscription required linux-bluefield-headers-5.4.0-1074 - 5.4.0-1074.80 linux-bluefield-tools-5.4.0-1074 - 5.4.0-1074.80 linux-buildinfo-5.4.0-1074-bluefield - 5.4.0-1074.80 linux-headers-5.4.0-1074-bluefield - 5.4.0-1074.80 linux-image-5.4.0-1074-bluefield - 5.4.0-1074.80 linux-image-unsigned-5.4.0-1074-bluefield - 5.4.0-1074.80 linux-modules-5.4.0-1074-bluefield - 5.4.0-1074.80 linux-tools-5.4.0-1074-bluefield - 5.4.0-1074.80 No subscription required linux-buildinfo-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-cloud-tools-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-gkeop-cloud-tools-5.4.0-1080 - 5.4.0-1080.84 linux-gkeop-headers-5.4.0-1080 - 5.4.0-1080.84 linux-gkeop-source-5.4.0 - 5.4.0-1080.84 linux-gkeop-tools-5.4.0-1080 - 5.4.0-1080.84 linux-headers-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-image-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-image-unsigned-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-modules-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-modules-extra-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-tools-5.4.0-1080-gkeop - 5.4.0-1080.84 No subscription required linux-buildinfo-5.4.0-1097-raspi - 5.4.0-1097.109 linux-headers-5.4.0-1097-raspi - 5.4.0-1097.109 linux-image-5.4.0-1097-raspi - 5.4.0-1097.109 linux-modules-5.4.0-1097-raspi - 5.4.0-1097.109 linux-raspi-headers-5.4.0-1097 - 5.4.0-1097.109 linux-raspi-tools-5.4.0-1097 - 5.4.0-1097.109 linux-tools-5.4.0-1097-raspi - 5.4.0-1097.109 No subscription required linux-buildinfo-5.4.0-1102-kvm - 5.4.0-1102.108 linux-headers-5.4.0-1102-kvm - 5.4.0-1102.108 linux-image-5.4.0-1102-kvm - 5.4.0-1102.108 linux-image-unsigned-5.4.0-1102-kvm - 5.4.0-1102.108 linux-kvm-headers-5.4.0-1102 - 5.4.0-1102.108 linux-kvm-tools-5.4.0-1102 - 5.4.0-1102.108 linux-modules-5.4.0-1102-kvm - 5.4.0-1102.108 linux-tools-5.4.0-1102-kvm - 5.4.0-1102.108 No subscription required linux-buildinfo-5.4.0-1112-oracle - 5.4.0-1112.121 linux-headers-5.4.0-1112-oracle - 5.4.0-1112.121 linux-image-5.4.0-1112-oracle - 5.4.0-1112.121 linux-image-unsigned-5.4.0-1112-oracle - 5.4.0-1112.121 linux-modules-5.4.0-1112-oracle - 5.4.0-1112.121 linux-modules-extra-5.4.0-1112-oracle - 5.4.0-1112.121 linux-oracle-headers-5.4.0-1112 - 5.4.0-1112.121 linux-oracle-tools-5.4.0-1112 - 5.4.0-1112.121 linux-tools-5.4.0-1112-oracle - 5.4.0-1112.121 No subscription required linux-aws-cloud-tools-5.4.0-1113 - 5.4.0-1113.123 linux-aws-headers-5.4.0-1113 - 5.4.0-1113.123 linux-aws-tools-5.4.0-1113 - 5.4.0-1113.123 linux-buildinfo-5.4.0-1113-aws - 5.4.0-1113.123 linux-cloud-tools-5.4.0-1113-aws - 5.4.0-1113.123 linux-headers-5.4.0-1113-aws - 5.4.0-1113.123 linux-image-5.4.0-1113-aws - 5.4.0-1113.123 linux-image-unsigned-5.4.0-1113-aws - 5.4.0-1113.123 linux-modules-5.4.0-1113-aws - 5.4.0-1113.123 linux-modules-extra-5.4.0-1113-aws - 5.4.0-1113.123 linux-tools-5.4.0-1113-aws - 5.4.0-1113.123 No subscription required linux-buildinfo-5.4.0-1117-gcp - 5.4.0-1117.126 linux-gcp-headers-5.4.0-1117 - 5.4.0-1117.126 linux-gcp-tools-5.4.0-1117 - 5.4.0-1117.126 linux-headers-5.4.0-1117-gcp - 5.4.0-1117.126 linux-image-5.4.0-1117-gcp - 5.4.0-1117.126 linux-image-unsigned-5.4.0-1117-gcp - 5.4.0-1117.126 linux-modules-5.4.0-1117-gcp - 5.4.0-1117.126 linux-modules-extra-5.4.0-1117-gcp - 5.4.0-1117.126 linux-tools-5.4.0-1117-gcp - 5.4.0-1117.126 No subscription required linux-azure-cloud-tools-5.4.0-1119 - 5.4.0-1119.126 linux-azure-headers-5.4.0-1119 - 5.4.0-1119.126 linux-azure-tools-5.4.0-1119 - 5.4.0-1119.126 linux-buildinfo-5.4.0-1119-azure - 5.4.0-1119.126 linux-cloud-tools-5.4.0-1119-azure - 5.4.0-1119.126 linux-headers-5.4.0-1119-azure - 5.4.0-1119.126 linux-image-5.4.0-1119-azure - 5.4.0-1119.126 linux-image-unsigned-5.4.0-1119-azure - 5.4.0-1119.126 linux-modules-5.4.0-1119-azure - 5.4.0-1119.126 linux-modules-extra-5.4.0-1119-azure - 5.4.0-1119.126 linux-tools-5.4.0-1119-azure - 5.4.0-1119.126 No subscription required linux-buildinfo-5.4.0-166-generic - 5.4.0-166.183 linux-buildinfo-5.4.0-166-generic-lpae - 5.4.0-166.183 linux-buildinfo-5.4.0-166-lowlatency - 5.4.0-166.183 linux-cloud-tools-5.4.0-166 - 5.4.0-166.183 linux-cloud-tools-5.4.0-166-generic - 5.4.0-166.183 linux-cloud-tools-5.4.0-166-lowlatency - 5.4.0-166.183 linux-cloud-tools-common - 5.4.0-166.183 linux-doc - 5.4.0-166.183 linux-headers-5.4.0-166 - 5.4.0-166.183 linux-headers-5.4.0-166-generic - 5.4.0-166.183 linux-headers-5.4.0-166-generic-lpae - 5.4.0-166.183 linux-headers-5.4.0-166-lowlatency - 5.4.0-166.183 linux-image-5.4.0-166-generic - 5.4.0-166.183 linux-image-5.4.0-166-generic-lpae - 5.4.0-166.183 linux-image-5.4.0-166-lowlatency - 5.4.0-166.183 linux-image-unsigned-5.4.0-166-generic - 5.4.0-166.183 linux-image-unsigned-5.4.0-166-lowlatency - 5.4.0-166.183 linux-libc-dev - 5.4.0-166.183 linux-modules-5.4.0-166-generic - 5.4.0-166.183 linux-modules-5.4.0-166-generic-lpae - 5.4.0-166.183 linux-modules-5.4.0-166-lowlatency - 5.4.0-166.183 linux-modules-extra-5.4.0-166-generic - 5.4.0-166.183 linux-source-5.4.0 - 5.4.0-166.183 linux-tools-5.4.0-166 - 5.4.0-166.183 linux-tools-5.4.0-166-generic - 5.4.0-166.183 linux-tools-5.4.0-166-generic-lpae - 5.4.0-166.183 linux-tools-5.4.0-166-lowlatency - 5.4.0-166.183 linux-tools-common - 5.4.0-166.183 linux-tools-host - 5.4.0-166.183 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1033.33 linux-image-xilinx-zynqmp - 5.4.0.1033.33 linux-tools-xilinx-zynqmp - 5.4.0.1033.33 linux-xilinx-zynqmp - 5.4.0.1033.33 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1060.89 linux-ibm-lts-20.04 - 5.4.0.1060.89 linux-image-ibm-lts-20.04 - 5.4.0.1060.89 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1060.89 linux-tools-ibm-lts-20.04 - 5.4.0.1060.89 No subscription required linux-bluefield - 5.4.0.1074.69 linux-headers-bluefield - 5.4.0.1074.69 linux-image-bluefield - 5.4.0.1074.69 linux-tools-bluefield - 5.4.0.1074.69 No subscription required linux-cloud-tools-gkeop - 5.4.0.1080.78 linux-cloud-tools-gkeop-5.4 - 5.4.0.1080.78 linux-gkeop - 5.4.0.1080.78 linux-gkeop-5.4 - 5.4.0.1080.78 linux-headers-gkeop - 5.4.0.1080.78 linux-headers-gkeop-5.4 - 5.4.0.1080.78 linux-image-gkeop - 5.4.0.1080.78 linux-image-gkeop-5.4 - 5.4.0.1080.78 linux-modules-extra-gkeop - 5.4.0.1080.78 linux-modules-extra-gkeop-5.4 - 5.4.0.1080.78 linux-tools-gkeop - 5.4.0.1080.78 linux-tools-gkeop-5.4 - 5.4.0.1080.78 No subscription required linux-headers-raspi - 5.4.0.1097.127 linux-headers-raspi-hwe-18.04 - 5.4.0.1097.127 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1097.127 linux-headers-raspi2 - 5.4.0.1097.127 linux-headers-raspi2-hwe-18.04 - 5.4.0.1097.127 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1097.127 linux-image-raspi - 5.4.0.1097.127 linux-image-raspi-hwe-18.04 - 5.4.0.1097.127 linux-image-raspi-hwe-18.04-edge - 5.4.0.1097.127 linux-image-raspi2 - 5.4.0.1097.127 linux-image-raspi2-hwe-18.04 - 5.4.0.1097.127 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1097.127 linux-raspi - 5.4.0.1097.127 linux-raspi-hwe-18.04 - 5.4.0.1097.127 linux-raspi-hwe-18.04-edge - 5.4.0.1097.127 linux-raspi2 - 5.4.0.1097.127 linux-raspi2-hwe-18.04 - 5.4.0.1097.127 linux-raspi2-hwe-18.04-edge - 5.4.0.1097.127 linux-tools-raspi - 5.4.0.1097.127 linux-tools-raspi-hwe-18.04 - 5.4.0.1097.127 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1097.127 linux-tools-raspi2 - 5.4.0.1097.127 linux-tools-raspi2-hwe-18.04 - 5.4.0.1097.127 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1097.127 No subscription required linux-headers-kvm - 5.4.0.1102.97 linux-image-kvm - 5.4.0.1102.97 linux-kvm - 5.4.0.1102.97 linux-tools-kvm - 5.4.0.1102.97 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1112.105 linux-image-oracle-lts-20.04 - 5.4.0.1112.105 linux-oracle-lts-20.04 - 5.4.0.1112.105 linux-tools-oracle-lts-20.04 - 5.4.0.1112.105 No subscription required linux-aws-lts-20.04 - 5.4.0.1113.110 linux-headers-aws-lts-20.04 - 5.4.0.1113.110 linux-image-aws-lts-20.04 - 5.4.0.1113.110 linux-modules-extra-aws-lts-20.04 - 5.4.0.1113.110 linux-tools-aws-lts-20.04 - 5.4.0.1113.110 No subscription required linux-gcp-lts-20.04 - 5.4.0.1117.119 linux-headers-gcp-lts-20.04 - 5.4.0.1117.119 linux-image-gcp-lts-20.04 - 5.4.0.1117.119 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1117.119 linux-tools-gcp-lts-20.04 - 5.4.0.1117.119 No subscription required linux-azure-lts-20.04 - 5.4.0.1119.112 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1119.112 linux-headers-azure-lts-20.04 - 5.4.0.1119.112 linux-image-azure-lts-20.04 - 5.4.0.1119.112 linux-modules-extra-azure-lts-20.04 - 5.4.0.1119.112 linux-tools-azure-lts-20.04 - 5.4.0.1119.112 No subscription required linux-cloud-tools-generic - 5.4.0.166.163 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.166.163 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.166.163 linux-cloud-tools-lowlatency - 5.4.0.166.163 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.166.163 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.166.163 linux-cloud-tools-virtual - 5.4.0.166.163 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.166.163 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.166.163 linux-crashdump - 5.4.0.166.163 linux-generic - 5.4.0.166.163 linux-generic-hwe-18.04 - 5.4.0.166.163 linux-generic-hwe-18.04-edge - 5.4.0.166.163 linux-generic-lpae - 5.4.0.166.163 linux-generic-lpae-hwe-18.04 - 5.4.0.166.163 linux-generic-lpae-hwe-18.04-edge - 5.4.0.166.163 linux-headers-generic - 5.4.0.166.163 linux-headers-generic-hwe-18.04 - 5.4.0.166.163 linux-headers-generic-hwe-18.04-edge - 5.4.0.166.163 linux-headers-generic-lpae - 5.4.0.166.163 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.166.163 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.166.163 linux-headers-lowlatency - 5.4.0.166.163 linux-headers-lowlatency-hwe-18.04 - 5.4.0.166.163 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.166.163 linux-headers-oem - 5.4.0.166.163 linux-headers-oem-osp1 - 5.4.0.166.163 linux-headers-virtual - 5.4.0.166.163 linux-headers-virtual-hwe-18.04 - 5.4.0.166.163 linux-headers-virtual-hwe-18.04-edge - 5.4.0.166.163 linux-image-extra-virtual - 5.4.0.166.163 linux-image-extra-virtual-hwe-18.04 - 5.4.0.166.163 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.166.163 linux-image-generic - 5.4.0.166.163 linux-image-generic-hwe-18.04 - 5.4.0.166.163 linux-image-generic-hwe-18.04-edge - 5.4.0.166.163 linux-image-generic-lpae - 5.4.0.166.163 linux-image-generic-lpae-hwe-18.04 - 5.4.0.166.163 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.166.163 linux-image-lowlatency - 5.4.0.166.163 linux-image-lowlatency-hwe-18.04 - 5.4.0.166.163 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.166.163 linux-image-oem - 5.4.0.166.163 linux-image-oem-osp1 - 5.4.0.166.163 linux-image-virtual - 5.4.0.166.163 linux-image-virtual-hwe-18.04 - 5.4.0.166.163 linux-image-virtual-hwe-18.04-edge - 5.4.0.166.163 linux-lowlatency - 5.4.0.166.163 linux-lowlatency-hwe-18.04 - 5.4.0.166.163 linux-lowlatency-hwe-18.04-edge - 5.4.0.166.163 linux-oem - 5.4.0.166.163 linux-oem-osp1 - 5.4.0.166.163 linux-oem-osp1-tools-host - 5.4.0.166.163 linux-oem-tools-host - 5.4.0.166.163 linux-source - 5.4.0.166.163 linux-tools-generic - 5.4.0.166.163 linux-tools-generic-hwe-18.04 - 5.4.0.166.163 linux-tools-generic-hwe-18.04-edge - 5.4.0.166.163 linux-tools-generic-lpae - 5.4.0.166.163 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.166.163 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.166.163 linux-tools-lowlatency - 5.4.0.166.163 linux-tools-lowlatency-hwe-18.04 - 5.4.0.166.163 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.166.163 linux-tools-oem - 5.4.0.166.163 linux-tools-oem-osp1 - 5.4.0.166.163 linux-tools-virtual - 5.4.0.166.163 linux-tools-virtual-hwe-18.04 - 5.4.0.166.163 linux-tools-virtual-hwe-18.04-edge - 5.4.0.166.163 linux-virtual - 5.4.0.166.163 linux-virtual-hwe-18.04 - 5.4.0.166.163 linux-virtual-hwe-18.04-edge - 5.4.0.166.163 No subscription required Medium CVE-2023-0597 CVE-2023-31083 CVE-2023-3772 CVE-2023-4132 Ubuntu 20.04 LTS Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597) Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-31083) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-3772) It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel did not properly handle device initialization failures in certain situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2023-4132) Update Instructions: Run `sudo pro fix USN-6462-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1025-iot - 5.4.0-1025.26 linux-headers-5.4.0-1025-iot - 5.4.0-1025.26 linux-image-5.4.0-1025-iot - 5.4.0-1025.26 linux-image-unsigned-5.4.0-1025-iot - 5.4.0-1025.26 linux-iot-headers-5.4.0-1025 - 5.4.0-1025.26 linux-iot-tools-5.4.0-1025 - 5.4.0-1025.26 linux-iot-tools-common - 5.4.0-1025.26 linux-modules-5.4.0-1025-iot - 5.4.0-1025.26 linux-tools-5.4.0-1025-iot - 5.4.0-1025.26 No subscription required linux-headers-iot - 5.4.0.1025.23 linux-image-iot - 5.4.0.1025.23 linux-iot - 5.4.0.1025.23 linux-tools-iot - 5.4.0.1025.23 No subscription required Medium CVE-2023-0597 CVE-2023-31083 CVE-2023-3772 CVE-2023-4132 Ubuntu 20.04 LTS It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker Guest Operations privileges could possibly use this issue to escalate privileges. (CVE-2023-34058) Matthias Gerstner discovered that Open VM Tools incorrectly handled file descriptors when dropping privileges. A local attacker could possibly use this issue to hijack /dev/uinput and simulate user inputs. (CVE-2023-34059) Update Instructions: Run `sudo pro fix USN-6463-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: open-vm-tools - 2:11.3.0-2ubuntu0~ubuntu20.04.7 open-vm-tools-desktop - 2:11.3.0-2ubuntu0~ubuntu20.04.7 open-vm-tools-dev - 2:11.3.0-2ubuntu0~ubuntu20.04.7 open-vm-tools-sdmp - 2:11.3.0-2ubuntu0~ubuntu20.04.7 No subscription required Medium CVE-2023-34058 CVE-2023-34059 Ubuntu 20.04 LTS Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-31083) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-3772) Update Instructions: Run `sudo pro fix USN-6465-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-cloud-tools-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1032 - 5.15.0-1032.38~20.04.1 linux-gkeop-5.15-headers-5.15.0-1032 - 5.15.0-1032.38~20.04.1 linux-gkeop-5.15-tools-5.15.0-1032 - 5.15.0-1032.38~20.04.1 linux-headers-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-image-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-image-unsigned-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-modules-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-modules-extra-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-tools-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 No subscription required linux-buildinfo-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 linux-headers-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 linux-ibm-5.15-headers-5.15.0-1042 - 5.15.0-1042.45~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1042.45~20.04.1 linux-ibm-5.15-tools-5.15.0-1042 - 5.15.0-1042.45~20.04.1 linux-image-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 linux-image-unsigned-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 linux-modules-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 linux-modules-extra-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 linux-tools-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 No subscription required linux-buildinfo-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-gcp-5.15-headers-5.15.0-1046 - 5.15.0-1046.54~20.04.1 linux-gcp-5.15-tools-5.15.0-1046 - 5.15.0-1046.54~20.04.1 linux-headers-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-image-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-image-unsigned-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-modules-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-modules-extra-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-modules-iwlwifi-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-tools-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 No subscription required linux-buildinfo-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 linux-headers-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 linux-image-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 linux-image-unsigned-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 linux-modules-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 linux-modules-extra-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 linux-oracle-5.15-headers-5.15.0-1047 - 5.15.0-1047.53~20.04.1 linux-oracle-5.15-tools-5.15.0-1047 - 5.15.0-1047.53~20.04.1 linux-tools-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1049 - 5.15.0-1049.54~20.04.1 linux-aws-5.15-headers-5.15.0-1049 - 5.15.0-1049.54~20.04.1 linux-aws-5.15-tools-5.15.0-1049 - 5.15.0-1049.54~20.04.1 linux-buildinfo-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-cloud-tools-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-headers-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-image-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-image-unsigned-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-modules-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-modules-extra-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-tools-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1051 - 5.15.0-1051.59~20.04.1 linux-azure-5.15-headers-5.15.0-1051 - 5.15.0-1051.59~20.04.1 linux-azure-5.15-tools-5.15.0-1051 - 5.15.0-1051.59~20.04.1 linux-buildinfo-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-cloud-tools-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-headers-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-image-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-image-unsigned-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-modules-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-modules-extra-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-tools-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 No subscription required linux-image-5.15.0-1051-azure-fde - 5.15.0-1051.59~20.04.1.1 linux-image-unsigned-5.15.0-1051-azure-fde - 5.15.0-1051.59~20.04.1.1 No subscription required linux-buildinfo-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-buildinfo-5.15.0-88-generic-64k - 5.15.0-88.98~20.04.1 linux-buildinfo-5.15.0-88-generic-lpae - 5.15.0-88.98~20.04.1 linux-buildinfo-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-buildinfo-5.15.0-88-lowlatency-64k - 5.15.0-88.98~20.04.1 linux-cloud-tools-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-cloud-tools-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-headers-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-headers-5.15.0-88-generic-64k - 5.15.0-88.98~20.04.1 linux-headers-5.15.0-88-generic-lpae - 5.15.0-88.98~20.04.1 linux-headers-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-headers-5.15.0-88-lowlatency-64k - 5.15.0-88.98~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-88 - 5.15.0-88.98~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-88.98~20.04.1 linux-hwe-5.15-headers-5.15.0-88 - 5.15.0-88.98~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-88.98~20.04.1 linux-hwe-5.15-tools-5.15.0-88 - 5.15.0-88.98~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-88.98~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-88.98~20.04.1 linux-image-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-image-5.15.0-88-generic-64k - 5.15.0-88.98~20.04.1 linux-image-5.15.0-88-generic-lpae - 5.15.0-88.98~20.04.1 linux-image-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-image-5.15.0-88-lowlatency-64k - 5.15.0-88.98~20.04.1 linux-image-unsigned-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-image-unsigned-5.15.0-88-generic-64k - 5.15.0-88.98~20.04.1 linux-image-unsigned-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-image-unsigned-5.15.0-88-lowlatency-64k - 5.15.0-88.98~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-88 - 5.15.0-88.98~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-88.98~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-88 - 5.15.0-88.98~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-88 - 5.15.0-88.98~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-88.98~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-88.98~20.04.1 linux-modules-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-modules-5.15.0-88-generic-64k - 5.15.0-88.98~20.04.1 linux-modules-5.15.0-88-generic-lpae - 5.15.0-88.98~20.04.1 linux-modules-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-modules-5.15.0-88-lowlatency-64k - 5.15.0-88.98~20.04.1 linux-modules-extra-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-modules-iwlwifi-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-modules-iwlwifi-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-tools-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-tools-5.15.0-88-generic-64k - 5.15.0-88.98~20.04.1 linux-tools-5.15.0-88-generic-lpae - 5.15.0-88.98~20.04.1 linux-tools-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-tools-5.15.0-88-lowlatency-64k - 5.15.0-88.98~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1032.38~20.04.28 linux-cloud-tools-gkeop-edge - 5.15.0.1032.38~20.04.28 linux-gkeop-5.15 - 5.15.0.1032.38~20.04.28 linux-gkeop-edge - 5.15.0.1032.38~20.04.28 linux-headers-gkeop-5.15 - 5.15.0.1032.38~20.04.28 linux-headers-gkeop-edge - 5.15.0.1032.38~20.04.28 linux-image-gkeop-5.15 - 5.15.0.1032.38~20.04.28 linux-image-gkeop-edge - 5.15.0.1032.38~20.04.28 linux-modules-extra-gkeop-5.15 - 5.15.0.1032.38~20.04.28 linux-modules-extra-gkeop-edge - 5.15.0.1032.38~20.04.28 linux-tools-gkeop-5.15 - 5.15.0.1032.38~20.04.28 linux-tools-gkeop-edge - 5.15.0.1032.38~20.04.28 No subscription required linux-headers-ibm - 5.15.0.1042.45~20.04.14 linux-headers-ibm-edge - 5.15.0.1042.45~20.04.14 linux-ibm - 5.15.0.1042.45~20.04.14 linux-ibm-edge - 5.15.0.1042.45~20.04.14 linux-image-ibm - 5.15.0.1042.45~20.04.14 linux-image-ibm-edge - 5.15.0.1042.45~20.04.14 linux-tools-ibm - 5.15.0.1042.45~20.04.14 linux-tools-ibm-edge - 5.15.0.1042.45~20.04.14 No subscription required linux-gcp - 5.15.0.1046.54~20.04.1 linux-gcp-edge - 5.15.0.1046.54~20.04.1 linux-headers-gcp - 5.15.0.1046.54~20.04.1 linux-headers-gcp-edge - 5.15.0.1046.54~20.04.1 linux-image-gcp - 5.15.0.1046.54~20.04.1 linux-image-gcp-edge - 5.15.0.1046.54~20.04.1 linux-modules-extra-gcp - 5.15.0.1046.54~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1046.54~20.04.1 linux-tools-gcp - 5.15.0.1046.54~20.04.1 linux-tools-gcp-edge - 5.15.0.1046.54~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1047.53~20.04.1 linux-headers-oracle-edge - 5.15.0.1047.53~20.04.1 linux-image-oracle - 5.15.0.1047.53~20.04.1 linux-image-oracle-edge - 5.15.0.1047.53~20.04.1 linux-oracle - 5.15.0.1047.53~20.04.1 linux-oracle-edge - 5.15.0.1047.53~20.04.1 linux-tools-oracle - 5.15.0.1047.53~20.04.1 linux-tools-oracle-edge - 5.15.0.1047.53~20.04.1 No subscription required linux-aws - 5.15.0.1049.54~20.04.37 linux-aws-edge - 5.15.0.1049.54~20.04.37 linux-headers-aws - 5.15.0.1049.54~20.04.37 linux-headers-aws-edge - 5.15.0.1049.54~20.04.37 linux-image-aws - 5.15.0.1049.54~20.04.37 linux-image-aws-edge - 5.15.0.1049.54~20.04.37 linux-modules-extra-aws - 5.15.0.1049.54~20.04.37 linux-modules-extra-aws-edge - 5.15.0.1049.54~20.04.37 linux-tools-aws - 5.15.0.1049.54~20.04.37 linux-tools-aws-edge - 5.15.0.1049.54~20.04.37 No subscription required linux-azure-fde - 5.15.0.1051.59~20.04.1.29 linux-azure-fde-edge - 5.15.0.1051.59~20.04.1.29 linux-cloud-tools-azure-fde - 5.15.0.1051.59~20.04.1.29 linux-cloud-tools-azure-fde-edge - 5.15.0.1051.59~20.04.1.29 linux-headers-azure-fde - 5.15.0.1051.59~20.04.1.29 linux-headers-azure-fde-edge - 5.15.0.1051.59~20.04.1.29 linux-image-azure-fde - 5.15.0.1051.59~20.04.1.29 linux-image-azure-fde-edge - 5.15.0.1051.59~20.04.1.29 linux-modules-extra-azure-fde - 5.15.0.1051.59~20.04.1.29 linux-modules-extra-azure-fde-edge - 5.15.0.1051.59~20.04.1.29 linux-tools-azure-fde - 5.15.0.1051.59~20.04.1.29 linux-tools-azure-fde-edge - 5.15.0.1051.59~20.04.1.29 No subscription required linux-azure - 5.15.0.1051.59~20.04.40 linux-azure-cvm - 5.15.0.1051.59~20.04.40 linux-azure-edge - 5.15.0.1051.59~20.04.40 linux-cloud-tools-azure - 5.15.0.1051.59~20.04.40 linux-cloud-tools-azure-cvm - 5.15.0.1051.59~20.04.40 linux-cloud-tools-azure-edge - 5.15.0.1051.59~20.04.40 linux-headers-azure - 5.15.0.1051.59~20.04.40 linux-headers-azure-cvm - 5.15.0.1051.59~20.04.40 linux-headers-azure-edge - 5.15.0.1051.59~20.04.40 linux-image-azure - 5.15.0.1051.59~20.04.40 linux-image-azure-cvm - 5.15.0.1051.59~20.04.40 linux-image-azure-edge - 5.15.0.1051.59~20.04.40 linux-modules-extra-azure - 5.15.0.1051.59~20.04.40 linux-modules-extra-azure-cvm - 5.15.0.1051.59~20.04.40 linux-modules-extra-azure-edge - 5.15.0.1051.59~20.04.40 linux-tools-azure - 5.15.0.1051.59~20.04.40 linux-tools-azure-cvm - 5.15.0.1051.59~20.04.40 linux-tools-azure-edge - 5.15.0.1051.59~20.04.40 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-headers-lowlatency-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-image-lowlatency-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-lowlatency-64k-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-lowlatency-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-lowlatency-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-tools-lowlatency-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.88.98~20.04.43 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-generic-64k-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-generic-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-generic-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-generic-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-generic-lpae-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-generic-lpae-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-headers-generic-64k-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-headers-generic-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-headers-generic-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-headers-oem-20.04 - 5.15.0.88.98~20.04.46 linux-headers-oem-20.04b - 5.15.0.88.98~20.04.46 linux-headers-oem-20.04c - 5.15.0.88.98~20.04.46 linux-headers-oem-20.04d - 5.15.0.88.98~20.04.46 linux-headers-virtual-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-headers-virtual-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-image-extra-virtual-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-image-generic-64k-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-image-generic-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-image-generic-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-image-generic-lpae-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-image-oem-20.04 - 5.15.0.88.98~20.04.46 linux-image-oem-20.04b - 5.15.0.88.98~20.04.46 linux-image-oem-20.04c - 5.15.0.88.98~20.04.46 linux-image-oem-20.04d - 5.15.0.88.98~20.04.46 linux-image-virtual-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-image-virtual-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-modules-iwlwifi-oem-20.04 - 5.15.0.88.98~20.04.46 linux-modules-iwlwifi-oem-20.04d - 5.15.0.88.98~20.04.46 linux-oem-20.04 - 5.15.0.88.98~20.04.46 linux-oem-20.04b - 5.15.0.88.98~20.04.46 linux-oem-20.04c - 5.15.0.88.98~20.04.46 linux-oem-20.04d - 5.15.0.88.98~20.04.46 linux-tools-generic-64k-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-tools-generic-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-tools-generic-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-tools-oem-20.04 - 5.15.0.88.98~20.04.46 linux-tools-oem-20.04b - 5.15.0.88.98~20.04.46 linux-tools-oem-20.04c - 5.15.0.88.98~20.04.46 linux-tools-oem-20.04d - 5.15.0.88.98~20.04.46 linux-tools-virtual-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-tools-virtual-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-virtual-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-virtual-hwe-20.04-edge - 5.15.0.88.98~20.04.46 No subscription required Medium CVE-2023-31083 CVE-2023-3772 Ubuntu 20.04 LTS USN-6467-1 fixed a vulnerability in Kerberos. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. Original advisory details: Robert Morris discovered that Kerberos did not properly handle memory access when processing RPC data through kadmind, which could lead to the freeing of uninitialized memory. An authenticated remote attacker could possibly use this issue to cause kadmind to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6467-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: krb5-admin-server - 1.17-6ubuntu4.4 krb5-doc - 1.17-6ubuntu4.4 krb5-gss-samples - 1.17-6ubuntu4.4 krb5-k5tls - 1.17-6ubuntu4.4 krb5-kdc - 1.17-6ubuntu4.4 krb5-kdc-ldap - 1.17-6ubuntu4.4 krb5-kpropd - 1.17-6ubuntu4.4 krb5-locales - 1.17-6ubuntu4.4 krb5-multidev - 1.17-6ubuntu4.4 krb5-otp - 1.17-6ubuntu4.4 krb5-pkinit - 1.17-6ubuntu4.4 krb5-user - 1.17-6ubuntu4.4 libgssapi-krb5-2 - 1.17-6ubuntu4.4 libgssrpc4 - 1.17-6ubuntu4.4 libk5crypto3 - 1.17-6ubuntu4.4 libkadm5clnt-mit11 - 1.17-6ubuntu4.4 libkadm5srv-mit11 - 1.17-6ubuntu4.4 libkdb5-9 - 1.17-6ubuntu4.4 libkrad-dev - 1.17-6ubuntu4.4 libkrad0 - 1.17-6ubuntu4.4 libkrb5-3 - 1.17-6ubuntu4.4 libkrb5-dev - 1.17-6ubuntu4.4 libkrb5support0 - 1.17-6ubuntu4.4 No subscription required Medium CVE-2023-36054 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-5724, CVE-2023-5728, CVE-2023-5730, CVE-2023-5732) Kelsey Gilbert discovered that Thunderbird did not properly manage certain browser prompts and dialogs due to an insufficient activation-delay. An attacker could potentially exploit this issue to perform clickjacking. (CVE-2023-5721) Shaheen Fazim discovered that Thunderbird did not properly validate the URLs open by installed WebExtension. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-5725) Update Instructions: Run `sudo pro fix USN-6468-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.4.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.4.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.4.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.4.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-5721 CVE-2023-5732 CVE-2023-5724 CVE-2023-5725 CVE-2023-5728 CVE-2023-5730 Ubuntu 20.04 LTS Ashley Newson discovered that xrdp incorrectly handled memory when processing certain incoming connections. An attacker could possibly use this issue to cause a denial of service or arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6469-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xrdp - 0.9.12-1ubuntu0.1 No subscription required Medium CVE-2020-4044 Ubuntu 20.04 LTS It was discovered that Axis incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-40743) Update Instructions: Run `sudo pro fix USN-6470-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libaxis-java - 1.4-28+deb10u1build0.20.04.1 libaxis-java-doc - 1.4-28+deb10u1build0.20.04.1 No subscription required Medium CVE-2023-40743 Ubuntu 20.04 LTS It was discovered that libsndfile contained multiple arithmetic overflows. If a user or automated system were tricked into processing a specially crafted audio file, an attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6471-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsndfile1 - 1.0.28-7ubuntu0.2 libsndfile1-dev - 1.0.28-7ubuntu0.2 sndfile-programs - 1.0.28-7ubuntu0.2 No subscription required Medium CVE-2022-33065 Ubuntu 20.04 LTS It was discovered that GNU Scientific Library incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6472-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gsl-bin - 2.5+dfsg-6+deb10u1build0.20.04.1 libgsl-dev - 2.5+dfsg-6+deb10u1build0.20.04.1 libgsl23 - 2.5+dfsg-6+deb10u1build0.20.04.1 libgslcblas0 - 2.5+dfsg-6+deb10u1build0.20.04.1 No subscription required Medium CVE-2020-35357 Ubuntu 20.04 LTS It was discovered that urllib3 didn't strip HTTP Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-25091) It was discovered that urllib3 didn't strip HTTP Cookie header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-43804) It was discovered that urllib3 didn't strip HTTP body on status code 303 redirects under certain circumstances. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-45803) Update Instructions: Run `sudo pro fix USN-6473-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-urllib3 - 1.25.8-2ubuntu0.3 No subscription required Medium CVE-2018-25091 CVE-2023-43804 CVE-2023-45803 Ubuntu 20.04 LTS USN-6473-1 fixed vulnerabilities in urllib3. This update provides the corresponding updates for the urllib3 module bundled into pip. Original advisory details: It was discovered that urllib3 didn't strip HTTP Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-25091) It was discovered that urllib3 didn't strip HTTP Cookie header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-43804) It was discovered that urllib3 didn't strip HTTP body on status code 303 redirects under certain circumstances. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-45803) Update Instructions: Run `sudo pro fix USN-6473-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pip-whl - 20.0.2-5ubuntu1.10 python3-pip - 20.0.2-5ubuntu1.10 No subscription required Medium CVE-2018-25091 CVE-2023-43804 CVE-2023-45803 Ubuntu 20.04 LTS It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. An attacker could possibly use this issue to crash the program or extract sensitive information. (CVE-2022-23479, CVE-2022-23481, CVE-2022-23483, CVE-2023-42822) It was discovered that xrdp improperly handled session establishment errors. An attacker could potentially use this issue to bypass the OS-level session restrictions by PAM. (CVE-2023-40184) It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds writes. An attacker could possibly use this issue to cause memory corruption or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23468) It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. An attacker could possibly use this issue to crash the program or extract sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23480, CVE-2022-23482, CVE-2022-23484) It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. An attacker could possibly use this issue to crash the program or extract sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23477, CVE-2022-23493) It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds writes. An attacker could possibly use this issue to cause memory corruption or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23478) It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. An attacker could possibly use this issue to crash the program or extract sensitive information. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-23613) Update Instructions: Run `sudo pro fix USN-6474-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xrdp - 0.9.12-1ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-23468 CVE-2022-23477 CVE-2022-23478 CVE-2022-23479 CVE-2022-23480 CVE-2022-23481 CVE-2022-23482 CVE-2022-23483 CVE-2022-23484 CVE-2022-23493 CVE-2022-23613 CVE-2023-40184 CVE-2023-42822 Ubuntu 20.04 LTS It was discovered that the procps-ng ps tool incorrectly handled memory. An attacker could possibly use this issue to cause procps-ng to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6477-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libprocps-dev - 2:3.3.16-1ubuntu2.4 libprocps8 - 2:3.3.16-1ubuntu2.4 procps - 2:3.3.16-1ubuntu2.4 No subscription required Low CVE-2023-4016 Ubuntu 20.04 LTS It was discovered that Traceroute did not properly parse command line arguments. An attacker could possibly use this issue to execute arbitrary commands. Update Instructions: Run `sudo pro fix USN-6478-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: traceroute - 1:2.1.0-2ubuntu0.20.04.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-46316 Ubuntu 20.04 LTS It was discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6482-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: quagga - 1.2.4-4ubuntu0.4 quagga-bgpd - 1.2.4-4ubuntu0.4 quagga-core - 1.2.4-4ubuntu0.4 quagga-doc - 1.2.4-4ubuntu0.4 quagga-isisd - 1.2.4-4ubuntu0.4 quagga-ospf6d - 1.2.4-4ubuntu0.4 quagga-ospfd - 1.2.4-4ubuntu0.4 quagga-pimd - 1.2.4-4ubuntu0.4 quagga-ripd - 1.2.4-4ubuntu0.4 quagga-ripngd - 1.2.4-4ubuntu0.4 No subscription required Medium CVE-2022-37032 CVE-2023-46753 Ubuntu 20.04 LTS Neeraj Pal discovered that HTML Tidy incorrectly handled parsing certain HTML data. If a user or automated system were tricked into parsing specially crafted HTML data, a remote attacker could cause HTML Tidy to consume resources, leading to a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6483-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtidy-dev - 2:5.6.0-11ubuntu0.20.04.1 libtidy5deb1 - 2:5.6.0-11ubuntu0.20.04.1 tidy - 2:5.6.0-11ubuntu0.20.04.1 No subscription required Medium CVE-2021-33391 Ubuntu 20.04 LTS Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, Tavis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some Intel(R) Processors did not properly handle certain sequences of processor instructions. A local attacker could possibly use this to cause a core hang (resulting in a denial of service), gain access to sensitive information or possibly escalate their privileges. Update Instructions: Run `sudo pro fix USN-6485-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20231114.0ubuntu0.20.04.1 No subscription required High CVE-2023-23583 Ubuntu 20.04 LTS Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-38469, CVE-2023-38470, CVE-2023-38471, CVE-2023-38472, CVE-2023-38473) Update Instructions: Run `sudo pro fix USN-6487-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: avahi-autoipd - 0.7-4ubuntu7.3 avahi-daemon - 0.7-4ubuntu7.3 avahi-discover - 0.7-4ubuntu7.3 avahi-dnsconfd - 0.7-4ubuntu7.3 avahi-ui-utils - 0.7-4ubuntu7.3 avahi-utils - 0.7-4ubuntu7.3 gir1.2-avahi-0.6 - 0.7-4ubuntu7.3 libavahi-client-dev - 0.7-4ubuntu7.3 libavahi-client3 - 0.7-4ubuntu7.3 libavahi-common-data - 0.7-4ubuntu7.3 libavahi-common-dev - 0.7-4ubuntu7.3 libavahi-common3 - 0.7-4ubuntu7.3 libavahi-compat-libdnssd-dev - 0.7-4ubuntu7.3 libavahi-compat-libdnssd1 - 0.7-4ubuntu7.3 libavahi-core-dev - 0.7-4ubuntu7.3 libavahi-core7 - 0.7-4ubuntu7.3 libavahi-glib-dev - 0.7-4ubuntu7.3 libavahi-glib1 - 0.7-4ubuntu7.3 libavahi-gobject-dev - 0.7-4ubuntu7.3 libavahi-gobject0 - 0.7-4ubuntu7.3 libavahi-ui-gtk3-0 - 0.7-4ubuntu7.3 libavahi-ui-gtk3-dev - 0.7-4ubuntu7.3 python-avahi - 0.7-4ubuntu7.3 No subscription required Medium CVE-2023-38469 CVE-2023-38470 CVE-2023-38471 CVE-2023-38472 CVE-2023-38473 Ubuntu 20.04 LTS Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6488-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: charon-cmd - 5.8.2-1ubuntu3.6 charon-systemd - 5.8.2-1ubuntu3.6 libcharon-extauth-plugins - 5.8.2-1ubuntu3.6 libcharon-extra-plugins - 5.8.2-1ubuntu3.6 libcharon-standard-plugins - 5.8.2-1ubuntu3.6 libstrongswan - 5.8.2-1ubuntu3.6 libstrongswan-extra-plugins - 5.8.2-1ubuntu3.6 libstrongswan-standard-plugins - 5.8.2-1ubuntu3.6 strongswan - 5.8.2-1ubuntu3.6 strongswan-charon - 5.8.2-1ubuntu3.6 strongswan-libcharon - 5.8.2-1ubuntu3.6 strongswan-nm - 5.8.2-1ubuntu3.6 strongswan-pki - 5.8.2-1ubuntu3.6 strongswan-scepclient - 5.8.2-1ubuntu3.6 strongswan-starter - 5.8.2-1ubuntu3.6 strongswan-swanctl - 5.8.2-1ubuntu3.6 strongswan-tnc-base - 5.8.2-1ubuntu3.6 strongswan-tnc-client - 5.8.2-1ubuntu3.6 strongswan-tnc-ifmap - 5.8.2-1ubuntu3.6 strongswan-tnc-pdp - 5.8.2-1ubuntu3.6 strongswan-tnc-server - 5.8.2-1ubuntu3.6 No subscription required Medium CVE-2023-41913 Ubuntu 20.04 LTS Brian McDermott discovered that Tang incorrectly handled permissions when creating/rotating keys. A local attacker could possibly use this issue to read the keys. Update Instructions: Run `sudo pro fix USN-6489-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tang - 7-1ubuntu0.2 No subscription required Medium CVE-2023-1672 Ubuntu 20.04 LTS Axel Chong discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2022-32212) Zeyu Zhang discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-32213, CVE-2022-32214, CVE-2022-32215) It was discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-35256) It was discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-43548) Update Instructions: Run `sudo pro fix USN-6491-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnode-dev - 10.19.0~dfsg-3ubuntu1.3 libnode64 - 10.19.0~dfsg-3ubuntu1.3 nodejs - 10.19.0~dfsg-3ubuntu1.3 nodejs-doc - 10.19.0~dfsg-3ubuntu1.3 No subscription required Medium CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 CVE-2022-35256 CVE-2022-43548 Ubuntu 20.04 LTS Kathrin Kleinhammer discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-34431) Zhanxiang Song discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause an authorisation bypass. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2021-34434) Zhanxiang Song, Bin Yuan, DeQing Zou, and Hai Jin discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2021-41039) Zhengjie Du discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-0809) It was discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-3592) Mischa Bachmann discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue was only fixed in Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-28366) Update Instructions: Run `sudo pro fix USN-6492-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmosquitto-dev - 1.6.9-1ubuntu0.1~esm1 libmosquitto1 - 1.6.9-1ubuntu0.1~esm1 libmosquittopp-dev - 1.6.9-1ubuntu0.1~esm1 libmosquittopp1 - 1.6.9-1ubuntu0.1~esm1 mosquitto - 1.6.9-1ubuntu0.1~esm1 mosquitto-clients - 1.6.9-1ubuntu0.1~esm1 mosquitto-dev - 1.6.9-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-34431 CVE-2021-34434 CVE-2021-41039 CVE-2023-0809 CVE-2023-28366 CVE-2023-3592 Ubuntu 20.04 LTS On Ubuntu 20.04 LTS and Ubuntu 22.04 LTS, the hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended. In addition, on all releases, hibagent has been updated to do nothing if ODH is configured. Update Instructions: Run `sudo pro fix USN-6493-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: hibagent - 1.0.1-0ubuntu1.20.04.2 No subscription required None https://launchpad.net/bugs/2043739 Ubuntu 20.04 LTS Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb) Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-45871) Update Instructions: Run `sudo pro fix USN-6495-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1026-iot - 5.4.0-1026.27 linux-headers-5.4.0-1026-iot - 5.4.0-1026.27 linux-image-5.4.0-1026-iot - 5.4.0-1026.27 linux-image-unsigned-5.4.0-1026-iot - 5.4.0-1026.27 linux-iot-headers-5.4.0-1026 - 5.4.0-1026.27 linux-iot-tools-5.4.0-1026 - 5.4.0-1026.27 linux-iot-tools-common - 5.4.0-1026.27 linux-modules-5.4.0-1026-iot - 5.4.0-1026.27 linux-tools-5.4.0-1026-iot - 5.4.0-1026.27 No subscription required linux-buildinfo-5.4.0-1034-xilinx-zynqmp - 5.4.0-1034.38 linux-headers-5.4.0-1034-xilinx-zynqmp - 5.4.0-1034.38 linux-image-5.4.0-1034-xilinx-zynqmp - 5.4.0-1034.38 linux-modules-5.4.0-1034-xilinx-zynqmp - 5.4.0-1034.38 linux-tools-5.4.0-1034-xilinx-zynqmp - 5.4.0-1034.38 linux-xilinx-zynqmp-headers-5.4.0-1034 - 5.4.0-1034.38 linux-xilinx-zynqmp-tools-5.4.0-1034 - 5.4.0-1034.38 No subscription required linux-buildinfo-5.4.0-1061-ibm - 5.4.0-1061.66 linux-headers-5.4.0-1061-ibm - 5.4.0-1061.66 linux-ibm-cloud-tools-common - 5.4.0-1061.66 linux-ibm-headers-5.4.0-1061 - 5.4.0-1061.66 linux-ibm-source-5.4.0 - 5.4.0-1061.66 linux-ibm-tools-5.4.0-1061 - 5.4.0-1061.66 linux-ibm-tools-common - 5.4.0-1061.66 linux-image-5.4.0-1061-ibm - 5.4.0-1061.66 linux-image-unsigned-5.4.0-1061-ibm - 5.4.0-1061.66 linux-modules-5.4.0-1061-ibm - 5.4.0-1061.66 linux-modules-extra-5.4.0-1061-ibm - 5.4.0-1061.66 linux-tools-5.4.0-1061-ibm - 5.4.0-1061.66 No subscription required linux-bluefield-headers-5.4.0-1075 - 5.4.0-1075.81 linux-bluefield-tools-5.4.0-1075 - 5.4.0-1075.81 linux-buildinfo-5.4.0-1075-bluefield - 5.4.0-1075.81 linux-headers-5.4.0-1075-bluefield - 5.4.0-1075.81 linux-image-5.4.0-1075-bluefield - 5.4.0-1075.81 linux-image-unsigned-5.4.0-1075-bluefield - 5.4.0-1075.81 linux-modules-5.4.0-1075-bluefield - 5.4.0-1075.81 linux-tools-5.4.0-1075-bluefield - 5.4.0-1075.81 No subscription required linux-buildinfo-5.4.0-1098-raspi - 5.4.0-1098.110 linux-headers-5.4.0-1098-raspi - 5.4.0-1098.110 linux-image-5.4.0-1098-raspi - 5.4.0-1098.110 linux-modules-5.4.0-1098-raspi - 5.4.0-1098.110 linux-raspi-headers-5.4.0-1098 - 5.4.0-1098.110 linux-raspi-tools-5.4.0-1098 - 5.4.0-1098.110 linux-tools-5.4.0-1098-raspi - 5.4.0-1098.110 No subscription required linux-buildinfo-5.4.0-1103-kvm - 5.4.0-1103.110 linux-headers-5.4.0-1103-kvm - 5.4.0-1103.110 linux-image-5.4.0-1103-kvm - 5.4.0-1103.110 linux-image-unsigned-5.4.0-1103-kvm - 5.4.0-1103.110 linux-kvm-headers-5.4.0-1103 - 5.4.0-1103.110 linux-kvm-tools-5.4.0-1103 - 5.4.0-1103.110 linux-modules-5.4.0-1103-kvm - 5.4.0-1103.110 linux-tools-5.4.0-1103-kvm - 5.4.0-1103.110 No subscription required linux-buildinfo-5.4.0-1113-oracle - 5.4.0-1113.122 linux-headers-5.4.0-1113-oracle - 5.4.0-1113.122 linux-image-5.4.0-1113-oracle - 5.4.0-1113.122 linux-image-unsigned-5.4.0-1113-oracle - 5.4.0-1113.122 linux-modules-5.4.0-1113-oracle - 5.4.0-1113.122 linux-modules-extra-5.4.0-1113-oracle - 5.4.0-1113.122 linux-oracle-headers-5.4.0-1113 - 5.4.0-1113.122 linux-oracle-tools-5.4.0-1113 - 5.4.0-1113.122 linux-tools-5.4.0-1113-oracle - 5.4.0-1113.122 No subscription required linux-aws-cloud-tools-5.4.0-1114 - 5.4.0-1114.124 linux-aws-headers-5.4.0-1114 - 5.4.0-1114.124 linux-aws-tools-5.4.0-1114 - 5.4.0-1114.124 linux-buildinfo-5.4.0-1114-aws - 5.4.0-1114.124 linux-cloud-tools-5.4.0-1114-aws - 5.4.0-1114.124 linux-headers-5.4.0-1114-aws - 5.4.0-1114.124 linux-image-5.4.0-1114-aws - 5.4.0-1114.124 linux-image-unsigned-5.4.0-1114-aws - 5.4.0-1114.124 linux-modules-5.4.0-1114-aws - 5.4.0-1114.124 linux-modules-extra-5.4.0-1114-aws - 5.4.0-1114.124 linux-tools-5.4.0-1114-aws - 5.4.0-1114.124 No subscription required linux-buildinfo-5.4.0-167-generic - 5.4.0-167.184 linux-buildinfo-5.4.0-167-generic-lpae - 5.4.0-167.184 linux-buildinfo-5.4.0-167-lowlatency - 5.4.0-167.184 linux-cloud-tools-5.4.0-167 - 5.4.0-167.184 linux-cloud-tools-5.4.0-167-generic - 5.4.0-167.184 linux-cloud-tools-5.4.0-167-lowlatency - 5.4.0-167.184 linux-cloud-tools-common - 5.4.0-167.184 linux-doc - 5.4.0-167.184 linux-headers-5.4.0-167 - 5.4.0-167.184 linux-headers-5.4.0-167-generic - 5.4.0-167.184 linux-headers-5.4.0-167-generic-lpae - 5.4.0-167.184 linux-headers-5.4.0-167-lowlatency - 5.4.0-167.184 linux-image-5.4.0-167-generic - 5.4.0-167.184 linux-image-5.4.0-167-generic-lpae - 5.4.0-167.184 linux-image-5.4.0-167-lowlatency - 5.4.0-167.184 linux-image-unsigned-5.4.0-167-generic - 5.4.0-167.184 linux-image-unsigned-5.4.0-167-lowlatency - 5.4.0-167.184 linux-libc-dev - 5.4.0-167.184 linux-modules-5.4.0-167-generic - 5.4.0-167.184 linux-modules-5.4.0-167-generic-lpae - 5.4.0-167.184 linux-modules-5.4.0-167-lowlatency - 5.4.0-167.184 linux-modules-extra-5.4.0-167-generic - 5.4.0-167.184 linux-source-5.4.0 - 5.4.0-167.184 linux-tools-5.4.0-167 - 5.4.0-167.184 linux-tools-5.4.0-167-generic - 5.4.0-167.184 linux-tools-5.4.0-167-generic-lpae - 5.4.0-167.184 linux-tools-5.4.0-167-lowlatency - 5.4.0-167.184 linux-tools-common - 5.4.0-167.184 linux-tools-host - 5.4.0-167.184 No subscription required linux-headers-iot - 5.4.0.1026.24 linux-image-iot - 5.4.0.1026.24 linux-iot - 5.4.0.1026.24 linux-tools-iot - 5.4.0.1026.24 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1034.34 linux-image-xilinx-zynqmp - 5.4.0.1034.34 linux-tools-xilinx-zynqmp - 5.4.0.1034.34 linux-xilinx-zynqmp - 5.4.0.1034.34 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1061.90 linux-ibm-lts-20.04 - 5.4.0.1061.90 linux-image-ibm-lts-20.04 - 5.4.0.1061.90 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1061.90 linux-tools-ibm-lts-20.04 - 5.4.0.1061.90 No subscription required linux-bluefield - 5.4.0.1075.70 linux-headers-bluefield - 5.4.0.1075.70 linux-image-bluefield - 5.4.0.1075.70 linux-tools-bluefield - 5.4.0.1075.70 No subscription required linux-headers-raspi - 5.4.0.1098.128 linux-headers-raspi-hwe-18.04 - 5.4.0.1098.128 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1098.128 linux-headers-raspi2 - 5.4.0.1098.128 linux-headers-raspi2-hwe-18.04 - 5.4.0.1098.128 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1098.128 linux-image-raspi - 5.4.0.1098.128 linux-image-raspi-hwe-18.04 - 5.4.0.1098.128 linux-image-raspi-hwe-18.04-edge - 5.4.0.1098.128 linux-image-raspi2 - 5.4.0.1098.128 linux-image-raspi2-hwe-18.04 - 5.4.0.1098.128 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1098.128 linux-raspi - 5.4.0.1098.128 linux-raspi-hwe-18.04 - 5.4.0.1098.128 linux-raspi-hwe-18.04-edge - 5.4.0.1098.128 linux-raspi2 - 5.4.0.1098.128 linux-raspi2-hwe-18.04 - 5.4.0.1098.128 linux-raspi2-hwe-18.04-edge - 5.4.0.1098.128 linux-tools-raspi - 5.4.0.1098.128 linux-tools-raspi-hwe-18.04 - 5.4.0.1098.128 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1098.128 linux-tools-raspi2 - 5.4.0.1098.128 linux-tools-raspi2-hwe-18.04 - 5.4.0.1098.128 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1098.128 No subscription required linux-headers-kvm - 5.4.0.1103.99 linux-image-kvm - 5.4.0.1103.99 linux-kvm - 5.4.0.1103.99 linux-tools-kvm - 5.4.0.1103.99 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1113.106 linux-image-oracle-lts-20.04 - 5.4.0.1113.106 linux-oracle-lts-20.04 - 5.4.0.1113.106 linux-tools-oracle-lts-20.04 - 5.4.0.1113.106 No subscription required linux-aws-lts-20.04 - 5.4.0.1114.111 linux-headers-aws-lts-20.04 - 5.4.0.1114.111 linux-image-aws-lts-20.04 - 5.4.0.1114.111 linux-modules-extra-aws-lts-20.04 - 5.4.0.1114.111 linux-tools-aws-lts-20.04 - 5.4.0.1114.111 No subscription required linux-cloud-tools-generic - 5.4.0.167.164 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.167.164 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.167.164 linux-cloud-tools-lowlatency - 5.4.0.167.164 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.167.164 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.167.164 linux-cloud-tools-virtual - 5.4.0.167.164 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.167.164 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.167.164 linux-crashdump - 5.4.0.167.164 linux-generic - 5.4.0.167.164 linux-generic-hwe-18.04 - 5.4.0.167.164 linux-generic-hwe-18.04-edge - 5.4.0.167.164 linux-generic-lpae - 5.4.0.167.164 linux-generic-lpae-hwe-18.04 - 5.4.0.167.164 linux-generic-lpae-hwe-18.04-edge - 5.4.0.167.164 linux-headers-generic - 5.4.0.167.164 linux-headers-generic-hwe-18.04 - 5.4.0.167.164 linux-headers-generic-hwe-18.04-edge - 5.4.0.167.164 linux-headers-generic-lpae - 5.4.0.167.164 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.167.164 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.167.164 linux-headers-lowlatency - 5.4.0.167.164 linux-headers-lowlatency-hwe-18.04 - 5.4.0.167.164 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.167.164 linux-headers-oem - 5.4.0.167.164 linux-headers-oem-osp1 - 5.4.0.167.164 linux-headers-virtual - 5.4.0.167.164 linux-headers-virtual-hwe-18.04 - 5.4.0.167.164 linux-headers-virtual-hwe-18.04-edge - 5.4.0.167.164 linux-image-extra-virtual - 5.4.0.167.164 linux-image-extra-virtual-hwe-18.04 - 5.4.0.167.164 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.167.164 linux-image-generic - 5.4.0.167.164 linux-image-generic-hwe-18.04 - 5.4.0.167.164 linux-image-generic-hwe-18.04-edge - 5.4.0.167.164 linux-image-generic-lpae - 5.4.0.167.164 linux-image-generic-lpae-hwe-18.04 - 5.4.0.167.164 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.167.164 linux-image-lowlatency - 5.4.0.167.164 linux-image-lowlatency-hwe-18.04 - 5.4.0.167.164 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.167.164 linux-image-oem - 5.4.0.167.164 linux-image-oem-osp1 - 5.4.0.167.164 linux-image-virtual - 5.4.0.167.164 linux-image-virtual-hwe-18.04 - 5.4.0.167.164 linux-image-virtual-hwe-18.04-edge - 5.4.0.167.164 linux-lowlatency - 5.4.0.167.164 linux-lowlatency-hwe-18.04 - 5.4.0.167.164 linux-lowlatency-hwe-18.04-edge - 5.4.0.167.164 linux-oem - 5.4.0.167.164 linux-oem-osp1 - 5.4.0.167.164 linux-oem-osp1-tools-host - 5.4.0.167.164 linux-oem-tools-host - 5.4.0.167.164 linux-source - 5.4.0.167.164 linux-tools-generic - 5.4.0.167.164 linux-tools-generic-hwe-18.04 - 5.4.0.167.164 linux-tools-generic-hwe-18.04-edge - 5.4.0.167.164 linux-tools-generic-lpae - 5.4.0.167.164 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.167.164 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.167.164 linux-tools-lowlatency - 5.4.0.167.164 linux-tools-lowlatency-hwe-18.04 - 5.4.0.167.164 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.167.164 linux-tools-oem - 5.4.0.167.164 linux-tools-oem-osp1 - 5.4.0.167.164 linux-tools-virtual - 5.4.0.167.164 linux-tools-virtual-hwe-18.04 - 5.4.0.167.164 linux-tools-virtual-hwe-18.04-edge - 5.4.0.167.164 linux-virtual - 5.4.0.167.164 linux-virtual-hwe-18.04 - 5.4.0.167.164 linux-virtual-hwe-18.04-edge - 5.4.0.167.164 No subscription required Medium CVE-2023-31085 CVE-2023-45871 Ubuntu 20.04 LTS Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb) Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-45871) Update Instructions: Run `sudo pro fix USN-6495-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-cloud-tools-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-gkeop-cloud-tools-5.4.0-1081 - 5.4.0-1081.85 linux-gkeop-headers-5.4.0-1081 - 5.4.0-1081.85 linux-gkeop-source-5.4.0 - 5.4.0-1081.85 linux-gkeop-tools-5.4.0-1081 - 5.4.0-1081.85 linux-headers-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-image-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-image-unsigned-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-modules-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-modules-extra-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-tools-5.4.0-1081-gkeop - 5.4.0-1081.85 No subscription required linux-buildinfo-5.4.0-1118-gcp - 5.4.0-1118.127 linux-gcp-headers-5.4.0-1118 - 5.4.0-1118.127 linux-gcp-tools-5.4.0-1118 - 5.4.0-1118.127 linux-headers-5.4.0-1118-gcp - 5.4.0-1118.127 linux-image-5.4.0-1118-gcp - 5.4.0-1118.127 linux-image-unsigned-5.4.0-1118-gcp - 5.4.0-1118.127 linux-modules-5.4.0-1118-gcp - 5.4.0-1118.127 linux-modules-extra-5.4.0-1118-gcp - 5.4.0-1118.127 linux-tools-5.4.0-1118-gcp - 5.4.0-1118.127 No subscription required linux-azure-cloud-tools-5.4.0-1120 - 5.4.0-1120.127 linux-azure-headers-5.4.0-1120 - 5.4.0-1120.127 linux-azure-tools-5.4.0-1120 - 5.4.0-1120.127 linux-buildinfo-5.4.0-1120-azure - 5.4.0-1120.127 linux-cloud-tools-5.4.0-1120-azure - 5.4.0-1120.127 linux-headers-5.4.0-1120-azure - 5.4.0-1120.127 linux-image-5.4.0-1120-azure - 5.4.0-1120.127 linux-image-unsigned-5.4.0-1120-azure - 5.4.0-1120.127 linux-modules-5.4.0-1120-azure - 5.4.0-1120.127 linux-modules-extra-5.4.0-1120-azure - 5.4.0-1120.127 linux-tools-5.4.0-1120-azure - 5.4.0-1120.127 No subscription required linux-cloud-tools-gkeop - 5.4.0.1081.79 linux-cloud-tools-gkeop-5.4 - 5.4.0.1081.79 linux-gkeop - 5.4.0.1081.79 linux-gkeop-5.4 - 5.4.0.1081.79 linux-headers-gkeop - 5.4.0.1081.79 linux-headers-gkeop-5.4 - 5.4.0.1081.79 linux-image-gkeop - 5.4.0.1081.79 linux-image-gkeop-5.4 - 5.4.0.1081.79 linux-modules-extra-gkeop - 5.4.0.1081.79 linux-modules-extra-gkeop-5.4 - 5.4.0.1081.79 linux-tools-gkeop - 5.4.0.1081.79 linux-tools-gkeop-5.4 - 5.4.0.1081.79 No subscription required linux-gcp-lts-20.04 - 5.4.0.1118.120 linux-headers-gcp-lts-20.04 - 5.4.0.1118.120 linux-image-gcp-lts-20.04 - 5.4.0.1118.120 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1118.120 linux-tools-gcp-lts-20.04 - 5.4.0.1118.120 No subscription required linux-azure-lts-20.04 - 5.4.0.1120.113 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1120.113 linux-headers-azure-lts-20.04 - 5.4.0.1120.113 linux-image-azure-lts-20.04 - 5.4.0.1120.113 linux-modules-extra-azure-lts-20.04 - 5.4.0.1120.113 linux-tools-azure-lts-20.04 - 5.4.0.1120.113 No subscription required Medium CVE-2023-31085 CVE-2023-45871 Ubuntu 20.04 LTS Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. (CVE-2023-25775) Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb) Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-45871) Update Instructions: Run `sudo pro fix USN-6496-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 linux-headers-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 linux-ibm-5.15-headers-5.15.0-1043 - 5.15.0-1043.46~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1043.46~20.04.1 linux-ibm-5.15-tools-5.15.0-1043 - 5.15.0-1043.46~20.04.1 linux-image-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 linux-image-unsigned-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 linux-modules-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 linux-modules-extra-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 linux-tools-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 No subscription required linux-buildinfo-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 linux-headers-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 linux-image-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 linux-image-unsigned-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 linux-modules-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 linux-modules-extra-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 linux-oracle-5.15-headers-5.15.0-1048 - 5.15.0-1048.54~20.04.1 linux-oracle-5.15-tools-5.15.0-1048 - 5.15.0-1048.54~20.04.1 linux-tools-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1050 - 5.15.0-1050.55~20.04.1 linux-aws-5.15-headers-5.15.0-1050 - 5.15.0-1050.55~20.04.1 linux-aws-5.15-tools-5.15.0-1050 - 5.15.0-1050.55~20.04.1 linux-buildinfo-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-cloud-tools-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-headers-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-image-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-image-unsigned-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-modules-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-modules-extra-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-tools-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 No subscription required linux-buildinfo-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-buildinfo-5.15.0-89-generic-64k - 5.15.0-89.99~20.04.1 linux-buildinfo-5.15.0-89-generic-lpae - 5.15.0-89.99~20.04.1 linux-buildinfo-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-buildinfo-5.15.0-89-lowlatency-64k - 5.15.0-89.99~20.04.1 linux-cloud-tools-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-cloud-tools-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-headers-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-headers-5.15.0-89-generic-64k - 5.15.0-89.99~20.04.1 linux-headers-5.15.0-89-generic-lpae - 5.15.0-89.99~20.04.1 linux-headers-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-headers-5.15.0-89-lowlatency-64k - 5.15.0-89.99~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-89 - 5.15.0-89.99~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-89.99~20.04.1 linux-hwe-5.15-headers-5.15.0-89 - 5.15.0-89.99~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-89.99~20.04.1 linux-hwe-5.15-tools-5.15.0-89 - 5.15.0-89.99~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-89.99~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-89.99~20.04.1 linux-image-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-image-5.15.0-89-generic-64k - 5.15.0-89.99~20.04.1 linux-image-5.15.0-89-generic-lpae - 5.15.0-89.99~20.04.1 linux-image-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-image-5.15.0-89-lowlatency-64k - 5.15.0-89.99~20.04.1 linux-image-unsigned-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-image-unsigned-5.15.0-89-generic-64k - 5.15.0-89.99~20.04.1 linux-image-unsigned-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-image-unsigned-5.15.0-89-lowlatency-64k - 5.15.0-89.99~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-89 - 5.15.0-89.99~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-89.99~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-89 - 5.15.0-89.99~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-89 - 5.15.0-89.99~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-89.99~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-89.99~20.04.1 linux-modules-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-modules-5.15.0-89-generic-64k - 5.15.0-89.99~20.04.1 linux-modules-5.15.0-89-generic-lpae - 5.15.0-89.99~20.04.1 linux-modules-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-modules-5.15.0-89-lowlatency-64k - 5.15.0-89.99~20.04.1 linux-modules-extra-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-modules-iwlwifi-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-modules-iwlwifi-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-tools-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-tools-5.15.0-89-generic-64k - 5.15.0-89.99~20.04.1 linux-tools-5.15.0-89-generic-lpae - 5.15.0-89.99~20.04.1 linux-tools-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-tools-5.15.0-89-lowlatency-64k - 5.15.0-89.99~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1043.46~20.04.15 linux-headers-ibm-edge - 5.15.0.1043.46~20.04.15 linux-ibm - 5.15.0.1043.46~20.04.15 linux-ibm-edge - 5.15.0.1043.46~20.04.15 linux-image-ibm - 5.15.0.1043.46~20.04.15 linux-image-ibm-edge - 5.15.0.1043.46~20.04.15 linux-tools-ibm - 5.15.0.1043.46~20.04.15 linux-tools-ibm-edge - 5.15.0.1043.46~20.04.15 No subscription required linux-headers-oracle - 5.15.0.1048.54~20.04.1 linux-headers-oracle-edge - 5.15.0.1048.54~20.04.1 linux-image-oracle - 5.15.0.1048.54~20.04.1 linux-image-oracle-edge - 5.15.0.1048.54~20.04.1 linux-oracle - 5.15.0.1048.54~20.04.1 linux-oracle-edge - 5.15.0.1048.54~20.04.1 linux-tools-oracle - 5.15.0.1048.54~20.04.1 linux-tools-oracle-edge - 5.15.0.1048.54~20.04.1 No subscription required linux-aws - 5.15.0.1050.55~20.04.38 linux-aws-edge - 5.15.0.1050.55~20.04.38 linux-headers-aws - 5.15.0.1050.55~20.04.38 linux-headers-aws-edge - 5.15.0.1050.55~20.04.38 linux-image-aws - 5.15.0.1050.55~20.04.38 linux-image-aws-edge - 5.15.0.1050.55~20.04.38 linux-modules-extra-aws - 5.15.0.1050.55~20.04.38 linux-modules-extra-aws-edge - 5.15.0.1050.55~20.04.38 linux-tools-aws - 5.15.0.1050.55~20.04.38 linux-tools-aws-edge - 5.15.0.1050.55~20.04.38 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-headers-lowlatency-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-image-lowlatency-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-lowlatency-64k-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-lowlatency-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-lowlatency-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-tools-lowlatency-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.89.99~20.04.44 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-generic-64k-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-generic-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-generic-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-generic-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-generic-lpae-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-generic-lpae-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-headers-generic-64k-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-headers-generic-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-headers-generic-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-headers-oem-20.04 - 5.15.0.89.99~20.04.47 linux-headers-oem-20.04b - 5.15.0.89.99~20.04.47 linux-headers-oem-20.04c - 5.15.0.89.99~20.04.47 linux-headers-oem-20.04d - 5.15.0.89.99~20.04.47 linux-headers-virtual-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-headers-virtual-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-image-extra-virtual-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-image-generic-64k-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-image-generic-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-image-generic-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-image-generic-lpae-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-image-oem-20.04 - 5.15.0.89.99~20.04.47 linux-image-oem-20.04b - 5.15.0.89.99~20.04.47 linux-image-oem-20.04c - 5.15.0.89.99~20.04.47 linux-image-oem-20.04d - 5.15.0.89.99~20.04.47 linux-image-virtual-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-image-virtual-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-modules-iwlwifi-oem-20.04 - 5.15.0.89.99~20.04.47 linux-modules-iwlwifi-oem-20.04d - 5.15.0.89.99~20.04.47 linux-oem-20.04 - 5.15.0.89.99~20.04.47 linux-oem-20.04b - 5.15.0.89.99~20.04.47 linux-oem-20.04c - 5.15.0.89.99~20.04.47 linux-oem-20.04d - 5.15.0.89.99~20.04.47 linux-tools-generic-64k-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-tools-generic-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-tools-generic-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-tools-oem-20.04 - 5.15.0.89.99~20.04.47 linux-tools-oem-20.04b - 5.15.0.89.99~20.04.47 linux-tools-oem-20.04c - 5.15.0.89.99~20.04.47 linux-tools-oem-20.04d - 5.15.0.89.99~20.04.47 linux-tools-virtual-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-tools-virtual-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-virtual-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-virtual-hwe-20.04-edge - 5.15.0.89.99~20.04.47 No subscription required Medium CVE-2023-25775 CVE-2023-31085 CVE-2023-45871 Ubuntu 20.04 LTS Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. (CVE-2023-25775) Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb) Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-45871) Update Instructions: Run `sudo pro fix USN-6496-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-cloud-tools-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1033 - 5.15.0-1033.39~20.04.1 linux-gkeop-5.15-headers-5.15.0-1033 - 5.15.0-1033.39~20.04.1 linux-gkeop-5.15-tools-5.15.0-1033 - 5.15.0-1033.39~20.04.1 linux-headers-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-image-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-image-unsigned-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-modules-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-modules-extra-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-tools-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 No subscription required linux-buildinfo-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 linux-gcp-5.15-headers-5.15.0-1047 - 5.15.0-1047.55~20.04.1 linux-gcp-5.15-tools-5.15.0-1047 - 5.15.0-1047.55~20.04.1 linux-headers-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 linux-image-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 linux-image-unsigned-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 linux-modules-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 linux-modules-extra-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 linux-tools-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1052 - 5.15.0-1052.60~20.04.1 linux-azure-5.15-headers-5.15.0-1052 - 5.15.0-1052.60~20.04.1 linux-azure-5.15-tools-5.15.0-1052 - 5.15.0-1052.60~20.04.1 linux-buildinfo-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-cloud-tools-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-headers-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-image-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-image-unsigned-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-modules-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-modules-extra-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-tools-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 No subscription required linux-image-5.15.0-1052-azure-fde - 5.15.0-1052.60~20.04.1.1 linux-image-unsigned-5.15.0-1052-azure-fde - 5.15.0-1052.60~20.04.1.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1033.39~20.04.29 linux-cloud-tools-gkeop-edge - 5.15.0.1033.39~20.04.29 linux-gkeop-5.15 - 5.15.0.1033.39~20.04.29 linux-gkeop-edge - 5.15.0.1033.39~20.04.29 linux-headers-gkeop-5.15 - 5.15.0.1033.39~20.04.29 linux-headers-gkeop-edge - 5.15.0.1033.39~20.04.29 linux-image-gkeop-5.15 - 5.15.0.1033.39~20.04.29 linux-image-gkeop-edge - 5.15.0.1033.39~20.04.29 linux-modules-extra-gkeop-5.15 - 5.15.0.1033.39~20.04.29 linux-modules-extra-gkeop-edge - 5.15.0.1033.39~20.04.29 linux-tools-gkeop-5.15 - 5.15.0.1033.39~20.04.29 linux-tools-gkeop-edge - 5.15.0.1033.39~20.04.29 No subscription required linux-gcp - 5.15.0.1047.55~20.04.1 linux-gcp-edge - 5.15.0.1047.55~20.04.1 linux-headers-gcp - 5.15.0.1047.55~20.04.1 linux-headers-gcp-edge - 5.15.0.1047.55~20.04.1 linux-image-gcp - 5.15.0.1047.55~20.04.1 linux-image-gcp-edge - 5.15.0.1047.55~20.04.1 linux-modules-extra-gcp - 5.15.0.1047.55~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1047.55~20.04.1 linux-tools-gcp - 5.15.0.1047.55~20.04.1 linux-tools-gcp-edge - 5.15.0.1047.55~20.04.1 No subscription required linux-azure-fde - 5.15.0.1052.60~20.04.1.30 linux-azure-fde-edge - 5.15.0.1052.60~20.04.1.30 linux-cloud-tools-azure-fde - 5.15.0.1052.60~20.04.1.30 linux-cloud-tools-azure-fde-edge - 5.15.0.1052.60~20.04.1.30 linux-headers-azure-fde - 5.15.0.1052.60~20.04.1.30 linux-headers-azure-fde-edge - 5.15.0.1052.60~20.04.1.30 linux-image-azure-fde - 5.15.0.1052.60~20.04.1.30 linux-image-azure-fde-edge - 5.15.0.1052.60~20.04.1.30 linux-modules-extra-azure-fde - 5.15.0.1052.60~20.04.1.30 linux-modules-extra-azure-fde-edge - 5.15.0.1052.60~20.04.1.30 linux-tools-azure-fde - 5.15.0.1052.60~20.04.1.30 linux-tools-azure-fde-edge - 5.15.0.1052.60~20.04.1.30 No subscription required linux-azure - 5.15.0.1052.60~20.04.41 linux-azure-cvm - 5.15.0.1052.60~20.04.41 linux-azure-edge - 5.15.0.1052.60~20.04.41 linux-cloud-tools-azure - 5.15.0.1052.60~20.04.41 linux-cloud-tools-azure-cvm - 5.15.0.1052.60~20.04.41 linux-cloud-tools-azure-edge - 5.15.0.1052.60~20.04.41 linux-headers-azure - 5.15.0.1052.60~20.04.41 linux-headers-azure-cvm - 5.15.0.1052.60~20.04.41 linux-headers-azure-edge - 5.15.0.1052.60~20.04.41 linux-image-azure - 5.15.0.1052.60~20.04.41 linux-image-azure-cvm - 5.15.0.1052.60~20.04.41 linux-image-azure-edge - 5.15.0.1052.60~20.04.41 linux-modules-extra-azure - 5.15.0.1052.60~20.04.41 linux-modules-extra-azure-cvm - 5.15.0.1052.60~20.04.41 linux-modules-extra-azure-edge - 5.15.0.1052.60~20.04.41 linux-tools-azure - 5.15.0.1052.60~20.04.41 linux-tools-azure-cvm - 5.15.0.1052.60~20.04.41 linux-tools-azure-edge - 5.15.0.1052.60~20.04.41 No subscription required Medium CVE-2023-25775 CVE-2023-31085 CVE-2023-45871 Ubuntu 20.04 LTS It was discovered that GnuTLS had a timing side-channel when handling certain RSA-PSK key exchanges. A remote attacker could possibly use this issue to recover sensitive information. Update Instructions: Run `sudo pro fix USN-6499-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-bin - 3.6.13-2ubuntu1.9 gnutls-doc - 3.6.13-2ubuntu1.9 guile-gnutls - 3.6.13-2ubuntu1.9 libgnutls-dane0 - 3.6.13-2ubuntu1.9 libgnutls-openssl27 - 3.6.13-2ubuntu1.9 libgnutls28-dev - 3.6.13-2ubuntu1.9 libgnutls30 - 3.6.13-2ubuntu1.9 libgnutlsxx28 - 3.6.13-2ubuntu1.9 No subscription required Medium CVE-2023-5981 Ubuntu 20.04 LTS Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-46724) Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Gopher support has been disabled in this update. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-46728) Keran Mu and Jianjun Chen discovered that Squid incorrectly handled the chunked decoder. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks. (CVE-2023-46846) Joshua Rogers discovered that Squid incorrectly handled HTTP Digest Authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-46847) Joshua Rogers discovered that Squid incorrectly handled certain FTP urls. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-46848) Update Instructions: Run `sudo pro fix USN-6500-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid - 4.10-1ubuntu1.8 squid-cgi - 4.10-1ubuntu1.8 squid-common - 4.10-1ubuntu1.8 squid-purge - 4.10-1ubuntu1.8 squidclient - 4.10-1ubuntu1.8 No subscription required Medium CVE-2023-46724 CVE-2023-46728 CVE-2023-46846 CVE-2023-46847 CVE-2023-46848 Ubuntu 20.04 LTS It was discovered that RabbitMQ incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6501-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rabbitmq-server - 3.8.2-0ubuntu1.5 No subscription required Medium CVE-2023-46118 Ubuntu 20.04 LTS It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6505-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnghttp2-14 - 1.40.0-1ubuntu0.2 libnghttp2-dev - 1.40.0-1ubuntu0.2 libnghttp2-doc - 1.40.0-1ubuntu0.2 nghttp2 - 1.40.0-1ubuntu0.2 nghttp2-client - 1.40.0-1ubuntu0.2 nghttp2-proxy - 1.40.0-1ubuntu0.2 nghttp2-server - 1.40.0-1ubuntu0.2 No subscription required Medium CVE-2023-44487 Ubuntu 20.04 LTS David Shoon discovered that the Apache HTTP Server mod_macro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2023-31122) Prof. Sven Dietrich, Isa Jafarov, Prof. Heejo Lee, and Choongin Lee discovered that the Apache HTTP Server incorrectly handled certain HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. This issue only affected Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-43622) Will Dormann and David Warren discovered that the Apache HTTP Server incorrectly handled memory when handling HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. (CVE-2023-45802) Update Instructions: Run `sudo pro fix USN-6506-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2 - 2.4.41-4ubuntu3.15 apache2-bin - 2.4.41-4ubuntu3.15 apache2-data - 2.4.41-4ubuntu3.15 apache2-dev - 2.4.41-4ubuntu3.15 apache2-doc - 2.4.41-4ubuntu3.15 apache2-ssl-dev - 2.4.41-4ubuntu3.15 apache2-suexec-custom - 2.4.41-4ubuntu3.15 apache2-suexec-pristine - 2.4.41-4ubuntu3.15 apache2-utils - 2.4.41-4ubuntu3.15 libapache2-mod-md - 2.4.41-4ubuntu3.15 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.15 No subscription required Medium CVE-2023-31122 CVE-2023-43622 CVE-2023-45802 Ubuntu 20.04 LTS It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-23804) It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-37050, CVE-2022-37051, CVE-2022-37052, CVE-2022-38349) Update Instructions: Run `sudo pro fix USN-6508-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-poppler-0.18 - 0.86.1-0ubuntu1.4 libpoppler-cpp-dev - 0.86.1-0ubuntu1.4 libpoppler-cpp0v5 - 0.86.1-0ubuntu1.4 libpoppler-dev - 0.86.1-0ubuntu1.4 libpoppler-glib-dev - 0.86.1-0ubuntu1.4 libpoppler-glib-doc - 0.86.1-0ubuntu1.4 libpoppler-glib8 - 0.86.1-0ubuntu1.4 libpoppler-private-dev - 0.86.1-0ubuntu1.4 libpoppler-qt5-1 - 0.86.1-0ubuntu1.4 libpoppler-qt5-dev - 0.86.1-0ubuntu1.4 libpoppler97 - 0.86.1-0ubuntu1.4 poppler-utils - 0.86.1-0ubuntu1.4 No subscription required Medium CVE-2020-23804 CVE-2022-37050 CVE-2022-37051 CVE-2022-37052 CVE-2022-38349 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-6206, CVE-2023-6210, CVE-2023-6211, CVE-2023-6212, CVE-2023-6213) It was discovered that Firefox did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6204) It discovered that Firefox incorrectly handled certain memory when using a MessagePort. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6205) It discovered that Firefox incorrectly did not properly manage ownership in ReadableByteStreams. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6207) It discovered that Firefox incorrectly did not properly manage copy operations when using Selection API in X11. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6208) Rachmat Abdul Rokhim discovered that Firefox incorrectly handled parsing of relative URLS starting with "///". An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6209) Update Instructions: Run `sudo pro fix USN-6509-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 120.0+build2-0ubuntu0.20.04.1 firefox-dev - 120.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-nl - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 120.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 120.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-6204 CVE-2023-6205 CVE-2023-6206 CVE-2023-6207 CVE-2023-6208 CVE-2023-6209 CVE-2023-6210 CVE-2023-6211 CVE-2023-6212 CVE-2023-6213 Ubuntu 20.04 LTS USN-6509-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-6206, CVE-2023-6210, CVE-2023-6211, CVE-2023-6212, CVE-2023-6213) It was discovered that Firefox did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6204) It discovered that Firefox incorrectly handled certain memory when using a MessagePort. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6205) It discovered that Firefox incorrectly did not properly manage ownership in ReadableByteStreams. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6207) It discovered that Firefox incorrectly did not properly manage copy operations when using Selection API in X11. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6208) Rachmat Abdul Rokhim discovered incorrectly handled parsing of relative URLS starting with "///". An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6209) Update Instructions: Run `sudo pro fix USN-6509-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 120.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 120.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nl - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 120.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 120.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2045518 Ubuntu 20.04 LTS It was discovered that the OpenZFS sharenfs feature incorrectly handled IPv6 address data. This could result in IPv6 restrictions not being applied, contrary to expectations. Update Instructions: Run `sudo pro fix USN-6511-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnvpair1linux - 0.8.3-1ubuntu12.16 libuutil1linux - 0.8.3-1ubuntu12.16 libzfs2linux - 0.8.3-1ubuntu12.16 libzfslinux-dev - 0.8.3-1ubuntu12.16 libzpool2linux - 0.8.3-1ubuntu12.16 python3-pyzfs - 0.8.3-1ubuntu12.16 pyzfs-doc - 0.8.3-1ubuntu12.16 spl - 0.8.3-1ubuntu12.16 spl-dkms - 0.8.3-1ubuntu12.16 zfs-dkms - 0.8.3-1ubuntu12.16 zfs-dracut - 0.8.3-1ubuntu12.16 zfs-initramfs - 0.8.3-1ubuntu12.16 zfs-test - 0.8.3-1ubuntu12.16 zfs-zed - 0.8.3-1ubuntu12.16 zfsutils-linux - 0.8.3-1ubuntu12.16 No subscription required Medium CVE-2013-20001 Ubuntu 20.04 LTS It was discovered that LibTIFF could be made to run into an infinite loop. If a user or an automated system were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause a denial of service. (CVE-2022-40090) It was discovered that LibTIFF could be made leak memory. If a user or an automated system were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause a denial of service. (CVE-2023-3576) Update Instructions: Run `sudo pro fix USN-6512-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.11 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.11 libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.11 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.11 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.11 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.11 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.11 No subscription required Medium CVE-2022-40090 CVE-2023-3576 Ubuntu 20.04 LTS USN-6513-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. Original advisory details: It was discovered that Python incorrectly handled certain plist files. If a user or an automated system were tricked into processing a specially crafted plist file, an attacker could possibly use this issue to consume resources, resulting in a denial of service. (CVE-2022-48564) It was discovered that Python instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake. An attacker could possibly use this issue to cause applications to treat unauthenticated received data before TLS handshake as authenticated data after TLS handshake. (CVE-2023-40217) Update Instructions: Run `sudo pro fix USN-6513-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python3.8 - 3.8.10-0ubuntu1~20.04.9 libpython3.8 - 3.8.10-0ubuntu1~20.04.9 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.9 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.9 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.9 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.9 python3.8 - 3.8.10-0ubuntu1~20.04.9 python3.8-dev - 3.8.10-0ubuntu1~20.04.9 python3.8-doc - 3.8.10-0ubuntu1~20.04.9 python3.8-examples - 3.8.10-0ubuntu1~20.04.9 python3.8-full - 3.8.10-0ubuntu1~20.04.9 python3.8-minimal - 3.8.10-0ubuntu1~20.04.9 python3.8-venv - 3.8.10-0ubuntu1~20.04.9 No subscription required Medium CVE-2023-40217 Ubuntu 20.04 LTS It was discovered that Open vSwitch did not correctly handle OpenFlow rules for ICMPv6 Neighbour Advertisement packets. A local attacker could possibly use this issue to redirect traffic to arbitrary IP addresses. Update Instructions: Run `sudo pro fix USN-6514-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-common - 2.13.8-0ubuntu1.3 openvswitch-doc - 2.13.8-0ubuntu1.3 openvswitch-pki - 2.13.8-0ubuntu1.3 openvswitch-source - 2.13.8-0ubuntu1.3 openvswitch-switch - 2.13.8-0ubuntu1.3 openvswitch-switch-dpdk - 2.13.8-0ubuntu1.3 openvswitch-test - 2.13.8-0ubuntu1.3 openvswitch-testcontroller - 2.13.8-0ubuntu1.3 openvswitch-vtep - 2.13.8-0ubuntu1.3 python3-openvswitch - 2.13.8-0ubuntu1.3 No subscription required Medium CVE-2023-5366 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-6206, CVE-2023-6212) It was discovered that Thudnerbird did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6204) It discovered that Thunderbird incorrectly handled certain memory when using a MessagePort. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6205) It discovered that Thunderbird incorrectly did not properly manage ownership in ReadableByteStreams. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6207) It discovered that Thudnerbird incorrectly did not properly manage copy operations when using Selection API in X11. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6208) Rachmat Abdul Rokhim discovered that Thunderbird incorrectly handled parsing of relative URLS starting with "///". An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6209) Update Instructions: Run `sudo pro fix USN-6515-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.5.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.5.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.5.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.5.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-6204 CVE-2023-6205 CVE-2023-6206 CVE-2023-6207 CVE-2023-6208 CVE-2023-6209 CVE-2023-6212 Ubuntu 20.04 LTS Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. (CVE-2023-25775) Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-31083) Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-3772) Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb) Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-45871) Update Instructions: Run `sudo pro fix USN-6516-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-cloud-tools-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-headers-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-image-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-image-unsigned-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1045 - 5.15.0-1045.51~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1045.51~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1045 - 5.15.0-1045.51~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1045 - 5.15.0-1045.51~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1045.51~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1045.51~20.04.1 linux-modules-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-modules-extra-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-modules-iwlwifi-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-tools-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1045.51~20.04.35 linux-headers-intel - 5.15.0.1045.51~20.04.35 linux-headers-intel-iotg - 5.15.0.1045.51~20.04.35 linux-headers-intel-iotg-edge - 5.15.0.1045.51~20.04.35 linux-image-intel - 5.15.0.1045.51~20.04.35 linux-image-intel-iotg - 5.15.0.1045.51~20.04.35 linux-image-intel-iotg-edge - 5.15.0.1045.51~20.04.35 linux-intel - 5.15.0.1045.51~20.04.35 linux-intel-iotg - 5.15.0.1045.51~20.04.35 linux-intel-iotg-edge - 5.15.0.1045.51~20.04.35 linux-tools-intel - 5.15.0.1045.51~20.04.35 linux-tools-intel-iotg - 5.15.0.1045.51~20.04.35 linux-tools-intel-iotg-edge - 5.15.0.1045.51~20.04.35 No subscription required Medium CVE-2023-25775 CVE-2023-31083 CVE-2023-31085 CVE-2023-3772 CVE-2023-45871 Ubuntu 20.04 LTS It was discovered that Perl incorrectly handled printing certain warning messages. An attacker could possibly use this issue to cause Perl to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-48522) Nathan Mills discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-47038) Update Instructions: Run `sudo pro fix USN-6517-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libperl-dev - 5.30.0-9ubuntu0.5 libperl5.30 - 5.30.0-9ubuntu0.5 perl - 5.30.0-9ubuntu0.5 perl-base - 5.30.0-9ubuntu0.5 perl-debug - 5.30.0-9ubuntu0.5 perl-doc - 5.30.0-9ubuntu0.5 perl-modules-5.30 - 5.30.0-9ubuntu0.5 No subscription required Medium CVE-2022-48522 CVE-2023-47038 Ubuntu 20.04 LTS It was discovered that GIMP incorrectly handled certain image files. If a user were tricked into opening a specially crafted image, an attacker could use this issue to cause GIMP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6521-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gimp - 2.10.18-1ubuntu0.1 gimp-data - 2.10.18-1ubuntu0.1 libgimp2.0 - 2.10.18-1ubuntu0.1 libgimp2.0-dev - 2.10.18-1ubuntu0.1 libgimp2.0-doc - 2.10.18-1ubuntu0.1 No subscription required Medium CVE-2022-30067 CVE-2022-32990 CVE-2023-44441 CVE-2023-44442 CVE-2023-44443 CVE-2023-44444 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled drive redirection. If a user were tricked into connection to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2022-41877) It was discovered that FreeRDP incorrectly handled certain surface updates. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-39352, CVE-2023-39356) Update Instructions: Run `sudo pro fix USN-6522-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freerdp2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.6 freerdp2-shadow-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.6 freerdp2-wayland - 2.2.0+dfsg1-0ubuntu0.20.04.6 freerdp2-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libfreerdp-client2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libfreerdp-server2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libfreerdp-shadow-subsystem2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libfreerdp-shadow2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libfreerdp2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libuwac0-0 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libuwac0-dev - 2.2.0+dfsg1-0ubuntu0.20.04.6 libwinpr-tools2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libwinpr2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libwinpr2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.6 winpr-utils - 2.2.0+dfsg1-0ubuntu0.20.04.6 No subscription required Medium CVE-2022-41877 CVE-2023-39352 CVE-2023-39356 Ubuntu 20.04 LTS Nicky Mouha discovered that PyPy incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause PyPy to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6524-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pypy3 - 7.3.1+dfsg-4ubuntu0.1 pypy3-dev - 7.3.1+dfsg-4ubuntu0.1 pypy3-doc - 7.3.1+dfsg-4ubuntu0.1 pypy3-lib - 7.3.1+dfsg-4ubuntu0.1 pypy3-lib-testsuite - 7.3.1+dfsg-4ubuntu0.1 pypy3-tk - 7.3.1+dfsg-4ubuntu0.1 No subscription required Medium CVE-2022-37454 Ubuntu 20.04 LTS Nicky Mouha discovered that pysha incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause pysha3 to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6525-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-sha3 - 1.0.2-4ubuntu0.1 No subscription required Medium CVE-2022-37454 Ubuntu 20.04 LTS It was discovered that GStreamer Bad Plugins incorrectly handled certain media files. A remote attacker could use this issue to cause GStreamer Bad Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6526-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gst-plugins-bad-1.0 - 1.16.3-0ubuntu1.1 gstreamer1.0-opencv - 1.16.3-0ubuntu1.1 gstreamer1.0-plugins-bad - 1.16.3-0ubuntu1.1 gstreamer1.0-plugins-bad-doc - 1.16.3-0ubuntu1.1 libgstreamer-opencv1.0-0 - 1.16.3-0ubuntu1.1 libgstreamer-plugins-bad1.0-0 - 1.16.3-0ubuntu1.1 libgstreamer-plugins-bad1.0-dev - 1.16.3-0ubuntu1.1 No subscription required Medium CVE-2023-37329 CVE-2023-40474 CVE-2023-40475 CVE-2023-40476 CVE-2023-44429 CVE-2023-44446 Ubuntu 20.04 LTS Carter Kozak discovered that OpenJDK, when compiling with AVX-512 instruction support enabled, could produce code that resulted in memory corruption in certain situations. An attacker targeting applications built in this way could possibly use this to cause a denial of service or execute arbitrary code. In Ubuntu, OpenJDK defaults to not using AVX-512 instructions. (CVE-2023-22025) It was discovered that OpenJDK did not properly perform PKIX certification path validation in certain situations. An attacker could use this to cause a denial of service. (CVE-2023-22081) Update Instructions: Run `sudo pro fix USN-6527-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-demo - 11.0.21+9-0ubuntu1~20.04 openjdk-11-doc - 11.0.21+9-0ubuntu1~20.04 openjdk-11-jdk - 11.0.21+9-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.21+9-0ubuntu1~20.04 openjdk-11-jre - 11.0.21+9-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.21+9-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.21+9-0ubuntu1~20.04 openjdk-11-source - 11.0.21+9-0ubuntu1~20.04 No subscription required openjdk-17-demo - 17.0.9+9-1~20.04 openjdk-17-doc - 17.0.9+9-1~20.04 openjdk-17-jdk - 17.0.9+9-1~20.04 openjdk-17-jdk-headless - 17.0.9+9-1~20.04 openjdk-17-jre - 17.0.9+9-1~20.04 openjdk-17-jre-headless - 17.0.9+9-1~20.04 openjdk-17-jre-zero - 17.0.9+9-1~20.04 openjdk-17-source - 17.0.9+9-1~20.04 No subscription required Medium CVE-2023-22025 CVE-2023-22081 Ubuntu 20.04 LTS It was discovered that the HotSpot VM implementation in OpenJDK did not properly validate bytecode blocks in certain situations. An attacker could possibly use this to cause a denial of service. (CVE-2022-40433) Carter Kozak discovered that OpenJDK, when compiling with AVX-512 instruction support enabled, could produce code that resulted in memory corruption in certain situations. An attacker targeting applications built in this way could possibly use this to cause a denial of service or execute arbitrary code. In Ubuntu, OpenJDK defaults to not using AVX-512 instructions. (CVE-2023-22025) It was discovered that the CORBA implementation in OpenJDK did not properly perform deserialization of IOR string objects. An attacker could possibly use this to bypass Java sandbox restrictions. (CVE-2023-22067) It was discovered that OpenJDK did not properly perform PKIX certification path validation in certain situations. An attacker could use this to cause a denial of service. (CVE-2023-22081) Update Instructions: Run `sudo pro fix USN-6528-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-demo - 8u392-ga-1~20.04 openjdk-8-doc - 8u392-ga-1~20.04 openjdk-8-jdk - 8u392-ga-1~20.04 openjdk-8-jdk-headless - 8u392-ga-1~20.04 openjdk-8-jre - 8u392-ga-1~20.04 openjdk-8-jre-headless - 8u392-ga-1~20.04 openjdk-8-jre-zero - 8u392-ga-1~20.04 openjdk-8-source - 8u392-ga-1~20.04 No subscription required Medium CVE-2023-22025 CVE-2023-22067 CVE-2023-22081 Ubuntu 20.04 LTS It was discovered that Request Tracker incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-38562, CVE-2022-25802, CVE-2023-41259, CVE-2023-41260) Update Instructions: Run `sudo pro fix USN-6529-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: request-tracker4 - 4.4.3-2+deb10u3build0.20.04.1 rt4-apache2 - 4.4.3-2+deb10u3build0.20.04.1 rt4-clients - 4.4.3-2+deb10u3build0.20.04.1 rt4-db-mysql - 4.4.3-2+deb10u3build0.20.04.1 rt4-db-postgresql - 4.4.3-2+deb10u3build0.20.04.1 rt4-db-sqlite - 4.4.3-2+deb10u3build0.20.04.1 rt4-doc-html - 4.4.3-2+deb10u3build0.20.04.1 rt4-fcgi - 4.4.3-2+deb10u3build0.20.04.1 rt4-standalone - 4.4.3-2+deb10u3build0.20.04.1 No subscription required Medium CVE-2021-38562 CVE-2022-25802 CVE-2023-41259 CVE-2023-41260 Ubuntu 20.04 LTS It was discovered that HAProxy incorrectly handled URI components containing the hash character (#). A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain path_end rules. Update Instructions: Run `sudo pro fix USN-6530-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.31-0ubuntu0.3 haproxy-doc - 2.0.31-0ubuntu0.3 vim-haproxy - 2.0.31-0ubuntu0.3 No subscription required Medium CVE-2023-45539 Ubuntu 20.04 LTS Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause heap corruption and execute arbitrary code. (CVE-2022-24834) SeungHyun Lee discovered that Redis incorrectly handled specially crafted commands. An attacker could possibly use this issue to trigger an integer overflow, which might cause Redis to allocate impossible amounts of memory, resulting in a denial of service via an application crash. (CVE-2022-35977) Tom Levy discovered that Redis incorrectly handled crafted string matching patterns. An attacker could possibly use this issue to cause Redis to hang, resulting in a denial of service. (CVE-2022-36021) Yupeng Yang discovered that Redis incorrectly handled specially crafted commands. An attacker could possibly use this issue to trigger an integer overflow, resulting in a denial of service via an application crash. (CVE-2023-25155) It was discovered that Redis incorrectly handled a specially crafted command. An attacker could possibly use this issue to create an invalid hash field, which could potentially cause Redis to crash on future access. (CVE-2023-28856) Alexander Aleksandrovič Klimov discovered that Redis incorrectly listened to a Unix socket before setting proper permissions. A local attacker could possibly use this issue to connect, bypassing intended permissions. (CVE-2023-45145) Update Instructions: Run `sudo pro fix USN-6531-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: redis - 5:5.0.7-2ubuntu0.1+esm2 redis-sentinel - 5:5.0.7-2ubuntu0.1+esm2 redis-server - 5:5.0.7-2ubuntu0.1+esm2 redis-tools - 5:5.0.7-2ubuntu0.1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-24834 CVE-2022-35977 CVE-2022-36021 CVE-2023-25155 CVE-2023-28856 CVE-2023-45145 Ubuntu 20.04 LTS Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains. (CVE-2023-46218) Maksymilian Arciemowicz discovered that curl incorrectly handled long file names when saving HSTS data. This could result in curl losing HSTS data, and subsequent requests to a site would be done without it, contrary to expectations. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-46219) Update Instructions: Run `sudo pro fix USN-6535-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: curl - 7.68.0-1ubuntu2.21 libcurl3-gnutls - 7.68.0-1ubuntu2.21 libcurl3-nss - 7.68.0-1ubuntu2.21 libcurl4 - 7.68.0-1ubuntu2.21 libcurl4-doc - 7.68.0-1ubuntu2.21 libcurl4-gnutls-dev - 7.68.0-1ubuntu2.21 libcurl4-nss-dev - 7.68.0-1ubuntu2.21 libcurl4-openssl-dev - 7.68.0-1ubuntu2.21 No subscription required Medium CVE-2023-46218 CVE-2023-46219 Ubuntu 20.04 LTS Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-5868) Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL array values. A remote attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. (CVE-2023-5869) Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQL allowed the pg_signal_backend role to signal certain superuser processes, contrary to expectations. (CVE-2023-5870) Update Instructions: Run `sudo pro fix USN-6538-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libecpg-compat3 - 12.17-0ubuntu0.20.04.1 libecpg-dev - 12.17-0ubuntu0.20.04.1 libecpg6 - 12.17-0ubuntu0.20.04.1 libpgtypes3 - 12.17-0ubuntu0.20.04.1 libpq-dev - 12.17-0ubuntu0.20.04.1 libpq5 - 12.17-0ubuntu0.20.04.1 postgresql-12 - 12.17-0ubuntu0.20.04.1 postgresql-client-12 - 12.17-0ubuntu0.20.04.1 postgresql-doc-12 - 12.17-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.17-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.17-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.17-0ubuntu0.20.04.1 postgresql-server-dev-12 - 12.17-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-5868 CVE-2023-5869 CVE-2023-5870 Ubuntu 20.04 LTS It was discovered that the python-cryptography Cipher.update_into function would incorrectly accept objects with immutable buffers. This would result in corrupted output, contrary to expectations. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-23931) It was dicovered that python-cryptography incorrectly handled loading certain PKCS7 certificates. A remote attacker could possibly use this issue to cause python-cryptography to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-49083) Update Instructions: Run `sudo pro fix USN-6539-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-cryptography - 2.8-3ubuntu0.2 python-cryptography-doc - 2.8-3ubuntu0.2 python3-cryptography - 2.8-3ubuntu0.2 No subscription required Medium CVE-2023-23931 CVE-2023-49083 Ubuntu 20.04 LTS It was discovered that BlueZ did not properly restrict non-bonded devices from injecting HID events into the input subsystem. This could allow a physically proximate attacker to inject keystrokes and execute arbitrary commands whilst the device is discoverable. Update Instructions: Run `sudo pro fix USN-6540-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bluetooth - 5.53-0ubuntu3.7 bluez - 5.53-0ubuntu3.7 bluez-cups - 5.53-0ubuntu3.7 bluez-hcidump - 5.53-0ubuntu3.7 bluez-obexd - 5.53-0ubuntu3.7 bluez-tests - 5.53-0ubuntu3.7 libbluetooth-dev - 5.53-0ubuntu3.7 libbluetooth3 - 5.53-0ubuntu3.7 No subscription required Medium CVE-2023-45866 Ubuntu 20.04 LTS It was discovered that the GNU C Library was not properly handling certain memory operations. An attacker could possibly use this issue to cause a denial of service (application crash). (CVE-2023-4806, CVE-2023-4813) It was discovered that the GNU C library was not properly implementing a fix for CVE-2023-4806 in certain cases, which could lead to a memory leak. An attacker could possibly use this issue to cause a denial of service (application crash). This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-5156) Update Instructions: Run `sudo pro fix USN-6541-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: glibc-doc - 2.31-0ubuntu9.14 glibc-source - 2.31-0ubuntu9.14 libc-bin - 2.31-0ubuntu9.14 libc-dev-bin - 2.31-0ubuntu9.14 libc6 - 2.31-0ubuntu9.14 libc6-amd64 - 2.31-0ubuntu9.14 libc6-armel - 2.31-0ubuntu9.14 libc6-dev - 2.31-0ubuntu9.14 libc6-dev-amd64 - 2.31-0ubuntu9.14 libc6-dev-armel - 2.31-0ubuntu9.14 libc6-dev-i386 - 2.31-0ubuntu9.14 libc6-dev-s390 - 2.31-0ubuntu9.14 libc6-dev-x32 - 2.31-0ubuntu9.14 libc6-i386 - 2.31-0ubuntu9.14 libc6-lse - 2.31-0ubuntu9.14 libc6-pic - 2.31-0ubuntu9.14 libc6-prof - 2.31-0ubuntu9.14 libc6-s390 - 2.31-0ubuntu9.14 libc6-x32 - 2.31-0ubuntu9.14 locales - 2.31-0ubuntu9.14 locales-all - 2.31-0ubuntu9.14 nscd - 2.31-0ubuntu9.14 No subscription required Medium CVE-2023-4806 CVE-2023-4813 CVE-2023-5156 Ubuntu 20.04 LTS Wang Zhong discovered that TinyXML incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6542-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtinyxml-dev - 2.6.2-4+deb10u1build0.20.04.1 libtinyxml-doc - 2.6.2-4+deb10u1build0.20.04.1 libtinyxml2.6.2v5 - 2.6.2-4+deb10u1build0.20.04.1 No subscription required Medium CVE-2021-42260 Ubuntu 20.04 LTS It was discovered that tar incorrectly handled extended attributes in PAX archives. An attacker could use this issue to cause tar to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6543-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tar - 1.30+dfsg-7ubuntu0.20.04.4 tar-scripts - 1.30+dfsg-7ubuntu0.20.04.4 No subscription required Medium CVE-2023-39804 Ubuntu 20.04 LTS It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2022-38533) It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-4285, CVE-2020-19726, CVE-2021-46174) It was discovered that GNU binutils contained a reachable assertion, which could lead to an intentional assertion failure when processing certain crafted DWARF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-35205) Update Instructions: Run `sudo pro fix USN-6544-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils - 2.34-6ubuntu1.7 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.7 binutils-alpha-linux-gnu - 2.34-6ubuntu1.7 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.7 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.7 binutils-common - 2.34-6ubuntu1.7 binutils-dev - 2.34-6ubuntu1.7 binutils-doc - 2.34-6ubuntu1.7 binutils-for-build - 2.34-6ubuntu1.7 binutils-for-host - 2.34-6ubuntu1.7 binutils-hppa-linux-gnu - 2.34-6ubuntu1.7 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.7 binutils-i686-gnu - 2.34-6ubuntu1.7 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.7 binutils-i686-linux-gnu - 2.34-6ubuntu1.7 binutils-ia64-linux-gnu - 2.34-6ubuntu1.7 binutils-m68k-linux-gnu - 2.34-6ubuntu1.7 binutils-multiarch - 2.34-6ubuntu1.7 binutils-multiarch-dev - 2.34-6ubuntu1.7 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.7 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.7 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.7 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.7 binutils-s390x-linux-gnu - 2.34-6ubuntu1.7 binutils-sh4-linux-gnu - 2.34-6ubuntu1.7 binutils-source - 2.34-6ubuntu1.7 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.7 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.7 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.7 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.7 libbinutils - 2.34-6ubuntu1.7 libctf-nobfd0 - 2.34-6ubuntu1.7 libctf0 - 2.34-6ubuntu1.7 No subscription required Medium CVE-2020-19726 CVE-2021-46174 CVE-2022-35205 CVE-2022-38533 CVE-2022-4285 Ubuntu 20.04 LTS USN-6546-1 fixed vulnerabilities in LibreOffice. This update provides the corresponding updates for Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Original advisory details: Reginaldo Silva discovered that LibreOffice incorrectly handled filenames when passing embedded videos to GStreamer. If a user were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary GStreamer plugins. (CVE-2023-6185) Reginaldo Silva discovered that LibreOffice incorrectly handled certain non-typical hyperlinks. If a user were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary scripts. (CVE-2023-6186) Update Instructions: Run `sudo pro fix USN-6546-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.9 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.9 No subscription required gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.9 libjuh-java - 1:6.4.7-0ubuntu0.20.04.9 libjurt-java - 1:6.4.7-0ubuntu0.20.04.9 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.9 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.9 libreoffice - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.9 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.9 libridl-java - 1:6.4.7-0ubuntu0.20.04.9 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.9 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.9 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.9 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.9 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.9 libunoil-java - 1:6.4.7-0ubuntu0.20.04.9 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.9 python3-access2base - 1:6.4.7-0ubuntu0.20.04.9 python3-uno - 1:6.4.7-0ubuntu0.20.04.9 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.9 ure - 1:6.4.7-0ubuntu0.20.04.9 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.9 No subscription required Medium CVE-2023-6185 CVE-2023-6186 Ubuntu 20.04 LTS It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Update Instructions: Run `sudo pro fix USN-6548-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1035-xilinx-zynqmp - 5.4.0-1035.39 linux-headers-5.4.0-1035-xilinx-zynqmp - 5.4.0-1035.39 linux-image-5.4.0-1035-xilinx-zynqmp - 5.4.0-1035.39 linux-modules-5.4.0-1035-xilinx-zynqmp - 5.4.0-1035.39 linux-tools-5.4.0-1035-xilinx-zynqmp - 5.4.0-1035.39 linux-xilinx-zynqmp-headers-5.4.0-1035 - 5.4.0-1035.39 linux-xilinx-zynqmp-tools-5.4.0-1035 - 5.4.0-1035.39 No subscription required linux-buildinfo-5.4.0-1063-ibm - 5.4.0-1063.68 linux-headers-5.4.0-1063-ibm - 5.4.0-1063.68 linux-ibm-cloud-tools-common - 5.4.0-1063.68 linux-ibm-headers-5.4.0-1063 - 5.4.0-1063.68 linux-ibm-source-5.4.0 - 5.4.0-1063.68 linux-ibm-tools-5.4.0-1063 - 5.4.0-1063.68 linux-ibm-tools-common - 5.4.0-1063.68 linux-image-5.4.0-1063-ibm - 5.4.0-1063.68 linux-image-unsigned-5.4.0-1063-ibm - 5.4.0-1063.68 linux-modules-5.4.0-1063-ibm - 5.4.0-1063.68 linux-modules-extra-5.4.0-1063-ibm - 5.4.0-1063.68 linux-tools-5.4.0-1063-ibm - 5.4.0-1063.68 No subscription required linux-bluefield-headers-5.4.0-1076 - 5.4.0-1076.82 linux-bluefield-tools-5.4.0-1076 - 5.4.0-1076.82 linux-buildinfo-5.4.0-1076-bluefield - 5.4.0-1076.82 linux-headers-5.4.0-1076-bluefield - 5.4.0-1076.82 linux-image-5.4.0-1076-bluefield - 5.4.0-1076.82 linux-image-unsigned-5.4.0-1076-bluefield - 5.4.0-1076.82 linux-modules-5.4.0-1076-bluefield - 5.4.0-1076.82 linux-tools-5.4.0-1076-bluefield - 5.4.0-1076.82 No subscription required linux-buildinfo-5.4.0-1104-kvm - 5.4.0-1104.111 linux-headers-5.4.0-1104-kvm - 5.4.0-1104.111 linux-image-5.4.0-1104-kvm - 5.4.0-1104.111 linux-image-unsigned-5.4.0-1104-kvm - 5.4.0-1104.111 linux-kvm-headers-5.4.0-1104 - 5.4.0-1104.111 linux-kvm-tools-5.4.0-1104 - 5.4.0-1104.111 linux-modules-5.4.0-1104-kvm - 5.4.0-1104.111 linux-tools-5.4.0-1104-kvm - 5.4.0-1104.111 No subscription required linux-aws-cloud-tools-5.4.0-1116 - 5.4.0-1116.126 linux-aws-headers-5.4.0-1116 - 5.4.0-1116.126 linux-aws-tools-5.4.0-1116 - 5.4.0-1116.126 linux-buildinfo-5.4.0-1116-aws - 5.4.0-1116.126 linux-cloud-tools-5.4.0-1116-aws - 5.4.0-1116.126 linux-headers-5.4.0-1116-aws - 5.4.0-1116.126 linux-image-5.4.0-1116-aws - 5.4.0-1116.126 linux-image-unsigned-5.4.0-1116-aws - 5.4.0-1116.126 linux-modules-5.4.0-1116-aws - 5.4.0-1116.126 linux-modules-extra-5.4.0-1116-aws - 5.4.0-1116.126 linux-tools-5.4.0-1116-aws - 5.4.0-1116.126 No subscription required linux-buildinfo-5.4.0-1120-gcp - 5.4.0-1120.129 linux-gcp-headers-5.4.0-1120 - 5.4.0-1120.129 linux-gcp-tools-5.4.0-1120 - 5.4.0-1120.129 linux-headers-5.4.0-1120-gcp - 5.4.0-1120.129 linux-image-5.4.0-1120-gcp - 5.4.0-1120.129 linux-image-unsigned-5.4.0-1120-gcp - 5.4.0-1120.129 linux-modules-5.4.0-1120-gcp - 5.4.0-1120.129 linux-modules-extra-5.4.0-1120-gcp - 5.4.0-1120.129 linux-tools-5.4.0-1120-gcp - 5.4.0-1120.129 No subscription required linux-azure-cloud-tools-5.4.0-1121 - 5.4.0-1121.128 linux-azure-headers-5.4.0-1121 - 5.4.0-1121.128 linux-azure-tools-5.4.0-1121 - 5.4.0-1121.128 linux-buildinfo-5.4.0-1121-azure - 5.4.0-1121.128 linux-cloud-tools-5.4.0-1121-azure - 5.4.0-1121.128 linux-headers-5.4.0-1121-azure - 5.4.0-1121.128 linux-image-5.4.0-1121-azure - 5.4.0-1121.128 linux-image-unsigned-5.4.0-1121-azure - 5.4.0-1121.128 linux-modules-5.4.0-1121-azure - 5.4.0-1121.128 linux-modules-extra-5.4.0-1121-azure - 5.4.0-1121.128 linux-tools-5.4.0-1121-azure - 5.4.0-1121.128 No subscription required linux-buildinfo-5.4.0-169-generic - 5.4.0-169.187 linux-buildinfo-5.4.0-169-generic-lpae - 5.4.0-169.187 linux-buildinfo-5.4.0-169-lowlatency - 5.4.0-169.187 linux-cloud-tools-5.4.0-169 - 5.4.0-169.187 linux-cloud-tools-5.4.0-169-generic - 5.4.0-169.187 linux-cloud-tools-5.4.0-169-lowlatency - 5.4.0-169.187 linux-cloud-tools-common - 5.4.0-169.187 linux-doc - 5.4.0-169.187 linux-headers-5.4.0-169 - 5.4.0-169.187 linux-headers-5.4.0-169-generic - 5.4.0-169.187 linux-headers-5.4.0-169-generic-lpae - 5.4.0-169.187 linux-headers-5.4.0-169-lowlatency - 5.4.0-169.187 linux-image-5.4.0-169-generic - 5.4.0-169.187 linux-image-5.4.0-169-generic-lpae - 5.4.0-169.187 linux-image-5.4.0-169-lowlatency - 5.4.0-169.187 linux-image-unsigned-5.4.0-169-generic - 5.4.0-169.187 linux-image-unsigned-5.4.0-169-lowlatency - 5.4.0-169.187 linux-libc-dev - 5.4.0-169.187 linux-modules-5.4.0-169-generic - 5.4.0-169.187 linux-modules-5.4.0-169-generic-lpae - 5.4.0-169.187 linux-modules-5.4.0-169-lowlatency - 5.4.0-169.187 linux-modules-extra-5.4.0-169-generic - 5.4.0-169.187 linux-source-5.4.0 - 5.4.0-169.187 linux-tools-5.4.0-169 - 5.4.0-169.187 linux-tools-5.4.0-169-generic - 5.4.0-169.187 linux-tools-5.4.0-169-generic-lpae - 5.4.0-169.187 linux-tools-5.4.0-169-lowlatency - 5.4.0-169.187 linux-tools-common - 5.4.0-169.187 linux-tools-host - 5.4.0-169.187 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1035.35 linux-image-xilinx-zynqmp - 5.4.0.1035.35 linux-tools-xilinx-zynqmp - 5.4.0.1035.35 linux-xilinx-zynqmp - 5.4.0.1035.35 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1063.92 linux-ibm-lts-20.04 - 5.4.0.1063.92 linux-image-ibm-lts-20.04 - 5.4.0.1063.92 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1063.92 linux-tools-ibm-lts-20.04 - 5.4.0.1063.92 No subscription required linux-bluefield - 5.4.0.1076.71 linux-headers-bluefield - 5.4.0.1076.71 linux-image-bluefield - 5.4.0.1076.71 linux-tools-bluefield - 5.4.0.1076.71 No subscription required linux-headers-kvm - 5.4.0.1104.100 linux-image-kvm - 5.4.0.1104.100 linux-kvm - 5.4.0.1104.100 linux-tools-kvm - 5.4.0.1104.100 No subscription required linux-aws-lts-20.04 - 5.4.0.1116.113 linux-headers-aws-lts-20.04 - 5.4.0.1116.113 linux-image-aws-lts-20.04 - 5.4.0.1116.113 linux-modules-extra-aws-lts-20.04 - 5.4.0.1116.113 linux-tools-aws-lts-20.04 - 5.4.0.1116.113 No subscription required linux-gcp-lts-20.04 - 5.4.0.1120.122 linux-headers-gcp-lts-20.04 - 5.4.0.1120.122 linux-image-gcp-lts-20.04 - 5.4.0.1120.122 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1120.122 linux-tools-gcp-lts-20.04 - 5.4.0.1120.122 No subscription required linux-azure-lts-20.04 - 5.4.0.1121.114 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1121.114 linux-headers-azure-lts-20.04 - 5.4.0.1121.114 linux-image-azure-lts-20.04 - 5.4.0.1121.114 linux-modules-extra-azure-lts-20.04 - 5.4.0.1121.114 linux-tools-azure-lts-20.04 - 5.4.0.1121.114 No subscription required linux-cloud-tools-generic - 5.4.0.169.167 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.169.167 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.169.167 linux-cloud-tools-lowlatency - 5.4.0.169.167 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.169.167 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.169.167 linux-cloud-tools-virtual - 5.4.0.169.167 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.169.167 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.169.167 linux-crashdump - 5.4.0.169.167 linux-generic - 5.4.0.169.167 linux-generic-hwe-18.04 - 5.4.0.169.167 linux-generic-hwe-18.04-edge - 5.4.0.169.167 linux-generic-lpae - 5.4.0.169.167 linux-generic-lpae-hwe-18.04 - 5.4.0.169.167 linux-generic-lpae-hwe-18.04-edge - 5.4.0.169.167 linux-headers-generic - 5.4.0.169.167 linux-headers-generic-hwe-18.04 - 5.4.0.169.167 linux-headers-generic-hwe-18.04-edge - 5.4.0.169.167 linux-headers-generic-lpae - 5.4.0.169.167 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.169.167 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.169.167 linux-headers-lowlatency - 5.4.0.169.167 linux-headers-lowlatency-hwe-18.04 - 5.4.0.169.167 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.169.167 linux-headers-oem - 5.4.0.169.167 linux-headers-oem-osp1 - 5.4.0.169.167 linux-headers-virtual - 5.4.0.169.167 linux-headers-virtual-hwe-18.04 - 5.4.0.169.167 linux-headers-virtual-hwe-18.04-edge - 5.4.0.169.167 linux-image-extra-virtual - 5.4.0.169.167 linux-image-extra-virtual-hwe-18.04 - 5.4.0.169.167 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.169.167 linux-image-generic - 5.4.0.169.167 linux-image-generic-hwe-18.04 - 5.4.0.169.167 linux-image-generic-hwe-18.04-edge - 5.4.0.169.167 linux-image-generic-lpae - 5.4.0.169.167 linux-image-generic-lpae-hwe-18.04 - 5.4.0.169.167 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.169.167 linux-image-lowlatency - 5.4.0.169.167 linux-image-lowlatency-hwe-18.04 - 5.4.0.169.167 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.169.167 linux-image-oem - 5.4.0.169.167 linux-image-oem-osp1 - 5.4.0.169.167 linux-image-virtual - 5.4.0.169.167 linux-image-virtual-hwe-18.04 - 5.4.0.169.167 linux-image-virtual-hwe-18.04-edge - 5.4.0.169.167 linux-lowlatency - 5.4.0.169.167 linux-lowlatency-hwe-18.04 - 5.4.0.169.167 linux-lowlatency-hwe-18.04-edge - 5.4.0.169.167 linux-oem - 5.4.0.169.167 linux-oem-osp1 - 5.4.0.169.167 linux-oem-osp1-tools-host - 5.4.0.169.167 linux-oem-tools-host - 5.4.0.169.167 linux-source - 5.4.0.169.167 linux-tools-generic - 5.4.0.169.167 linux-tools-generic-hwe-18.04 - 5.4.0.169.167 linux-tools-generic-hwe-18.04-edge - 5.4.0.169.167 linux-tools-generic-lpae - 5.4.0.169.167 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.169.167 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.169.167 linux-tools-lowlatency - 5.4.0.169.167 linux-tools-lowlatency-hwe-18.04 - 5.4.0.169.167 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.169.167 linux-tools-oem - 5.4.0.169.167 linux-tools-oem-osp1 - 5.4.0.169.167 linux-tools-virtual - 5.4.0.169.167 linux-tools-virtual-hwe-18.04 - 5.4.0.169.167 linux-tools-virtual-hwe-18.04-edge - 5.4.0.169.167 linux-virtual - 5.4.0.169.167 linux-virtual-hwe-18.04 - 5.4.0.169.167 linux-virtual-hwe-18.04-edge - 5.4.0.169.167 No subscription required High CVE-2023-3006 CVE-2023-37453 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-42754 CVE-2023-5178 CVE-2023-5717 CVE-2023-6176 Ubuntu 20.04 LTS It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Update Instructions: Run `sudo pro fix USN-6548-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1100-raspi - 5.4.0-1100.112 linux-headers-5.4.0-1100-raspi - 5.4.0-1100.112 linux-image-5.4.0-1100-raspi - 5.4.0-1100.112 linux-modules-5.4.0-1100-raspi - 5.4.0-1100.112 linux-raspi-headers-5.4.0-1100 - 5.4.0-1100.112 linux-raspi-tools-5.4.0-1100 - 5.4.0-1100.112 linux-tools-5.4.0-1100-raspi - 5.4.0-1100.112 No subscription required linux-headers-raspi - 5.4.0.1100.130 linux-headers-raspi-hwe-18.04 - 5.4.0.1100.130 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1100.130 linux-headers-raspi2 - 5.4.0.1100.130 linux-headers-raspi2-hwe-18.04 - 5.4.0.1100.130 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1100.130 linux-image-raspi - 5.4.0.1100.130 linux-image-raspi-hwe-18.04 - 5.4.0.1100.130 linux-image-raspi-hwe-18.04-edge - 5.4.0.1100.130 linux-image-raspi2 - 5.4.0.1100.130 linux-image-raspi2-hwe-18.04 - 5.4.0.1100.130 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1100.130 linux-raspi - 5.4.0.1100.130 linux-raspi-hwe-18.04 - 5.4.0.1100.130 linux-raspi-hwe-18.04-edge - 5.4.0.1100.130 linux-raspi2 - 5.4.0.1100.130 linux-raspi2-hwe-18.04 - 5.4.0.1100.130 linux-raspi2-hwe-18.04-edge - 5.4.0.1100.130 linux-tools-raspi - 5.4.0.1100.130 linux-tools-raspi-hwe-18.04 - 5.4.0.1100.130 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1100.130 linux-tools-raspi2 - 5.4.0.1100.130 linux-tools-raspi2-hwe-18.04 - 5.4.0.1100.130 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1100.130 No subscription required High CVE-2023-3006 CVE-2023-37453 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-42754 CVE-2023-5178 CVE-2023-5717 CVE-2023-6176 Ubuntu 20.04 LTS It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Update Instructions: Run `sudo pro fix USN-6548-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1115-oracle - 5.4.0-1115.124 linux-headers-5.4.0-1115-oracle - 5.4.0-1115.124 linux-image-5.4.0-1115-oracle - 5.4.0-1115.124 linux-image-unsigned-5.4.0-1115-oracle - 5.4.0-1115.124 linux-modules-5.4.0-1115-oracle - 5.4.0-1115.124 linux-modules-extra-5.4.0-1115-oracle - 5.4.0-1115.124 linux-oracle-headers-5.4.0-1115 - 5.4.0-1115.124 linux-oracle-tools-5.4.0-1115 - 5.4.0-1115.124 linux-tools-5.4.0-1115-oracle - 5.4.0-1115.124 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1115.108 linux-image-oracle-lts-20.04 - 5.4.0.1115.108 linux-oracle-lts-20.04 - 5.4.0.1115.108 linux-tools-oracle-lts-20.04 - 5.4.0.1115.108 No subscription required High CVE-2023-3006 CVE-2023-37453 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-42754 CVE-2023-5178 CVE-2023-5717 CVE-2023-6176 Ubuntu 20.04 LTS It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Update Instructions: Run `sudo pro fix USN-6548-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-cloud-tools-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-gkeop-cloud-tools-5.4.0-1083 - 5.4.0-1083.87 linux-gkeop-headers-5.4.0-1083 - 5.4.0-1083.87 linux-gkeop-source-5.4.0 - 5.4.0-1083.87 linux-gkeop-tools-5.4.0-1083 - 5.4.0-1083.87 linux-headers-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-image-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-image-unsigned-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-modules-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-modules-extra-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-tools-5.4.0-1083-gkeop - 5.4.0-1083.87 No subscription required linux-cloud-tools-gkeop - 5.4.0.1083.81 linux-cloud-tools-gkeop-5.4 - 5.4.0.1083.81 linux-gkeop - 5.4.0.1083.81 linux-gkeop-5.4 - 5.4.0.1083.81 linux-headers-gkeop - 5.4.0.1083.81 linux-headers-gkeop-5.4 - 5.4.0.1083.81 linux-image-gkeop - 5.4.0.1083.81 linux-image-gkeop-5.4 - 5.4.0.1083.81 linux-modules-extra-gkeop - 5.4.0.1083.81 linux-modules-extra-gkeop-5.4 - 5.4.0.1083.81 linux-tools-gkeop - 5.4.0.1083.81 linux-tools-gkeop-5.4 - 5.4.0.1083.81 No subscription required High CVE-2023-3006 CVE-2023-37453 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-42754 CVE-2023-5178 CVE-2023-5717 CVE-2023-6176 Ubuntu 20.04 LTS It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Update Instructions: Run `sudo pro fix USN-6548-5` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1028-iot - 5.4.0-1028.29 linux-headers-5.4.0-1028-iot - 5.4.0-1028.29 linux-image-5.4.0-1028-iot - 5.4.0-1028.29 linux-image-unsigned-5.4.0-1028-iot - 5.4.0-1028.29 linux-iot-headers-5.4.0-1028 - 5.4.0-1028.29 linux-iot-tools-5.4.0-1028 - 5.4.0-1028.29 linux-iot-tools-common - 5.4.0-1028.29 linux-modules-5.4.0-1028-iot - 5.4.0-1028.29 linux-tools-5.4.0-1028-iot - 5.4.0-1028.29 No subscription required linux-headers-iot - 5.4.0.1028.26 linux-image-iot - 5.4.0.1028.26 linux-iot - 5.4.0.1028.26 linux-tools-iot - 5.4.0.1028.26 No subscription required High CVE-2023-3006 CVE-2023-37453 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-42754 CVE-2023-5178 CVE-2023-5717 CVE-2023-6176 Ubuntu 20.04 LTS It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3773) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) It was discovered that a race condition existed in QXL virtual GPU driver in the Linux kernel, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-39198) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Jason Wang discovered that the virtio ring implementation in the Linux kernel did not properly handle iov buffers in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2023-5158) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) Update Instructions: Run `sudo pro fix USN-6549-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 linux-headers-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 linux-ibm-5.15-headers-5.15.0-1044 - 5.15.0-1044.47~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1044.47~20.04.1 linux-ibm-5.15-tools-5.15.0-1044 - 5.15.0-1044.47~20.04.1 linux-image-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 linux-image-unsigned-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 linux-modules-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 linux-modules-extra-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 linux-tools-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 No subscription required linux-buildinfo-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 linux-headers-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 linux-image-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 linux-image-unsigned-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 linux-modules-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 linux-modules-extra-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 linux-oracle-5.15-headers-5.15.0-1049 - 5.15.0-1049.55~20.04.1 linux-oracle-5.15-tools-5.15.0-1049 - 5.15.0-1049.55~20.04.1 linux-tools-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1051 - 5.15.0-1051.56~20.04.1 linux-aws-5.15-headers-5.15.0-1051 - 5.15.0-1051.56~20.04.1 linux-aws-5.15-tools-5.15.0-1051 - 5.15.0-1051.56~20.04.1 linux-buildinfo-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-cloud-tools-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-headers-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-image-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-image-unsigned-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-modules-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-modules-extra-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-tools-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1053 - 5.15.0-1053.61~20.04.1 linux-azure-5.15-headers-5.15.0-1053 - 5.15.0-1053.61~20.04.1 linux-azure-5.15-tools-5.15.0-1053 - 5.15.0-1053.61~20.04.1 linux-buildinfo-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-cloud-tools-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-headers-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-image-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-image-unsigned-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-modules-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-modules-extra-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-tools-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 No subscription required linux-image-5.15.0-1053-azure-fde - 5.15.0-1053.61~20.04.1.1 linux-image-unsigned-5.15.0-1053-azure-fde - 5.15.0-1053.61~20.04.1.1 No subscription required linux-buildinfo-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-buildinfo-5.15.0-91-generic-64k - 5.15.0-91.101~20.04.1 linux-buildinfo-5.15.0-91-generic-lpae - 5.15.0-91.101~20.04.1 linux-cloud-tools-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-headers-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-headers-5.15.0-91-generic-64k - 5.15.0-91.101~20.04.1 linux-headers-5.15.0-91-generic-lpae - 5.15.0-91.101~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-91 - 5.15.0-91.101~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-91.101~20.04.1 linux-hwe-5.15-headers-5.15.0-91 - 5.15.0-91.101~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-91.101~20.04.1 linux-hwe-5.15-tools-5.15.0-91 - 5.15.0-91.101~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-91.101~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-91.101~20.04.1 linux-image-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-image-5.15.0-91-generic-64k - 5.15.0-91.101~20.04.1 linux-image-5.15.0-91-generic-lpae - 5.15.0-91.101~20.04.1 linux-image-unsigned-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-image-unsigned-5.15.0-91-generic-64k - 5.15.0-91.101~20.04.1 linux-modules-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-modules-5.15.0-91-generic-64k - 5.15.0-91.101~20.04.1 linux-modules-5.15.0-91-generic-lpae - 5.15.0-91.101~20.04.1 linux-modules-extra-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-modules-iwlwifi-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-tools-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-tools-5.15.0-91-generic-64k - 5.15.0-91.101~20.04.1 linux-tools-5.15.0-91-generic-lpae - 5.15.0-91.101~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1044.47~20.04.16 linux-headers-ibm-edge - 5.15.0.1044.47~20.04.16 linux-ibm - 5.15.0.1044.47~20.04.16 linux-ibm-edge - 5.15.0.1044.47~20.04.16 linux-image-ibm - 5.15.0.1044.47~20.04.16 linux-image-ibm-edge - 5.15.0.1044.47~20.04.16 linux-tools-ibm - 5.15.0.1044.47~20.04.16 linux-tools-ibm-edge - 5.15.0.1044.47~20.04.16 No subscription required linux-headers-oracle - 5.15.0.1049.55~20.04.1 linux-headers-oracle-edge - 5.15.0.1049.55~20.04.1 linux-image-oracle - 5.15.0.1049.55~20.04.1 linux-image-oracle-edge - 5.15.0.1049.55~20.04.1 linux-oracle - 5.15.0.1049.55~20.04.1 linux-oracle-edge - 5.15.0.1049.55~20.04.1 linux-tools-oracle - 5.15.0.1049.55~20.04.1 linux-tools-oracle-edge - 5.15.0.1049.55~20.04.1 No subscription required linux-aws - 5.15.0.1051.56~20.04.39 linux-aws-edge - 5.15.0.1051.56~20.04.39 linux-headers-aws - 5.15.0.1051.56~20.04.39 linux-headers-aws-edge - 5.15.0.1051.56~20.04.39 linux-image-aws - 5.15.0.1051.56~20.04.39 linux-image-aws-edge - 5.15.0.1051.56~20.04.39 linux-modules-extra-aws - 5.15.0.1051.56~20.04.39 linux-modules-extra-aws-edge - 5.15.0.1051.56~20.04.39 linux-tools-aws - 5.15.0.1051.56~20.04.39 linux-tools-aws-edge - 5.15.0.1051.56~20.04.39 No subscription required linux-azure-fde - 5.15.0.1053.61~20.04.1.31 linux-azure-fde-edge - 5.15.0.1053.61~20.04.1.31 linux-cloud-tools-azure-fde - 5.15.0.1053.61~20.04.1.31 linux-cloud-tools-azure-fde-edge - 5.15.0.1053.61~20.04.1.31 linux-headers-azure-fde - 5.15.0.1053.61~20.04.1.31 linux-headers-azure-fde-edge - 5.15.0.1053.61~20.04.1.31 linux-image-azure-fde - 5.15.0.1053.61~20.04.1.31 linux-image-azure-fde-edge - 5.15.0.1053.61~20.04.1.31 linux-modules-extra-azure-fde - 5.15.0.1053.61~20.04.1.31 linux-modules-extra-azure-fde-edge - 5.15.0.1053.61~20.04.1.31 linux-tools-azure-fde - 5.15.0.1053.61~20.04.1.31 linux-tools-azure-fde-edge - 5.15.0.1053.61~20.04.1.31 No subscription required linux-azure - 5.15.0.1053.61~20.04.42 linux-azure-cvm - 5.15.0.1053.61~20.04.42 linux-azure-edge - 5.15.0.1053.61~20.04.42 linux-cloud-tools-azure - 5.15.0.1053.61~20.04.42 linux-cloud-tools-azure-cvm - 5.15.0.1053.61~20.04.42 linux-cloud-tools-azure-edge - 5.15.0.1053.61~20.04.42 linux-headers-azure - 5.15.0.1053.61~20.04.42 linux-headers-azure-cvm - 5.15.0.1053.61~20.04.42 linux-headers-azure-edge - 5.15.0.1053.61~20.04.42 linux-image-azure - 5.15.0.1053.61~20.04.42 linux-image-azure-cvm - 5.15.0.1053.61~20.04.42 linux-image-azure-edge - 5.15.0.1053.61~20.04.42 linux-modules-extra-azure - 5.15.0.1053.61~20.04.42 linux-modules-extra-azure-cvm - 5.15.0.1053.61~20.04.42 linux-modules-extra-azure-edge - 5.15.0.1053.61~20.04.42 linux-tools-azure - 5.15.0.1053.61~20.04.42 linux-tools-azure-cvm - 5.15.0.1053.61~20.04.42 linux-tools-azure-edge - 5.15.0.1053.61~20.04.42 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-generic-64k-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-generic-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-generic-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-generic-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-generic-lpae-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-generic-lpae-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-headers-generic-64k-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-headers-generic-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-headers-generic-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-headers-oem-20.04 - 5.15.0.91.101~20.04.48 linux-headers-oem-20.04b - 5.15.0.91.101~20.04.48 linux-headers-oem-20.04c - 5.15.0.91.101~20.04.48 linux-headers-oem-20.04d - 5.15.0.91.101~20.04.48 linux-headers-virtual-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-headers-virtual-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-image-extra-virtual-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-image-generic-64k-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-image-generic-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-image-generic-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-image-generic-lpae-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-image-oem-20.04 - 5.15.0.91.101~20.04.48 linux-image-oem-20.04b - 5.15.0.91.101~20.04.48 linux-image-oem-20.04c - 5.15.0.91.101~20.04.48 linux-image-oem-20.04d - 5.15.0.91.101~20.04.48 linux-image-virtual-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-image-virtual-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-modules-iwlwifi-oem-20.04 - 5.15.0.91.101~20.04.48 linux-modules-iwlwifi-oem-20.04d - 5.15.0.91.101~20.04.48 linux-oem-20.04 - 5.15.0.91.101~20.04.48 linux-oem-20.04b - 5.15.0.91.101~20.04.48 linux-oem-20.04c - 5.15.0.91.101~20.04.48 linux-oem-20.04d - 5.15.0.91.101~20.04.48 linux-tools-generic-64k-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-tools-generic-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-tools-generic-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-tools-oem-20.04 - 5.15.0.91.101~20.04.48 linux-tools-oem-20.04b - 5.15.0.91.101~20.04.48 linux-tools-oem-20.04c - 5.15.0.91.101~20.04.48 linux-tools-oem-20.04d - 5.15.0.91.101~20.04.48 linux-tools-virtual-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-tools-virtual-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-virtual-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-virtual-hwe-20.04-edge - 5.15.0.91.101~20.04.48 No subscription required Medium CVE-2023-37453 CVE-2023-3773 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-39198 CVE-2023-42754 CVE-2023-5158 CVE-2023-5178 CVE-2023-5717 Ubuntu 20.04 LTS It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3773) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) It was discovered that a race condition existed in QXL virtual GPU driver in the Linux kernel, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-39198) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Jason Wang discovered that the virtio ring implementation in the Linux kernel did not properly handle iov buffers in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2023-5158) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) Update Instructions: Run `sudo pro fix USN-6549-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-cloud-tools-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1034 - 5.15.0-1034.40~20.04.1 linux-gkeop-5.15-headers-5.15.0-1034 - 5.15.0-1034.40~20.04.1 linux-gkeop-5.15-tools-5.15.0-1034 - 5.15.0-1034.40~20.04.1 linux-headers-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-image-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-image-unsigned-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-modules-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-modules-extra-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-tools-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1034.40~20.04.30 linux-cloud-tools-gkeop-edge - 5.15.0.1034.40~20.04.30 linux-gkeop-5.15 - 5.15.0.1034.40~20.04.30 linux-gkeop-edge - 5.15.0.1034.40~20.04.30 linux-headers-gkeop-5.15 - 5.15.0.1034.40~20.04.30 linux-headers-gkeop-edge - 5.15.0.1034.40~20.04.30 linux-image-gkeop-5.15 - 5.15.0.1034.40~20.04.30 linux-image-gkeop-edge - 5.15.0.1034.40~20.04.30 linux-modules-extra-gkeop-5.15 - 5.15.0.1034.40~20.04.30 linux-modules-extra-gkeop-edge - 5.15.0.1034.40~20.04.30 linux-tools-gkeop-5.15 - 5.15.0.1034.40~20.04.30 linux-tools-gkeop-edge - 5.15.0.1034.40~20.04.30 No subscription required Medium CVE-2023-37453 CVE-2023-3773 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-39198 CVE-2023-42754 CVE-2023-5158 CVE-2023-5178 CVE-2023-5717 Ubuntu 20.04 LTS It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3773) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) It was discovered that a race condition existed in QXL virtual GPU driver in the Linux kernel, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-39198) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Jason Wang discovered that the virtio ring implementation in the Linux kernel did not properly handle iov buffers in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2023-5158) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) Update Instructions: Run `sudo pro fix USN-6549-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-buildinfo-5.15.0-91-lowlatency-64k - 5.15.0-91.101~20.04.1 linux-cloud-tools-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-headers-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-headers-5.15.0-91-lowlatency-64k - 5.15.0-91.101~20.04.1 linux-image-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-image-5.15.0-91-lowlatency-64k - 5.15.0-91.101~20.04.1 linux-image-unsigned-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-image-unsigned-5.15.0-91-lowlatency-64k - 5.15.0-91.101~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-91 - 5.15.0-91.101~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-91.101~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-91 - 5.15.0-91.101~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-91 - 5.15.0-91.101~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-91.101~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-91.101~20.04.1 linux-modules-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-modules-5.15.0-91-lowlatency-64k - 5.15.0-91.101~20.04.1 linux-modules-iwlwifi-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-tools-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-tools-5.15.0-91-lowlatency-64k - 5.15.0-91.101~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-headers-lowlatency-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-image-lowlatency-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-lowlatency-64k-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-lowlatency-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-lowlatency-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-tools-lowlatency-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.91.101~20.04.45 No subscription required Medium CVE-2023-37453 CVE-2023-3773 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-39198 CVE-2023-42754 CVE-2023-5158 CVE-2023-5178 CVE-2023-5717 Ubuntu 20.04 LTS It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3773) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) It was discovered that a race condition existed in QXL virtual GPU driver in the Linux kernel, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-39198) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Jason Wang discovered that the virtio ring implementation in the Linux kernel did not properly handle iov buffers in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2023-5158) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) Update Instructions: Run `sudo pro fix USN-6549-5` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-cloud-tools-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-headers-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-image-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-image-unsigned-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1046 - 5.15.0-1046.52~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1046.52~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1046 - 5.15.0-1046.52~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1046 - 5.15.0-1046.52~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1046.52~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1046.52~20.04.1 linux-modules-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-modules-extra-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-modules-iwlwifi-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-tools-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 No subscription required linux-buildinfo-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-gcp-5.15-headers-5.15.0-1048 - 5.15.0-1048.56~20.04.1 linux-gcp-5.15-tools-5.15.0-1048 - 5.15.0-1048.56~20.04.1 linux-headers-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-image-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-image-unsigned-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-modules-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-modules-extra-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-modules-iwlwifi-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-tools-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1046.52~20.04.36 linux-headers-intel - 5.15.0.1046.52~20.04.36 linux-headers-intel-iotg - 5.15.0.1046.52~20.04.36 linux-headers-intel-iotg-edge - 5.15.0.1046.52~20.04.36 linux-image-intel - 5.15.0.1046.52~20.04.36 linux-image-intel-iotg - 5.15.0.1046.52~20.04.36 linux-image-intel-iotg-edge - 5.15.0.1046.52~20.04.36 linux-intel - 5.15.0.1046.52~20.04.36 linux-intel-iotg - 5.15.0.1046.52~20.04.36 linux-intel-iotg-edge - 5.15.0.1046.52~20.04.36 linux-tools-intel - 5.15.0.1046.52~20.04.36 linux-tools-intel-iotg - 5.15.0.1046.52~20.04.36 linux-tools-intel-iotg-edge - 5.15.0.1046.52~20.04.36 No subscription required linux-gcp - 5.15.0.1048.56~20.04.1 linux-gcp-edge - 5.15.0.1048.56~20.04.1 linux-headers-gcp - 5.15.0.1048.56~20.04.1 linux-headers-gcp-edge - 5.15.0.1048.56~20.04.1 linux-image-gcp - 5.15.0.1048.56~20.04.1 linux-image-gcp-edge - 5.15.0.1048.56~20.04.1 linux-modules-extra-gcp - 5.15.0.1048.56~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1048.56~20.04.1 linux-tools-gcp - 5.15.0.1048.56~20.04.1 linux-tools-gcp-edge - 5.15.0.1048.56~20.04.1 No subscription required Medium CVE-2023-37453 CVE-2023-3773 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-39198 CVE-2023-42754 CVE-2023-5158 CVE-2023-5178 CVE-2023-5717 Ubuntu 20.04 LTS It was discovered that Smarty, that is integrated in the PostfixAdmin code, was not properly sanitizing user input when generating templates. An attacker could, through PHP injection, possibly use this issue to execute arbitrary code. (CVE-2022-29221) It was discovered that Moment.js, that is integrated in the PostfixAdmin code, was using an inefficient parsing algorithm when processing date strings in the RFC 2822 standard. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-31129) It was discovered that Smarty, that is integrated in the PostfixAdmin code, was not properly escaping JavaScript code. An attacker could possibly use this issue to conduct cross-site scripting attacks (XSS). (CVE-2023-28447) Update Instructions: Run `sudo pro fix USN-6550-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postfixadmin - 3.2.1-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2022-29221 CVE-2022-31129 CVE-2023-28447 Ubuntu 20.04 LTS Florent Saudel and Arnaud Gatignol discovered that Netatalk incorrectly handled certain specially crafted Spotlight requests. A remote attacker could possibly use this issue to cause heap corruption and execute arbitrary code. (CVE-2023-42464) Update Instructions: Run `sudo pro fix USN-6552-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: netatalk - 3.1.12~ds-4ubuntu0.20.04.3 No subscription required Medium CVE-2023-42464 Ubuntu 20.04 LTS Nina Jensen discovered that Pydantic incorrectly handled user input in the date and datetime fields. An attacker could possibly use this issue to cause a denial of service via application crash. (CVE-2021-29510) Update Instructions: Run `sudo pro fix USN-6553-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pydantic - 1.2-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-29510 Ubuntu 20.04 LTS Zygmunt Krynicki discovered that GNOME Settings did not accurately reflect the SSH remote login status when the system was configured to use systemd socket activation for OpenSSH. Remote SSH access may be unknowingly enabled, contrary to expectation. Update Instructions: Run `sudo pro fix USN-6554-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnome-control-center - 1:3.36.5-0ubuntu4.1 gnome-control-center-data - 1:3.36.5-0ubuntu4.1 gnome-control-center-dev - 1:3.36.5-0ubuntu4.1 gnome-control-center-faces - 1:3.36.5-0ubuntu4.1 No subscription required Medium CVE-2023-5616 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled XKB button actions. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. (CVE-2023-6377) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty APIs. An attacker could possibly use this issue to cause the X Server to crash, or obtain sensitive information. (CVE-2023-6478) Update Instructions: Run `sudo pro fix USN-6555-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xdmx - 2:1.20.13-1ubuntu1~20.04.12 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.12 xnest - 2:1.20.13-1ubuntu1~20.04.12 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.12 xserver-common - 2:1.20.13-1ubuntu1~20.04.12 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.12 xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.12 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.12 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.12 xvfb - 2:1.20.13-1ubuntu1~20.04.12 xwayland - 2:1.20.13-1ubuntu1~20.04.12 No subscription required Medium CVE-2023-6377 CVE-2023-6478 Ubuntu 20.04 LTS It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1725) It was discovered that Vim could be made to recurse infinitely. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1771) It was discovered that Vim could be made to write out of bounds with a put command. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1886) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1897, CVE-2022-2000) It was discovered that Vim did not properly manage memory in the spell command. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2042) It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-46246, CVE-2023-48231) It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-48232) It was discovered that Vim contained multiple arithmetic overflows. An attacker could possibly use these issues to cause a denial of service. (CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237) It was discovered that Vim did not properly manage memory in the substitute command. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-48706) Update Instructions: Run `sudo pro fix USN-6557-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:8.1.2269-1ubuntu5.21 vim-athena - 2:8.1.2269-1ubuntu5.21 vim-common - 2:8.1.2269-1ubuntu5.21 vim-doc - 2:8.1.2269-1ubuntu5.21 vim-gtk - 2:8.1.2269-1ubuntu5.21 vim-gtk3 - 2:8.1.2269-1ubuntu5.21 vim-gui-common - 2:8.1.2269-1ubuntu5.21 vim-nox - 2:8.1.2269-1ubuntu5.21 vim-runtime - 2:8.1.2269-1ubuntu5.21 vim-tiny - 2:8.1.2269-1ubuntu5.21 xxd - 2:8.1.2269-1ubuntu5.21 No subscription required Medium CVE-2022-1725 CVE-2022-1771 CVE-2022-1886 CVE-2022-1897 CVE-2022-2000 CVE-2022-2042 CVE-2023-46246 CVE-2023-48231 CVE-2023-48232 CVE-2023-48233 CVE-2023-48234 CVE-2023-48235 CVE-2023-48236 CVE-2023-48237 CVE-2023-48706 Ubuntu 20.04 LTS It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-13440) It was discovered that audiofile could be made to write out of bounds. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-17095) It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2019-13147) It was discovered that audiofile could be made to leak memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to obtain sensitive information. (CVE-2022-24599) Update Instructions: Run `sudo pro fix USN-6558-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: audiofile-tools - 0.3.6-5+deb10u1build0.20.04.1 libaudiofile-dev - 0.3.6-5+deb10u1build0.20.04.1 libaudiofile1 - 0.3.6-5+deb10u1build0.20.04.1 No subscription required Medium CVE-2018-13440 CVE-2018-17095 CVE-2019-13147 CVE-2022-24599 Ubuntu 20.04 LTS It was discovered that ZooKeeper incorrectly handled authorization for the getACL() command. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2019-0201) Damien Diederen discovered that ZooKeeper incorrectly handled authorization if SASL Quorum Peer authentication is enabled. An attacker could possibly use this issue to bypass ZooKeeper's authorization system. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-44981) Update Instructions: Run `sudo pro fix USN-6559-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libzookeeper-java - 3.4.13-5ubuntu0.1 libzookeeper-java-doc - 3.4.13-5ubuntu0.1 libzookeeper-mt-dev - 3.4.13-5ubuntu0.1 libzookeeper-mt2 - 3.4.13-5ubuntu0.1 libzookeeper-st-dev - 3.4.13-5ubuntu0.1 libzookeeper-st2 - 3.4.13-5ubuntu0.1 python3-zookeeper - 3.4.13-5ubuntu0.1 zookeeper - 3.4.13-5ubuntu0.1 zookeeper-bin - 3.4.13-5ubuntu0.1 zookeeperd - 3.4.13-5ubuntu0.1 No subscription required Medium CVE-2019-0201 CVE-2023-44981 Ubuntu 20.04 LTS Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. (CVE-2023-48795) Luci Stanescu discovered that OpenSSH incorrectly added destination constraints when smartcard keys were added to ssh-agent, contrary to expectations. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-28531) Update Instructions: Run `sudo pro fix USN-6560-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-client - 1:8.2p1-4ubuntu0.10 openssh-server - 1:8.2p1-4ubuntu0.10 openssh-sftp-server - 1:8.2p1-4ubuntu0.10 openssh-tests - 1:8.2p1-4ubuntu0.10 ssh - 1:8.2p1-4ubuntu0.10 ssh-askpass-gnome - 1:8.2p1-4ubuntu0.10 No subscription required Medium CVE-2023-28531 CVE-2023-48795 Ubuntu 20.04 LTS Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. Update Instructions: Run `sudo pro fix USN-6561-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh-4 - 0.9.3-2ubuntu2.4 libssh-dev - 0.9.3-2ubuntu2.4 libssh-doc - 0.9.3-2ubuntu2.4 libssh-gcrypt-4 - 0.9.3-2ubuntu2.4 libssh-gcrypt-dev - 0.9.3-2ubuntu2.4 No subscription required Medium CVE-2023-48795 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code.(CVE-2023-6865, CVE-2023-6857, CVE-2023-6858, CVE-2023-6859, CVE-2023-6866, CVE-2023-6867, CVE-2023-6861, CVE-2023-6869, CVE-2023-6871, CVE-2023-6872, CVE-2023-6863, CVE-2023-6864, CVE-2023-6873) DoHyun Lee discovered that Firefox did not properly manage memory when used on systems with the Mesa VM driver. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2023-6856) George Pantela and Hubert Kario discovered that Firefox using multiple NSS NIST curves which were susceptible to a side-channel attack known as "Minerva". An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6135) Andrew Osmond discovered that Firefox did not properly validate the textures produced by remote decoders. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2023-6860) Update Instructions: Run `sudo pro fix USN-6562-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 121.0+build1-0ubuntu0.20.04.1 firefox-dev - 121.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-nl - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-tg - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 121.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 121.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-6856 CVE-2023-6135 CVE-2023-6865 CVE-2023-6857 CVE-2023-6858 CVE-2023-6859 CVE-2023-6866 CVE-2023-6860 CVE-2023-6867 CVE-2023-6861 CVE-2023-6869 CVE-2023-6871 CVE-2023-6872 CVE-2023-6863 CVE-2023-6864 CVE-2023-6873 Ubuntu 20.04 LTS USN-6562-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code.(CVE-2023-6865, CVE-2023-6857, CVE-2023-6858, CVE-2023-6859, CVE-2023-6866, CVE-2023-6867, CVE-2023-6861, CVE-2023-6869, CVE-2023-6871, CVE-2023-6872, CVE-2023-6863, CVE-2023-6864, CVE-2023-6873) DoHyun Lee discovered that Firefox did not properly manage memory when used on systems with the Mesa VM driver. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2023-6856) George Pantela and Hubert Kario discovered that Firefox using multiple NSS NIST curves which were susceptible to a side-channel attack known as "Minerva". An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6135) Andrew Osmond discovered that Firefox did not properly validate the textures produced by remote decoders. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2023-6860) Update Instructions: Run `sudo pro fix USN-6562-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 121.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 121.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nl - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 121.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 121.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2048961 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code.(CVE-2023-6857, CVE-2023-6858, CVE-2023-6859, CVE-2023-6861, CVE-2023-6862, CVE-2023-6863, CVE-2023-6864) Marcus Brinkmann discovered that Thunderbird did not properly parse a PGP/MIME payload that contains digitally signed text. An attacker could potentially exploit this issue to spoof an email message. (CVE-2023-50762) Marcus Brinkmann discovered that Thunderbird did not properly compare the signature creation date with the message date and time when using digitally signed S/MIME email message. An attacker could potentially exploit this issue to spoof date and time of an email message. (CVE-2023-50761) DoHyun Lee discovered that Thunderbird did not properly manage memory when used on systems with the Mesa VM driver. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2023-6856) Andrew Osmond discovered that Thunderbird did not properly validate the textures produced by remote decoders. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2023-6860) Update Instructions: Run `sudo pro fix USN-6563-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.6.0+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.6.0+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.6.0+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.6.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-50762 CVE-2023-50761 CVE-2023-6856 CVE-2023-6857 CVE-2023-6858 CVE-2023-6859 CVE-2023-6860 CVE-2023-6861 CVE-2023-6862 CVE-2023-6863 CVE-2023-6864 Ubuntu 20.04 LTS It was discovered that OpenSSH incorrectly handled supplemental groups when running helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand as a different user. An attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-41617) It was discovered that OpenSSH incorrectly added destination constraints when PKCS#11 token keys were added to ssh-agent, contrary to expectations. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-51384) It was discovered that OpenSSH incorrectly handled user names or host names with shell metacharacters. An attacker could possibly use this issue to perform OS command injection. (CVE-2023-51385) Update Instructions: Run `sudo pro fix USN-6565-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-client - 1:8.2p1-4ubuntu0.11 openssh-server - 1:8.2p1-4ubuntu0.11 openssh-sftp-server - 1:8.2p1-4ubuntu0.11 openssh-tests - 1:8.2p1-4ubuntu0.11 ssh - 1:8.2p1-4ubuntu0.11 ssh-askpass-gnome - 1:8.2p1-4ubuntu0.11 No subscription required Medium CVE-2021-41617 CVE-2023-51384 CVE-2023-51385 Ubuntu 20.04 LTS It was discovered that SQLite incorrectly handled certain protection mechanisms when using a CLI script with the --safe option, contrary to expectations. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-46908) It was discovered that SQLite incorrectly handled certain memory operations in the sessions extension. A remote attacker could possibly use this issue to cause SQLite to crash, resulting in a denial of service. (CVE-2023-7104) Update Instructions: Run `sudo pro fix USN-6566-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.31.1-4ubuntu0.6 libsqlite3-0 - 3.31.1-4ubuntu0.6 libsqlite3-dev - 3.31.1-4ubuntu0.6 libsqlite3-tcl - 3.31.1-4ubuntu0.6 sqlite3 - 3.31.1-4ubuntu0.6 sqlite3-doc - 3.31.1-4ubuntu0.6 No subscription required Medium CVE-2022-46908 CVE-2023-7104 Ubuntu 20.04 LTS Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2020-14394) It was discovered that QEMU incorrectly handled the TCG Accelerator. A local attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code and esclate privileges. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-24165) It was discovered that QEMU incorrectly handled the Intel HD audio device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2021-3611) It was discovered that QEMU incorrectly handled the ATI VGA device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-3638) It was discovered that QEMU incorrectly handled the VMWare paravirtual RDMA device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. (CVE-2023-1544) It was discovered that QEMU incorrectly handled the 9p passthrough filesystem. A malicious guest attacker could possibly use this issue to open special files and escape the exported 9p tree. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-2861) It was discovered that QEMU incorrectly handled the virtual crypto device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-3180) It was discovered that QEMU incorrectly handled the built-in VNC server. A remote authenticated attacker could possibly use this issue to cause QEMU to stop responding, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-3255) It was discovered that QEMU incorrectly handled net device hot-unplugging. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-3301) It was discovered that QEMU incorrectly handled the built-in VNC server. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-3354) It was discovered that QEMU incorrectly handled NVME devices. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 23.10. (CVE-2023-40360) It was discovered that QEMU incorrectly handled NVME devices. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 23.10. (CVE-2023-4135) It was discovered that QEMU incorrectly handled SCSI devices. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-42467) It was discovered that QEMU incorrectly handled certain disk offsets. A malicious guest attacker could possibly use this issue to gain control of the host in certain nested virtualization scenarios. (CVE-2023-5088) Update Instructions: Run `sudo pro fix USN-6567-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu - 1:4.2-3ubuntu6.28 qemu-block-extra - 1:4.2-3ubuntu6.28 qemu-guest-agent - 1:4.2-3ubuntu6.28 qemu-kvm - 1:4.2-3ubuntu6.28 qemu-system - 1:4.2-3ubuntu6.28 qemu-system-arm - 1:4.2-3ubuntu6.28 qemu-system-common - 1:4.2-3ubuntu6.28 qemu-system-data - 1:4.2-3ubuntu6.28 qemu-system-gui - 1:4.2-3ubuntu6.28 qemu-system-mips - 1:4.2-3ubuntu6.28 qemu-system-misc - 1:4.2-3ubuntu6.28 qemu-system-ppc - 1:4.2-3ubuntu6.28 qemu-system-s390x - 1:4.2-3ubuntu6.28 qemu-system-sparc - 1:4.2-3ubuntu6.28 qemu-system-x86 - 1:4.2-3ubuntu6.28 qemu-system-x86-microvm - 1:4.2-3ubuntu6.28 qemu-system-x86-xen - 1:4.2-3ubuntu6.28 qemu-user - 1:4.2-3ubuntu6.28 qemu-user-binfmt - 1:4.2-3ubuntu6.28 qemu-user-static - 1:4.2-3ubuntu6.28 qemu-utils - 1:4.2-3ubuntu6.28 No subscription required Medium CVE-2020-14394 CVE-2020-24165 CVE-2021-3611 CVE-2021-3638 CVE-2023-1544 CVE-2023-2861 CVE-2023-3180 CVE-2023-3255 CVE-2023-3301 CVE-2023-3354 CVE-2023-40360 CVE-2023-4135 CVE-2023-42467 CVE-2023-5088 Ubuntu 20.04 LTS The ClamAV package was updated to a new upstream version to remain compatible with signature database downloads. Update Instructions: Run `sudo pro fix USN-6568-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: clamav - 0.103.11+dfsg-0ubuntu0.20.04.1 clamav-base - 0.103.11+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.103.11+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.103.11+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.103.11+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.103.11+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.103.11+dfsg-0ubuntu0.20.04.1 clamdscan - 0.103.11+dfsg-0ubuntu0.20.04.1 libclamav-dev - 0.103.11+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.103.11+dfsg-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2046581 Ubuntu 20.04 LTS it was discovered that libclamunrar incorrectly handled directories when extracting RAR archives. A remote attacker could possibly use this issue to overwrite arbitrary files and execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2022-30333) It was discovered that libclamunrar incorrectly validated certain structures when extracting RAR archives. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2023-40477) Update Instructions: Run `sudo pro fix USN-6569-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamunrar9 - 0.103.11-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-30333 CVE-2023-40477 Ubuntu 20.04 LTS Youssef Rebahi-Gilbert discovered that Monit did not properly process credentials for disabled accounts. An attacker could possibly use this issue to login to the platform with an expired account and a valid password. Update Instructions: Run `sudo pro fix USN-6571-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: monit - 1:5.26.0-4ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-26563 Ubuntu 20.04 LTS Takeshi Kaneko discovered that Go did not properly handle comments and special tags in the script context of html/template module. An attacker could possibly use this issue to inject Javascript code and perform a cross site scripting attack. This issue only affected Go 1.20 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-39318, CVE-2023-39319) It was discovered that Go did not properly validate the "//go:cgo_" directives during compilation. An attacker could possibly use this issue to inject arbitrary code during compile time. (CVE-2023-39323) It was discovered that Go did not limit the number of simultaneously executing handler goroutines in the net/http module. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2023-39325, CVE-2023-44487) It was discovered that the Go net/http module did not properly validate the chunk extensions reading from a request or response body. An attacker could possibly use this issue to read sensitive information. (CVE-2023-39326) It was discovered that Go did not properly validate the insecure "git://" protocol when using go get to fetch a module with the ".git" suffix. An attacker could possibly use this issue to bypass secure protocol checks. (CVE-2023-45285) Update Instructions: Run `sudo pro fix USN-6574-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.20 - 1.20.3-1ubuntu0.1~20.04.1 golang-1.20-doc - 1.20.3-1ubuntu0.1~20.04.1 golang-1.20-go - 1.20.3-1ubuntu0.1~20.04.1 golang-1.20-src - 1.20.3-1ubuntu0.1~20.04.1 No subscription required golang-1.21 - 1.21.1-1~ubuntu20.04.2 golang-1.21-doc - 1.21.1-1~ubuntu20.04.2 golang-1.21-go - 1.21.1-1~ubuntu20.04.2 golang-1.21-src - 1.21.1-1~ubuntu20.04.2 No subscription required Medium CVE-2023-39318 CVE-2023-39319 CVE-2023-39323 CVE-2023-39325 CVE-2023-39326 CVE-2023-44487 CVE-2023-45285 Ubuntu 20.04 LTS It was discovered that Twisted incorrectly escaped host headers in certain 404 responses. A remote attacker could possibly use this issue to perform HTML and script injection attacks. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-39348) It was discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay responses and manipulate the responses of second requests. (CVE-2023-46137) Update Instructions: Run `sudo pro fix USN-6575-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-twisted - 18.9.0-11ubuntu0.20.04.3 python3-twisted-bin - 18.9.0-11ubuntu0.20.04.3 twisted-doc - 18.9.0-11ubuntu0.20.04.3 No subscription required Medium CVE-2022-39348 CVE-2023-46137 Ubuntu 20.04 LTS USN-6579-1 fixed a vulnerability in Xerces-C++. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. Original advisory details: It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6579-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxerces-c-dev - 3.2.2+debian-1ubuntu0.1 libxerces-c-doc - 3.2.2+debian-1ubuntu0.1 libxerces-c-samples - 3.2.2+debian-1ubuntu0.1 libxerces-c3.2 - 3.2.2+debian-1ubuntu0.1 No subscription required Medium CVE-2018-1311 Ubuntu 20.04 LTS It was discovered that w3m incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6580-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: w3m - 0.5.3-37ubuntu0.2 w3m-img - 0.5.3-37ubuntu0.2 No subscription required Medium CVE-2023-4255 Ubuntu 20.04 LTS It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. (CVE-2022-44840, CVE-2022-45703) It was discovered that GNU binutils incorrectly handled memory management operations in several of its functions, which could lead to excessive memory consumption due to memory leaks. An attacker could possibly use these issues to cause a denial of service. (CVE-2022-47007, CVE-2022-47008, CVE-2022-47010, CVE-2022-47011) Update Instructions: Run `sudo pro fix USN-6581-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils - 2.34-6ubuntu1.8 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.8 binutils-alpha-linux-gnu - 2.34-6ubuntu1.8 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.8 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.8 binutils-common - 2.34-6ubuntu1.8 binutils-dev - 2.34-6ubuntu1.8 binutils-doc - 2.34-6ubuntu1.8 binutils-for-build - 2.34-6ubuntu1.8 binutils-for-host - 2.34-6ubuntu1.8 binutils-hppa-linux-gnu - 2.34-6ubuntu1.8 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.8 binutils-i686-gnu - 2.34-6ubuntu1.8 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.8 binutils-i686-linux-gnu - 2.34-6ubuntu1.8 binutils-ia64-linux-gnu - 2.34-6ubuntu1.8 binutils-m68k-linux-gnu - 2.34-6ubuntu1.8 binutils-multiarch - 2.34-6ubuntu1.8 binutils-multiarch-dev - 2.34-6ubuntu1.8 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.8 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.8 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.8 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.8 binutils-s390x-linux-gnu - 2.34-6ubuntu1.8 binutils-sh4-linux-gnu - 2.34-6ubuntu1.8 binutils-source - 2.34-6ubuntu1.8 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.8 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.8 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.8 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.8 libbinutils - 2.34-6ubuntu1.8 libctf-nobfd0 - 2.34-6ubuntu1.8 libctf0 - 2.34-6ubuntu1.8 No subscription required Medium CVE-2022-44840 CVE-2022-45703 CVE-2022-47007 CVE-2022-47008 CVE-2022-47010 CVE-2022-47011 Ubuntu 20.04 LTS Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-20314) It was discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-33912, CVE-2021-33913) Update Instructions: Run `sudo pro fix USN-6584-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmail-spf-xs-perl - 1.2.10-7+deb9u2build0.20.04.1 libspf2-2 - 1.2.10-7+deb9u2build0.20.04.1 libspf2-dev - 1.2.10-7+deb9u2build0.20.04.1 spfquery - 1.2.10-7+deb9u2build0.20.04.1 No subscription required Medium CVE-2021-20314 CVE-2021-33912 CVE-2021-33913 Ubuntu 20.04 LTS It was discovered that FreeImage incorrectly handled certain memory operations. If a user were tricked into opening a crafted TIFF file, a remote attacker could use this issue to cause a heap buffer overflow, resulting in a denial of service attack. This issue only affected Ubuntu 16.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-12211) It was discovered that FreeImage incorrectly processed images under certain circumstances. If a user were tricked into opening a crafted TIFF file, a remote attacker could possibly use this issue to cause a stack exhaustion condition, resulting in a denial of service attack. This issue only affected Ubuntu 16.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-12213) It was discovered that FreeImage incorrectly processed certain images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2020-21427, CVE-2020-21428) It was discovered that FreeImage incorrectly processed certain images. If a user or automated system were tricked into opening a specially crafted PFM file, an attacker could possibly use this issue to cause a denial of service. (CVE-2020-22524) Update Instructions: Run `sudo pro fix USN-6586-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreeimage-dev - 3.18.0+ds2-1ubuntu3.1 libfreeimage3 - 3.18.0+ds2-1ubuntu3.1 libfreeimageplus-dev - 3.18.0+ds2-1ubuntu3.1 libfreeimageplus-doc - 3.18.0+ds2-1ubuntu3.1 libfreeimageplus3 - 3.18.0+ds2-1ubuntu3.1 No subscription required Medium CVE-2019-12211 CVE-2019-12213 CVE-2020-21427 CVE-2020-21428 CVE-2020-22524 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. (CVE-2023-6816) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2024-0229) Olivier Fourdan and Donn Seeley discovered that the X.Org X Server incorrectly labeled GLX PBuffers when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0408) Olivier Fourdan discovered that the X.Org X Server incorrectly handled the curser code when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0409) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the XISendDeviceHierarchyEvent API. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. (CVE-2024-21885) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled devices being disabled. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. (CVE-2024-21886) Update Instructions: Run `sudo pro fix USN-6587-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xdmx - 2:1.20.13-1ubuntu1~20.04.14 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.14 xnest - 2:1.20.13-1ubuntu1~20.04.14 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.14 xserver-common - 2:1.20.13-1ubuntu1~20.04.14 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.14 xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.14 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.14 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.14 xvfb - 2:1.20.13-1ubuntu1~20.04.14 xwayland - 2:1.20.13-1ubuntu1~20.04.14 No subscription required Medium CVE-2023-6816 CVE-2024-0229 CVE-2024-0408 CVE-2024-0409 CVE-2024-21885 CVE-2024-21886 Ubuntu 20.04 LTS USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete resulting in a possible regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. (CVE-2023-6816) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2024-0229) Olivier Fourdan and Donn Seeley discovered that the X.Org X Server incorrectly labeled GLX PBuffers when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0408) Olivier Fourdan discovered that the X.Org X Server incorrectly handled the curser code when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0409) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the XISendDeviceHierarchyEvent API. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. (CVE-2024-21885) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled devices being disabled. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. (CVE-2024-21886) Update Instructions: Run `sudo pro fix USN-6587-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xdmx - 2:1.20.13-1ubuntu1~20.04.15 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.15 xnest - 2:1.20.13-1ubuntu1~20.04.15 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.15 xserver-common - 2:1.20.13-1ubuntu1~20.04.15 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.15 xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.15 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.15 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.15 xvfb - 2:1.20.13-1ubuntu1~20.04.15 xwayland - 2:1.20.13-1ubuntu1~20.04.15 No subscription required None https://launchpad.net/bugs/2051536 Ubuntu 20.04 LTS Matthias Gerstner discovered that the PAM pam_namespace module incorrectly handled special files when performing directory checks. A local attacker could possibly use this issue to cause PAM to stop responding, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6588-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpam-cracklib - 1.3.1-5ubuntu4.7 libpam-doc - 1.3.1-5ubuntu4.7 libpam-modules - 1.3.1-5ubuntu4.7 libpam-modules-bin - 1.3.1-5ubuntu4.7 libpam-runtime - 1.3.1-5ubuntu4.7 libpam0g - 1.3.1-5ubuntu4.7 libpam0g-dev - 1.3.1-5ubuntu4.7 No subscription required Medium CVE-2024-22365 Ubuntu 20.04 LTS Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol used in FileZilla is prone to a prefix truncation attack, known as the "Terrapin attack". A remote attacker could use this issue to downgrade or disable some security features and obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6589-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: filezilla - 3.46.3-1ubuntu0.1 filezilla-common - 3.46.3-1ubuntu0.1 No subscription required Medium CVE-2023-48795 Ubuntu 20.04 LTS It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2018-1311) It was discovered that Xerces-C++ was not properly performing bounds checks when processing XML Schema Definition files, which could lead to an out-of-bounds access via an HTTP request. If a user or automated system were tricked into processing a specially crafted XSD file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-37536) Update Instructions: Run `sudo pro fix USN-6590-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxerces-c-dev - 3.2.2+debian-1ubuntu0.2 libxerces-c-doc - 3.2.2+debian-1ubuntu0.2 libxerces-c-samples - 3.2.2+debian-1ubuntu0.2 libxerces-c3.2 - 3.2.2+debian-1ubuntu0.2 No subscription required Medium CVE-2018-1311 CVE-2023-37536 Ubuntu 20.04 LTS Timo Longin discovered that Postfix incorrectly handled certain email line endings. A remote attacker could possibly use this issue to bypass an email authentication mechanism, allowing domain spoofing and potential spamming. Please note that certain configuration changes are required to address this issue. They are not enabled by default for backward compatibility. Information can be found at https://www.postfix.org/smtp-smuggling.html. Update Instructions: Run `sudo pro fix USN-6591-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postfix - 3.4.13-0ubuntu1.3 postfix-cdb - 3.4.13-0ubuntu1.3 postfix-doc - 3.4.13-0ubuntu1.3 postfix-ldap - 3.4.13-0ubuntu1.3 postfix-lmdb - 3.4.13-0ubuntu1.3 postfix-mysql - 3.4.13-0ubuntu1.3 postfix-pcre - 3.4.13-0ubuntu1.3 postfix-pgsql - 3.4.13-0ubuntu1.3 postfix-sqlite - 3.4.13-0ubuntu1.3 No subscription required Medium CVE-2023-51764 https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/2049337 Ubuntu 20.04 LTS USN-6591-1 fixed vulnerabilities in Postfix. A fix with less risk of regression has been made available since the last update. This update updates the fix and aligns with the latest configuration guidelines regarding this vulnerability. We apologize for the inconvenience. Original advisory details: Timo Longin discovered that Postfix incorrectly handled certain email line endings. A remote attacker could possibly use this issue to bypass an email authentication mechanism, allowing domain spoofing and potential spamming. Please note that certain configuration changes are required to address this issue. They are not enabled by default for backward compatibility. Information can be found at https://www.postfix.org/smtp-smuggling.html. Update Instructions: Run `sudo pro fix USN-6591-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postfix - 3.4.13-0ubuntu1.4 postfix-cdb - 3.4.13-0ubuntu1.4 postfix-doc - 3.4.13-0ubuntu1.4 postfix-ldap - 3.4.13-0ubuntu1.4 postfix-lmdb - 3.4.13-0ubuntu1.4 postfix-mysql - 3.4.13-0ubuntu1.4 postfix-pcre - 3.4.13-0ubuntu1.4 postfix-pgsql - 3.4.13-0ubuntu1.4 postfix-sqlite - 3.4.13-0ubuntu1.4 No subscription required Medium CVE-2023-51764 https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/2049337 https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/2050834 Ubuntu 20.04 LTS It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possibly use this issue to inject malicious code into the command of the features mentioned through the hostname parameter. (CVE-2023-6004) It was discovered that libssh incorrectly handled return codes when performing message digest operations. A remote attacker could possibly use this issue to cause libssh to crash, obtain sensitive information, or execute arbitrary code. (CVE-2023-6918) Update Instructions: Run `sudo pro fix USN-6592-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh-4 - 0.9.3-2ubuntu2.5 libssh-dev - 0.9.3-2ubuntu2.5 libssh-doc - 0.9.3-2ubuntu2.5 libssh-gcrypt-4 - 0.9.3-2ubuntu2.5 libssh-gcrypt-dev - 0.9.3-2ubuntu2.5 No subscription required Medium CVE-2023-6004 CVE-2023-6918 Ubuntu 20.04 LTS It was discovered that GnuTLS had a timing side-channel when processing malformed ciphertexts in RSA-PSK ClientKeyExchange. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-0553) It was discovered that GnuTLS incorrectly handled certain certificate chains with a cross-signing loop. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2024-0567) Update Instructions: Run `sudo pro fix USN-6593-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-bin - 3.6.13-2ubuntu1.10 gnutls-doc - 3.6.13-2ubuntu1.10 guile-gnutls - 3.6.13-2ubuntu1.10 libgnutls-dane0 - 3.6.13-2ubuntu1.10 libgnutls-openssl27 - 3.6.13-2ubuntu1.10 libgnutls28-dev - 3.6.13-2ubuntu1.10 libgnutls30 - 3.6.13-2ubuntu1.10 libgnutlsxx28 - 3.6.13-2ubuntu1.10 No subscription required Medium CVE-2024-0553 CVE-2024-0567 Ubuntu 20.04 LTS Joshua Rogers discovered that Squid incorrectly handled HTTP message processing. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-49285) Joshua Rogers discovered that Squid incorrectly handled Helper process management. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-49286) Joshua Rogers discovered that Squid incorrectly handled HTTP request parsing. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-50269) Update Instructions: Run `sudo pro fix USN-6594-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid - 4.10-1ubuntu1.9 squid-cgi - 4.10-1ubuntu1.9 squid-common - 4.10-1ubuntu1.9 squid-purge - 4.10-1ubuntu1.9 squidclient - 4.10-1ubuntu1.9 No subscription required Medium CVE-2023-49285 CVE-2023-49286 CVE-2023-50269 Ubuntu 20.04 LTS It was discovered that Apache::Session::LDAP incorrectly handled invalid X.509 certificates. If a user or an automated system were tricked into opening a specially crafted invalid X.509 certificate, a remote attacker could possibly use this issue to perform spoofing and obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6596-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache-session-ldap-perl - 0.4-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2020-36658 Ubuntu 20.04 LTS Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. Update Instructions: Run `sudo pro fix USN-6598-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: paramiko-doc - 2.6.0-2ubuntu0.3 python3-paramiko - 2.6.0-2ubuntu0.3 No subscription required Medium CVE-2023-48795 Ubuntu 20.04 LTS Yeting Li discovered that Jinja incorrectly handled certain regex. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-28493) It was discovered that Jinja incorrectly handled certain HTML passed with xmlatter filter. An attacker could inject arbitrary HTML attributes keys and values potentially leading to XSS. (CVE-2024-22195) Update Instructions: Run `sudo pro fix USN-6599-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-jinja2 - 2.10.1-2ubuntu0.2 python-jinja2-doc - 2.10.1-2ubuntu0.2 python3-jinja2 - 2.10.1-2ubuntu0.2 No subscription required Medium CVE-2020-28493 CVE-2024-22195 Ubuntu 20.04 LTS Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.39 in Ubuntu 20.04 LTS, 10.6.16 in Ubuntu 22.04 LTS and 10.11.6 in Ubuntu 23.10. CVE-2022-47015 only affected the MariaDB packages in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Update Instructions: Run `sudo pro fix USN-6600-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmariadb-dev - 1:10.3.39-0ubuntu0.20.04.2 libmariadb-dev-compat - 1:10.3.39-0ubuntu0.20.04.2 libmariadb3 - 1:10.3.39-0ubuntu0.20.04.2 libmariadbclient-dev - 1:10.3.39-0ubuntu0.20.04.2 libmariadbd-dev - 1:10.3.39-0ubuntu0.20.04.2 libmariadbd19 - 1:10.3.39-0ubuntu0.20.04.2 mariadb-backup - 1:10.3.39-0ubuntu0.20.04.2 mariadb-client - 1:10.3.39-0ubuntu0.20.04.2 mariadb-client-10.3 - 1:10.3.39-0ubuntu0.20.04.2 mariadb-client-core-10.3 - 1:10.3.39-0ubuntu0.20.04.2 mariadb-common - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-connect - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-cracklib-password-check - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-gssapi-client - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-gssapi-server - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-mroonga - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-oqgraph - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-rocksdb - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-spider - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-tokudb - 1:10.3.39-0ubuntu0.20.04.2 mariadb-server - 1:10.3.39-0ubuntu0.20.04.2 mariadb-server-10.3 - 1:10.3.39-0ubuntu0.20.04.2 mariadb-server-core-10.3 - 1:10.3.39-0ubuntu0.20.04.2 mariadb-test - 1:10.3.39-0ubuntu0.20.04.2 mariadb-test-data - 1:10.3.39-0ubuntu0.20.04.2 No subscription required Medium CVE-2022-47015 CVE-2023-22084 Ubuntu 20.04 LTS Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6040) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Update Instructions: Run `sudo pro fix USN-6605-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1029-iot - 5.4.0-1029.30 linux-headers-5.4.0-1029-iot - 5.4.0-1029.30 linux-image-5.4.0-1029-iot - 5.4.0-1029.30 linux-image-unsigned-5.4.0-1029-iot - 5.4.0-1029.30 linux-iot-headers-5.4.0-1029 - 5.4.0-1029.30 linux-iot-tools-5.4.0-1029 - 5.4.0-1029.30 linux-iot-tools-common - 5.4.0-1029.30 linux-modules-5.4.0-1029-iot - 5.4.0-1029.30 linux-tools-5.4.0-1029-iot - 5.4.0-1029.30 No subscription required linux-buildinfo-5.4.0-1036-xilinx-zynqmp - 5.4.0-1036.40 linux-headers-5.4.0-1036-xilinx-zynqmp - 5.4.0-1036.40 linux-image-5.4.0-1036-xilinx-zynqmp - 5.4.0-1036.40 linux-modules-5.4.0-1036-xilinx-zynqmp - 5.4.0-1036.40 linux-tools-5.4.0-1036-xilinx-zynqmp - 5.4.0-1036.40 linux-xilinx-zynqmp-headers-5.4.0-1036 - 5.4.0-1036.40 linux-xilinx-zynqmp-tools-5.4.0-1036 - 5.4.0-1036.40 No subscription required linux-buildinfo-5.4.0-1064-ibm - 5.4.0-1064.69 linux-headers-5.4.0-1064-ibm - 5.4.0-1064.69 linux-ibm-cloud-tools-common - 5.4.0-1064.69 linux-ibm-headers-5.4.0-1064 - 5.4.0-1064.69 linux-ibm-source-5.4.0 - 5.4.0-1064.69 linux-ibm-tools-5.4.0-1064 - 5.4.0-1064.69 linux-ibm-tools-common - 5.4.0-1064.69 linux-image-5.4.0-1064-ibm - 5.4.0-1064.69 linux-image-unsigned-5.4.0-1064-ibm - 5.4.0-1064.69 linux-modules-5.4.0-1064-ibm - 5.4.0-1064.69 linux-modules-extra-5.4.0-1064-ibm - 5.4.0-1064.69 linux-tools-5.4.0-1064-ibm - 5.4.0-1064.69 No subscription required linux-bluefield-headers-5.4.0-1077 - 5.4.0-1077.83 linux-bluefield-tools-5.4.0-1077 - 5.4.0-1077.83 linux-buildinfo-5.4.0-1077-bluefield - 5.4.0-1077.83 linux-headers-5.4.0-1077-bluefield - 5.4.0-1077.83 linux-image-5.4.0-1077-bluefield - 5.4.0-1077.83 linux-image-unsigned-5.4.0-1077-bluefield - 5.4.0-1077.83 linux-modules-5.4.0-1077-bluefield - 5.4.0-1077.83 linux-tools-5.4.0-1077-bluefield - 5.4.0-1077.83 No subscription required linux-buildinfo-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-cloud-tools-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-gkeop-cloud-tools-5.4.0-1084 - 5.4.0-1084.88 linux-gkeop-headers-5.4.0-1084 - 5.4.0-1084.88 linux-gkeop-source-5.4.0 - 5.4.0-1084.88 linux-gkeop-tools-5.4.0-1084 - 5.4.0-1084.88 linux-headers-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-image-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-image-unsigned-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-modules-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-modules-extra-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-tools-5.4.0-1084-gkeop - 5.4.0-1084.88 No subscription required linux-buildinfo-5.4.0-1101-raspi - 5.4.0-1101.113 linux-headers-5.4.0-1101-raspi - 5.4.0-1101.113 linux-image-5.4.0-1101-raspi - 5.4.0-1101.113 linux-modules-5.4.0-1101-raspi - 5.4.0-1101.113 linux-raspi-headers-5.4.0-1101 - 5.4.0-1101.113 linux-raspi-tools-5.4.0-1101 - 5.4.0-1101.113 linux-tools-5.4.0-1101-raspi - 5.4.0-1101.113 No subscription required linux-buildinfo-5.4.0-1116-oracle - 5.4.0-1116.125 linux-headers-5.4.0-1116-oracle - 5.4.0-1116.125 linux-image-5.4.0-1116-oracle - 5.4.0-1116.125 linux-image-unsigned-5.4.0-1116-oracle - 5.4.0-1116.125 linux-modules-5.4.0-1116-oracle - 5.4.0-1116.125 linux-modules-extra-5.4.0-1116-oracle - 5.4.0-1116.125 linux-oracle-headers-5.4.0-1116 - 5.4.0-1116.125 linux-oracle-tools-5.4.0-1116 - 5.4.0-1116.125 linux-tools-5.4.0-1116-oracle - 5.4.0-1116.125 No subscription required linux-aws-cloud-tools-5.4.0-1117 - 5.4.0-1117.127 linux-aws-headers-5.4.0-1117 - 5.4.0-1117.127 linux-aws-tools-5.4.0-1117 - 5.4.0-1117.127 linux-buildinfo-5.4.0-1117-aws - 5.4.0-1117.127 linux-cloud-tools-5.4.0-1117-aws - 5.4.0-1117.127 linux-headers-5.4.0-1117-aws - 5.4.0-1117.127 linux-image-5.4.0-1117-aws - 5.4.0-1117.127 linux-image-unsigned-5.4.0-1117-aws - 5.4.0-1117.127 linux-modules-5.4.0-1117-aws - 5.4.0-1117.127 linux-modules-extra-5.4.0-1117-aws - 5.4.0-1117.127 linux-tools-5.4.0-1117-aws - 5.4.0-1117.127 No subscription required linux-buildinfo-5.4.0-1121-gcp - 5.4.0-1121.130 linux-gcp-headers-5.4.0-1121 - 5.4.0-1121.130 linux-gcp-tools-5.4.0-1121 - 5.4.0-1121.130 linux-headers-5.4.0-1121-gcp - 5.4.0-1121.130 linux-image-5.4.0-1121-gcp - 5.4.0-1121.130 linux-image-unsigned-5.4.0-1121-gcp - 5.4.0-1121.130 linux-modules-5.4.0-1121-gcp - 5.4.0-1121.130 linux-modules-extra-5.4.0-1121-gcp - 5.4.0-1121.130 linux-tools-5.4.0-1121-gcp - 5.4.0-1121.130 No subscription required linux-azure-cloud-tools-5.4.0-1122 - 5.4.0-1122.129 linux-azure-headers-5.4.0-1122 - 5.4.0-1122.129 linux-azure-tools-5.4.0-1122 - 5.4.0-1122.129 linux-buildinfo-5.4.0-1122-azure - 5.4.0-1122.129 linux-cloud-tools-5.4.0-1122-azure - 5.4.0-1122.129 linux-headers-5.4.0-1122-azure - 5.4.0-1122.129 linux-image-5.4.0-1122-azure - 5.4.0-1122.129 linux-image-unsigned-5.4.0-1122-azure - 5.4.0-1122.129 linux-modules-5.4.0-1122-azure - 5.4.0-1122.129 linux-modules-extra-5.4.0-1122-azure - 5.4.0-1122.129 linux-tools-5.4.0-1122-azure - 5.4.0-1122.129 No subscription required linux-buildinfo-5.4.0-170-generic - 5.4.0-170.188 linux-buildinfo-5.4.0-170-generic-lpae - 5.4.0-170.188 linux-buildinfo-5.4.0-170-lowlatency - 5.4.0-170.188 linux-cloud-tools-5.4.0-170 - 5.4.0-170.188 linux-cloud-tools-5.4.0-170-generic - 5.4.0-170.188 linux-cloud-tools-5.4.0-170-lowlatency - 5.4.0-170.188 linux-cloud-tools-common - 5.4.0-170.188 linux-doc - 5.4.0-170.188 linux-headers-5.4.0-170 - 5.4.0-170.188 linux-headers-5.4.0-170-generic - 5.4.0-170.188 linux-headers-5.4.0-170-generic-lpae - 5.4.0-170.188 linux-headers-5.4.0-170-lowlatency - 5.4.0-170.188 linux-image-5.4.0-170-generic - 5.4.0-170.188 linux-image-5.4.0-170-generic-lpae - 5.4.0-170.188 linux-image-5.4.0-170-lowlatency - 5.4.0-170.188 linux-image-unsigned-5.4.0-170-generic - 5.4.0-170.188 linux-image-unsigned-5.4.0-170-lowlatency - 5.4.0-170.188 linux-libc-dev - 5.4.0-170.188 linux-modules-5.4.0-170-generic - 5.4.0-170.188 linux-modules-5.4.0-170-generic-lpae - 5.4.0-170.188 linux-modules-5.4.0-170-lowlatency - 5.4.0-170.188 linux-modules-extra-5.4.0-170-generic - 5.4.0-170.188 linux-source-5.4.0 - 5.4.0-170.188 linux-tools-5.4.0-170 - 5.4.0-170.188 linux-tools-5.4.0-170-generic - 5.4.0-170.188 linux-tools-5.4.0-170-generic-lpae - 5.4.0-170.188 linux-tools-5.4.0-170-lowlatency - 5.4.0-170.188 linux-tools-common - 5.4.0-170.188 linux-tools-host - 5.4.0-170.188 No subscription required linux-headers-iot - 5.4.0.1029.27 linux-image-iot - 5.4.0.1029.27 linux-iot - 5.4.0.1029.27 linux-tools-iot - 5.4.0.1029.27 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1036.36 linux-image-xilinx-zynqmp - 5.4.0.1036.36 linux-tools-xilinx-zynqmp - 5.4.0.1036.36 linux-xilinx-zynqmp - 5.4.0.1036.36 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1064.93 linux-ibm-lts-20.04 - 5.4.0.1064.93 linux-image-ibm-lts-20.04 - 5.4.0.1064.93 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1064.93 linux-tools-ibm-lts-20.04 - 5.4.0.1064.93 No subscription required linux-bluefield - 5.4.0.1077.72 linux-headers-bluefield - 5.4.0.1077.72 linux-image-bluefield - 5.4.0.1077.72 linux-tools-bluefield - 5.4.0.1077.72 No subscription required linux-cloud-tools-gkeop - 5.4.0.1084.82 linux-cloud-tools-gkeop-5.4 - 5.4.0.1084.82 linux-gkeop - 5.4.0.1084.82 linux-gkeop-5.4 - 5.4.0.1084.82 linux-headers-gkeop - 5.4.0.1084.82 linux-headers-gkeop-5.4 - 5.4.0.1084.82 linux-image-gkeop - 5.4.0.1084.82 linux-image-gkeop-5.4 - 5.4.0.1084.82 linux-modules-extra-gkeop - 5.4.0.1084.82 linux-modules-extra-gkeop-5.4 - 5.4.0.1084.82 linux-tools-gkeop - 5.4.0.1084.82 linux-tools-gkeop-5.4 - 5.4.0.1084.82 No subscription required linux-headers-raspi - 5.4.0.1101.131 linux-headers-raspi-hwe-18.04 - 5.4.0.1101.131 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1101.131 linux-headers-raspi2 - 5.4.0.1101.131 linux-headers-raspi2-hwe-18.04 - 5.4.0.1101.131 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1101.131 linux-image-raspi - 5.4.0.1101.131 linux-image-raspi-hwe-18.04 - 5.4.0.1101.131 linux-image-raspi-hwe-18.04-edge - 5.4.0.1101.131 linux-image-raspi2 - 5.4.0.1101.131 linux-image-raspi2-hwe-18.04 - 5.4.0.1101.131 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1101.131 linux-raspi - 5.4.0.1101.131 linux-raspi-hwe-18.04 - 5.4.0.1101.131 linux-raspi-hwe-18.04-edge - 5.4.0.1101.131 linux-raspi2 - 5.4.0.1101.131 linux-raspi2-hwe-18.04 - 5.4.0.1101.131 linux-raspi2-hwe-18.04-edge - 5.4.0.1101.131 linux-tools-raspi - 5.4.0.1101.131 linux-tools-raspi-hwe-18.04 - 5.4.0.1101.131 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1101.131 linux-tools-raspi2 - 5.4.0.1101.131 linux-tools-raspi2-hwe-18.04 - 5.4.0.1101.131 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1101.131 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1116.109 linux-image-oracle-lts-20.04 - 5.4.0.1116.109 linux-oracle-lts-20.04 - 5.4.0.1116.109 linux-tools-oracle-lts-20.04 - 5.4.0.1116.109 No subscription required linux-aws-lts-20.04 - 5.4.0.1117.114 linux-headers-aws-lts-20.04 - 5.4.0.1117.114 linux-image-aws-lts-20.04 - 5.4.0.1117.114 linux-modules-extra-aws-lts-20.04 - 5.4.0.1117.114 linux-tools-aws-lts-20.04 - 5.4.0.1117.114 No subscription required linux-gcp-lts-20.04 - 5.4.0.1121.123 linux-headers-gcp-lts-20.04 - 5.4.0.1121.123 linux-image-gcp-lts-20.04 - 5.4.0.1121.123 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1121.123 linux-tools-gcp-lts-20.04 - 5.4.0.1121.123 No subscription required linux-azure-lts-20.04 - 5.4.0.1122.115 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1122.115 linux-headers-azure-lts-20.04 - 5.4.0.1122.115 linux-image-azure-lts-20.04 - 5.4.0.1122.115 linux-modules-extra-azure-lts-20.04 - 5.4.0.1122.115 linux-tools-azure-lts-20.04 - 5.4.0.1122.115 No subscription required linux-cloud-tools-generic - 5.4.0.170.168 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.170.168 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.170.168 linux-cloud-tools-lowlatency - 5.4.0.170.168 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.170.168 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.170.168 linux-cloud-tools-virtual - 5.4.0.170.168 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.170.168 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.170.168 linux-crashdump - 5.4.0.170.168 linux-generic - 5.4.0.170.168 linux-generic-hwe-18.04 - 5.4.0.170.168 linux-generic-hwe-18.04-edge - 5.4.0.170.168 linux-generic-lpae - 5.4.0.170.168 linux-generic-lpae-hwe-18.04 - 5.4.0.170.168 linux-generic-lpae-hwe-18.04-edge - 5.4.0.170.168 linux-headers-generic - 5.4.0.170.168 linux-headers-generic-hwe-18.04 - 5.4.0.170.168 linux-headers-generic-hwe-18.04-edge - 5.4.0.170.168 linux-headers-generic-lpae - 5.4.0.170.168 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.170.168 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.170.168 linux-headers-lowlatency - 5.4.0.170.168 linux-headers-lowlatency-hwe-18.04 - 5.4.0.170.168 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.170.168 linux-headers-oem - 5.4.0.170.168 linux-headers-oem-osp1 - 5.4.0.170.168 linux-headers-virtual - 5.4.0.170.168 linux-headers-virtual-hwe-18.04 - 5.4.0.170.168 linux-headers-virtual-hwe-18.04-edge - 5.4.0.170.168 linux-image-extra-virtual - 5.4.0.170.168 linux-image-extra-virtual-hwe-18.04 - 5.4.0.170.168 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.170.168 linux-image-generic - 5.4.0.170.168 linux-image-generic-hwe-18.04 - 5.4.0.170.168 linux-image-generic-hwe-18.04-edge - 5.4.0.170.168 linux-image-generic-lpae - 5.4.0.170.168 linux-image-generic-lpae-hwe-18.04 - 5.4.0.170.168 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.170.168 linux-image-lowlatency - 5.4.0.170.168 linux-image-lowlatency-hwe-18.04 - 5.4.0.170.168 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.170.168 linux-image-oem - 5.4.0.170.168 linux-image-oem-osp1 - 5.4.0.170.168 linux-image-virtual - 5.4.0.170.168 linux-image-virtual-hwe-18.04 - 5.4.0.170.168 linux-image-virtual-hwe-18.04-edge - 5.4.0.170.168 linux-lowlatency - 5.4.0.170.168 linux-lowlatency-hwe-18.04 - 5.4.0.170.168 linux-lowlatency-hwe-18.04-edge - 5.4.0.170.168 linux-oem - 5.4.0.170.168 linux-oem-osp1 - 5.4.0.170.168 linux-oem-osp1-tools-host - 5.4.0.170.168 linux-oem-tools-host - 5.4.0.170.168 linux-source - 5.4.0.170.168 linux-tools-generic - 5.4.0.170.168 linux-tools-generic-hwe-18.04 - 5.4.0.170.168 linux-tools-generic-hwe-18.04-edge - 5.4.0.170.168 linux-tools-generic-lpae - 5.4.0.170.168 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.170.168 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.170.168 linux-tools-lowlatency - 5.4.0.170.168 linux-tools-lowlatency-hwe-18.04 - 5.4.0.170.168 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.170.168 linux-tools-oem - 5.4.0.170.168 linux-tools-oem-osp1 - 5.4.0.170.168 linux-tools-virtual - 5.4.0.170.168 linux-tools-virtual-hwe-18.04 - 5.4.0.170.168 linux-tools-virtual-hwe-18.04-edge - 5.4.0.170.168 linux-virtual - 5.4.0.170.168 linux-virtual-hwe-18.04 - 5.4.0.170.168 linux-virtual-hwe-18.04-edge - 5.4.0.170.168 No subscription required High CVE-2023-6040 CVE-2023-6606 CVE-2023-6931 CVE-2023-6932 Ubuntu 20.04 LTS Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6040) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Update Instructions: Run `sudo pro fix USN-6605-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1105-kvm - 5.4.0-1105.112 linux-headers-5.4.0-1105-kvm - 5.4.0-1105.112 linux-image-5.4.0-1105-kvm - 5.4.0-1105.112 linux-image-unsigned-5.4.0-1105-kvm - 5.4.0-1105.112 linux-kvm-headers-5.4.0-1105 - 5.4.0-1105.112 linux-kvm-tools-5.4.0-1105 - 5.4.0-1105.112 linux-modules-5.4.0-1105-kvm - 5.4.0-1105.112 linux-tools-5.4.0-1105-kvm - 5.4.0-1105.112 No subscription required linux-headers-kvm - 5.4.0.1105.101 linux-image-kvm - 5.4.0.1105.101 linux-kvm - 5.4.0.1105.101 linux-tools-kvm - 5.4.0.1105.101 No subscription required High CVE-2023-6040 CVE-2023-6606 CVE-2023-6931 CVE-2023-6932 Ubuntu 20.04 LTS It was discovered that the SMB network file sharing protocol implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5345) Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6040) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6817) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly check deactivated elements in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0193) Update Instructions: Run `sudo pro fix USN-6607-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1054 - 5.15.0-1054.62~20.04.1 linux-azure-5.15-headers-5.15.0-1054 - 5.15.0-1054.62~20.04.1 linux-azure-5.15-tools-5.15.0-1054 - 5.15.0-1054.62~20.04.1 linux-buildinfo-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-cloud-tools-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-headers-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-image-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-image-unsigned-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-modules-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-modules-extra-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-tools-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 No subscription required linux-image-5.15.0-1054-azure-fde - 5.15.0-1054.62~20.04.1.1 linux-image-unsigned-5.15.0-1054-azure-fde - 5.15.0-1054.62~20.04.1.1 No subscription required linux-azure-fde - 5.15.0.1054.62~20.04.1.32 linux-azure-fde-edge - 5.15.0.1054.62~20.04.1.32 linux-cloud-tools-azure-fde - 5.15.0.1054.62~20.04.1.32 linux-cloud-tools-azure-fde-edge - 5.15.0.1054.62~20.04.1.32 linux-headers-azure-fde - 5.15.0.1054.62~20.04.1.32 linux-headers-azure-fde-edge - 5.15.0.1054.62~20.04.1.32 linux-image-azure-fde - 5.15.0.1054.62~20.04.1.32 linux-image-azure-fde-edge - 5.15.0.1054.62~20.04.1.32 linux-modules-extra-azure-fde - 5.15.0.1054.62~20.04.1.32 linux-modules-extra-azure-fde-edge - 5.15.0.1054.62~20.04.1.32 linux-tools-azure-fde - 5.15.0.1054.62~20.04.1.32 linux-tools-azure-fde-edge - 5.15.0.1054.62~20.04.1.32 No subscription required linux-azure - 5.15.0.1054.62~20.04.43 linux-azure-cvm - 5.15.0.1054.62~20.04.43 linux-azure-edge - 5.15.0.1054.62~20.04.43 linux-cloud-tools-azure - 5.15.0.1054.62~20.04.43 linux-cloud-tools-azure-cvm - 5.15.0.1054.62~20.04.43 linux-cloud-tools-azure-edge - 5.15.0.1054.62~20.04.43 linux-headers-azure - 5.15.0.1054.62~20.04.43 linux-headers-azure-cvm - 5.15.0.1054.62~20.04.43 linux-headers-azure-edge - 5.15.0.1054.62~20.04.43 linux-image-azure - 5.15.0.1054.62~20.04.43 linux-image-azure-cvm - 5.15.0.1054.62~20.04.43 linux-image-azure-edge - 5.15.0.1054.62~20.04.43 linux-modules-extra-azure - 5.15.0.1054.62~20.04.43 linux-modules-extra-azure-cvm - 5.15.0.1054.62~20.04.43 linux-modules-extra-azure-edge - 5.15.0.1054.62~20.04.43 linux-tools-azure - 5.15.0.1054.62~20.04.43 linux-tools-azure-cvm - 5.15.0.1054.62~20.04.43 linux-tools-azure-edge - 5.15.0.1054.62~20.04.43 No subscription required High CVE-2023-5345 CVE-2023-6040 CVE-2023-6606 CVE-2023-6817 CVE-2023-6931 CVE-2023-6932 CVE-2024-0193 Ubuntu 20.04 LTS Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6040) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6817) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly check deactivated elements in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0193) Update Instructions: Run `sudo pro fix USN-6609-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-cloud-tools-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1035 - 5.15.0-1035.41~20.04.1 linux-gkeop-5.15-headers-5.15.0-1035 - 5.15.0-1035.41~20.04.1 linux-gkeop-5.15-tools-5.15.0-1035 - 5.15.0-1035.41~20.04.1 linux-headers-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-image-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-image-unsigned-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-modules-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-modules-extra-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-tools-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 No subscription required linux-buildinfo-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 linux-headers-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 linux-ibm-5.15-headers-5.15.0-1045 - 5.15.0-1045.48~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1045.48~20.04.1 linux-ibm-5.15-tools-5.15.0-1045 - 5.15.0-1045.48~20.04.1 linux-image-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 linux-image-unsigned-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 linux-modules-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 linux-modules-extra-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 linux-tools-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 No subscription required linux-buildinfo-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-gcp-5.15-headers-5.15.0-1049 - 5.15.0-1049.57~20.04.1 linux-gcp-5.15-tools-5.15.0-1049 - 5.15.0-1049.57~20.04.1 linux-headers-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-image-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-image-unsigned-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-modules-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-modules-extra-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-modules-iwlwifi-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-tools-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1052 - 5.15.0-1052.57~20.04.1 linux-aws-5.15-headers-5.15.0-1052 - 5.15.0-1052.57~20.04.1 linux-aws-5.15-tools-5.15.0-1052 - 5.15.0-1052.57~20.04.1 linux-buildinfo-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-cloud-tools-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-headers-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-image-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-image-unsigned-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-modules-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-modules-extra-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-tools-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 No subscription required linux-buildinfo-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-buildinfo-5.15.0-92-generic-64k - 5.15.0-92.102~20.04.1 linux-buildinfo-5.15.0-92-generic-lpae - 5.15.0-92.102~20.04.1 linux-buildinfo-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-buildinfo-5.15.0-92-lowlatency-64k - 5.15.0-92.102~20.04.1 linux-cloud-tools-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-cloud-tools-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-headers-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-headers-5.15.0-92-generic-64k - 5.15.0-92.102~20.04.1 linux-headers-5.15.0-92-generic-lpae - 5.15.0-92.102~20.04.1 linux-headers-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-headers-5.15.0-92-lowlatency-64k - 5.15.0-92.102~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-92 - 5.15.0-92.102~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-92.102~20.04.1 linux-hwe-5.15-headers-5.15.0-92 - 5.15.0-92.102~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-92.102~20.04.1 linux-hwe-5.15-tools-5.15.0-92 - 5.15.0-92.102~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-92.102~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-92.102~20.04.1 linux-image-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-image-5.15.0-92-generic-64k - 5.15.0-92.102~20.04.1 linux-image-5.15.0-92-generic-lpae - 5.15.0-92.102~20.04.1 linux-image-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-image-5.15.0-92-lowlatency-64k - 5.15.0-92.102~20.04.1 linux-image-unsigned-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-image-unsigned-5.15.0-92-generic-64k - 5.15.0-92.102~20.04.1 linux-image-unsigned-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-image-unsigned-5.15.0-92-lowlatency-64k - 5.15.0-92.102~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-92 - 5.15.0-92.102~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-92.102~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-92 - 5.15.0-92.102~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-92 - 5.15.0-92.102~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-92.102~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-92.102~20.04.1 linux-modules-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-modules-5.15.0-92-generic-64k - 5.15.0-92.102~20.04.1 linux-modules-5.15.0-92-generic-lpae - 5.15.0-92.102~20.04.1 linux-modules-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-modules-5.15.0-92-lowlatency-64k - 5.15.0-92.102~20.04.1 linux-modules-extra-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-modules-iwlwifi-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-modules-iwlwifi-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-tools-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-tools-5.15.0-92-generic-64k - 5.15.0-92.102~20.04.1 linux-tools-5.15.0-92-generic-lpae - 5.15.0-92.102~20.04.1 linux-tools-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-tools-5.15.0-92-lowlatency-64k - 5.15.0-92.102~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1035.41~20.04.31 linux-cloud-tools-gkeop-edge - 5.15.0.1035.41~20.04.31 linux-gkeop-5.15 - 5.15.0.1035.41~20.04.31 linux-gkeop-edge - 5.15.0.1035.41~20.04.31 linux-headers-gkeop-5.15 - 5.15.0.1035.41~20.04.31 linux-headers-gkeop-edge - 5.15.0.1035.41~20.04.31 linux-image-gkeop-5.15 - 5.15.0.1035.41~20.04.31 linux-image-gkeop-edge - 5.15.0.1035.41~20.04.31 linux-modules-extra-gkeop-5.15 - 5.15.0.1035.41~20.04.31 linux-modules-extra-gkeop-edge - 5.15.0.1035.41~20.04.31 linux-tools-gkeop-5.15 - 5.15.0.1035.41~20.04.31 linux-tools-gkeop-edge - 5.15.0.1035.41~20.04.31 No subscription required linux-headers-ibm - 5.15.0.1045.48~20.04.17 linux-headers-ibm-edge - 5.15.0.1045.48~20.04.17 linux-ibm - 5.15.0.1045.48~20.04.17 linux-ibm-edge - 5.15.0.1045.48~20.04.17 linux-image-ibm - 5.15.0.1045.48~20.04.17 linux-image-ibm-edge - 5.15.0.1045.48~20.04.17 linux-tools-ibm - 5.15.0.1045.48~20.04.17 linux-tools-ibm-edge - 5.15.0.1045.48~20.04.17 No subscription required linux-gcp - 5.15.0.1049.57~20.04.1 linux-gcp-edge - 5.15.0.1049.57~20.04.1 linux-headers-gcp - 5.15.0.1049.57~20.04.1 linux-headers-gcp-edge - 5.15.0.1049.57~20.04.1 linux-image-gcp - 5.15.0.1049.57~20.04.1 linux-image-gcp-edge - 5.15.0.1049.57~20.04.1 linux-modules-extra-gcp - 5.15.0.1049.57~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1049.57~20.04.1 linux-tools-gcp - 5.15.0.1049.57~20.04.1 linux-tools-gcp-edge - 5.15.0.1049.57~20.04.1 No subscription required linux-aws - 5.15.0.1052.57~20.04.40 linux-aws-edge - 5.15.0.1052.57~20.04.40 linux-headers-aws - 5.15.0.1052.57~20.04.40 linux-headers-aws-edge - 5.15.0.1052.57~20.04.40 linux-image-aws - 5.15.0.1052.57~20.04.40 linux-image-aws-edge - 5.15.0.1052.57~20.04.40 linux-modules-extra-aws - 5.15.0.1052.57~20.04.40 linux-modules-extra-aws-edge - 5.15.0.1052.57~20.04.40 linux-tools-aws - 5.15.0.1052.57~20.04.40 linux-tools-aws-edge - 5.15.0.1052.57~20.04.40 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-headers-lowlatency-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-image-lowlatency-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-lowlatency-64k-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-lowlatency-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-lowlatency-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-tools-lowlatency-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.92.102~20.04.46 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-generic-64k-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-generic-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-generic-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-generic-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-generic-lpae-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-generic-lpae-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-headers-generic-64k-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-headers-generic-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-headers-generic-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-headers-oem-20.04 - 5.15.0.92.102~20.04.49 linux-headers-oem-20.04b - 5.15.0.92.102~20.04.49 linux-headers-oem-20.04c - 5.15.0.92.102~20.04.49 linux-headers-oem-20.04d - 5.15.0.92.102~20.04.49 linux-headers-virtual-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-headers-virtual-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-image-extra-virtual-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-image-generic-64k-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-image-generic-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-image-generic-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-image-generic-lpae-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-image-oem-20.04 - 5.15.0.92.102~20.04.49 linux-image-oem-20.04b - 5.15.0.92.102~20.04.49 linux-image-oem-20.04c - 5.15.0.92.102~20.04.49 linux-image-oem-20.04d - 5.15.0.92.102~20.04.49 linux-image-virtual-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-image-virtual-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-modules-iwlwifi-oem-20.04 - 5.15.0.92.102~20.04.49 linux-modules-iwlwifi-oem-20.04d - 5.15.0.92.102~20.04.49 linux-oem-20.04 - 5.15.0.92.102~20.04.49 linux-oem-20.04b - 5.15.0.92.102~20.04.49 linux-oem-20.04c - 5.15.0.92.102~20.04.49 linux-oem-20.04d - 5.15.0.92.102~20.04.49 linux-tools-generic-64k-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-tools-generic-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-tools-generic-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-tools-oem-20.04 - 5.15.0.92.102~20.04.49 linux-tools-oem-20.04b - 5.15.0.92.102~20.04.49 linux-tools-oem-20.04c - 5.15.0.92.102~20.04.49 linux-tools-oem-20.04d - 5.15.0.92.102~20.04.49 linux-tools-virtual-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-tools-virtual-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-virtual-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-virtual-hwe-20.04-edge - 5.15.0.92.102~20.04.49 No subscription required High CVE-2023-6040 CVE-2023-6606 CVE-2023-6817 CVE-2023-6931 CVE-2023-6932 CVE-2024-0193 Ubuntu 20.04 LTS Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6040) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6817) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly check deactivated elements in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0193) Update Instructions: Run `sudo pro fix USN-6609-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 linux-headers-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 linux-image-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 linux-image-unsigned-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 linux-modules-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 linux-modules-extra-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 linux-oracle-5.15-headers-5.15.0-1050 - 5.15.0-1050.56~20.04.1 linux-oracle-5.15-tools-5.15.0-1050 - 5.15.0-1050.56~20.04.1 linux-tools-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1050.56~20.04.1 linux-headers-oracle-edge - 5.15.0.1050.56~20.04.1 linux-image-oracle - 5.15.0.1050.56~20.04.1 linux-image-oracle-edge - 5.15.0.1050.56~20.04.1 linux-oracle - 5.15.0.1050.56~20.04.1 linux-oracle-edge - 5.15.0.1050.56~20.04.1 linux-tools-oracle - 5.15.0.1050.56~20.04.1 linux-tools-oracle-edge - 5.15.0.1050.56~20.04.1 No subscription required High CVE-2023-6040 CVE-2023-6606 CVE-2023-6817 CVE-2023-6931 CVE-2023-6932 CVE-2024-0193 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-0741, CVE-2024-0742, CVE-2024-0743, CVE-2024-0744, CVE-2024-0745, CVE-2024-0747, CVE-2024-0748, CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0754, CVE-2024-0755) Cornel Ionce discovered that Firefox did not properly manage memory when opening the print preview dialog. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-0746) Update Instructions: Run `sudo pro fix USN-6610-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 122.0+build2-0ubuntu0.20.04.1 firefox-dev - 122.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-nl - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 122.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 122.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-0741 CVE-2024-0742 CVE-2024-0743 CVE-2024-0744 CVE-2024-0745 CVE-2024-0746 CVE-2024-0747 CVE-2024-0748 CVE-2024-0749 CVE-2024-0750 CVE-2024-0751 CVE-2024-0753 CVE-2024-0754 CVE-2024-0755 Ubuntu 20.04 LTS USN-6610-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-0741, CVE-2024-0742, CVE-2024-0743, CVE-2024-0744, CVE-2024-0745, CVE-2024-0747, CVE-2024-0748, CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0754, CVE-2024-0755) Cornel Ionce discovered that Firefox did not properly manage memory when opening the print preview dialog. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-0746) Update Instructions: Run `sudo pro fix USN-6610-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 122.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 122.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nl - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 122.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 122.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2052580 Ubuntu 20.04 LTS It was discovered that Exim incorrectly handled certain requests. A remote attacker could possibly use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. Update Instructions: Run `sudo pro fix USN-6611-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4 - 4.93-13ubuntu1.10 exim4-base - 4.93-13ubuntu1.10 exim4-config - 4.93-13ubuntu1.10 exim4-daemon-heavy - 4.93-13ubuntu1.10 exim4-daemon-light - 4.93-13ubuntu1.10 exim4-dev - 4.93-13ubuntu1.10 eximon4 - 4.93-13ubuntu1.10 No subscription required Medium CVE-2023-51766 Ubuntu 20.04 LTS It was discovered that TinyXML incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted XML file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6612-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtinyxml-dev - 2.6.2-4+deb10u2build0.20.04.1 libtinyxml-doc - 2.6.2-4+deb10u2build0.20.04.1 libtinyxml2.6.2v5 - 2.6.2-4+deb10u2build0.20.04.1 No subscription required Medium CVE-2023-34194 Ubuntu 20.04 LTS Lucas Henry discovered that Ceph incorrectly handled specially crafted POST requests. An uprivileged user could use this to bypass Ceph's authorization checks and upload a file to any bucket. Update Instructions: Run `sudo pro fix USN-6613-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ceph - 15.2.17-0ubuntu0.20.04.6 ceph-base - 15.2.17-0ubuntu0.20.04.6 ceph-common - 15.2.17-0ubuntu0.20.04.6 ceph-fuse - 15.2.17-0ubuntu0.20.04.6 ceph-immutable-object-cache - 15.2.17-0ubuntu0.20.04.6 ceph-mds - 15.2.17-0ubuntu0.20.04.6 ceph-mgr - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-cephadm - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-dashboard - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-diskprediction-cloud - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-diskprediction-local - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-k8sevents - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-modules-core - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-rook - 15.2.17-0ubuntu0.20.04.6 ceph-mon - 15.2.17-0ubuntu0.20.04.6 ceph-osd - 15.2.17-0ubuntu0.20.04.6 ceph-resource-agents - 15.2.17-0ubuntu0.20.04.6 cephadm - 15.2.17-0ubuntu0.20.04.6 cephfs-shell - 15.2.17-0ubuntu0.20.04.6 libcephfs-dev - 15.2.17-0ubuntu0.20.04.6 libcephfs-java - 15.2.17-0ubuntu0.20.04.6 libcephfs-jni - 15.2.17-0ubuntu0.20.04.6 libcephfs2 - 15.2.17-0ubuntu0.20.04.6 librados-dev - 15.2.17-0ubuntu0.20.04.6 librados2 - 15.2.17-0ubuntu0.20.04.6 libradospp-dev - 15.2.17-0ubuntu0.20.04.6 libradosstriper-dev - 15.2.17-0ubuntu0.20.04.6 libradosstriper1 - 15.2.17-0ubuntu0.20.04.6 librbd-dev - 15.2.17-0ubuntu0.20.04.6 librbd1 - 15.2.17-0ubuntu0.20.04.6 librgw-dev - 15.2.17-0ubuntu0.20.04.6 librgw2 - 15.2.17-0ubuntu0.20.04.6 python3-ceph - 15.2.17-0ubuntu0.20.04.6 python3-ceph-argparse - 15.2.17-0ubuntu0.20.04.6 python3-ceph-common - 15.2.17-0ubuntu0.20.04.6 python3-cephfs - 15.2.17-0ubuntu0.20.04.6 python3-rados - 15.2.17-0ubuntu0.20.04.6 python3-rbd - 15.2.17-0ubuntu0.20.04.6 python3-rgw - 15.2.17-0ubuntu0.20.04.6 rados-objclass-dev - 15.2.17-0ubuntu0.20.04.6 radosgw - 15.2.17-0ubuntu0.20.04.6 rbd-fuse - 15.2.17-0ubuntu0.20.04.6 rbd-mirror - 15.2.17-0ubuntu0.20.04.6 rbd-nbd - 15.2.17-0ubuntu0.20.04.6 No subscription required Medium CVE-2023-43040 Ubuntu 20.04 LTS It was discovered that amanda did not properly check certain arguments. A local unprivileged attacker could possibly use this issue to perform a privilege escalation attack. Update Instructions: Run `sudo pro fix USN-6614-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amanda-client - 1:3.5.1-2ubuntu0.4 amanda-common - 1:3.5.1-2ubuntu0.4 amanda-server - 1:3.5.1-2ubuntu0.4 No subscription required Medium CVE-2023-30577 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.36 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-36.html https://www.oracle.com/security-alerts/cpujan2024.html Update Instructions: Run `sudo pro fix USN-6615-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmysqlclient-dev - 8.0.36-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.36-0ubuntu0.20.04.1 mysql-client - 8.0.36-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.36-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.36-0ubuntu0.20.04.1 mysql-router - 8.0.36-0ubuntu0.20.04.1 mysql-server - 8.0.36-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.36-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.36-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.36-0ubuntu0.20.04.1 mysql-testsuite - 8.0.36-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.36-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-20960 CVE-2024-20961 CVE-2024-20962 CVE-2024-20963 CVE-2024-20964 CVE-2024-20965 CVE-2024-20966 CVE-2024-20967 CVE-2024-20969 CVE-2024-20970 CVE-2024-20971 CVE-2024-20972 CVE-2024-20973 CVE-2024-20974 CVE-2024-20976 CVE-2024-20977 CVE-2024-20978 CVE-2024-20981 CVE-2024-20982 CVE-2024-20983 CVE-2024-20984 CVE-2024-20985 Ubuntu 20.04 LTS It was discovered that OpenLDAP was not properly performing bounds checks when executing functions related to LDAP URLs. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6616-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ldap-utils - 2.4.49+dfsg-2ubuntu1.10 libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.10 libldap-common - 2.4.49+dfsg-2ubuntu1.10 libldap2-dev - 2.4.49+dfsg-2ubuntu1.10 slapd - 2.4.49+dfsg-2ubuntu1.10 slapd-contrib - 2.4.49+dfsg-2ubuntu1.10 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.10 slapi-dev - 2.4.49+dfsg-2ubuntu1.10 No subscription required Low CVE-2023-2953 Ubuntu 20.04 LTS It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-21594) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2020-21595, CVE-2020-21596, CVE-2020-21599, CVE-2020-21600, CVE-2020-21601, CVE-2020-21602, CVE-2020-21603, CVE-2020-21604, CVE-2020-21605) It was discovered that libde265 did not properly manage memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-21597, CVE-2020-21598, CVE-2020-21606, CVE-2021-36408) Update Instructions: Run `sudo pro fix USN-6617-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libde265-0 - 1.0.4-1ubuntu0.1 libde265-dev - 1.0.4-1ubuntu0.1 libde265-examples - 1.0.4-1ubuntu0.1 No subscription required Medium CVE-2020-21594 CVE-2020-21595 CVE-2020-21596 CVE-2020-21597 CVE-2020-21598 CVE-2020-21599 CVE-2020-21600 CVE-2020-21601 CVE-2020-21602 CVE-2020-21603 CVE-2020-21604 CVE-2020-21605 CVE-2020-21606 CVE-2021-36408 Ubuntu 20.04 LTS It was discovered that Pillow incorrectly handled certain long text arguments. An attacker could possibly use this issue to cause Pillow to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-44271) Duarte Santos discovered that Pillow incorrectly handled the environment parameter to PIL.ImageMath.eval. An attacker could possibly use this issue to execute arbitrary code. (CVE-2023-50447) Update Instructions: Run `sudo pro fix USN-6618-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pil-doc - 7.0.0-4ubuntu0.8 python3-pil - 7.0.0-4ubuntu0.8 python3-pil.imagetk - 7.0.0-4ubuntu0.8 No subscription required Medium CVE-2023-44271 CVE-2023-50447 Ubuntu 20.04 LTS Rory McNamara discovered that runC did not properly manage internal file descriptor while managing containers. An attacker could possibly use this issue to obtain sensitive information or bypass container restrictions. Update Instructions: Run `sudo pro fix USN-6619-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-opencontainers-runc-dev - 1.1.7-0ubuntu1~20.04.2 runc - 1.1.7-0ubuntu1~20.04.2 No subscription required High CVE-2024-21626 Ubuntu 20.04 LTS It was discovered that ImageMagick incorrectly handled certain values when processing BMP files. An attacker could exploit this to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6621-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-5341 Ubuntu 20.04 LTS David Benjamin discovered that OpenSSL incorrectly handled excessively long X9.42 DH keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. (CVE-2023-5678) Sverker Eriksson discovered that OpenSSL incorrectly handled POLY1304 MAC on the PowerPC architecture. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-6129) It was discovered that OpenSSL incorrectly handled excessively long RSA public keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-6237) Bahaa Naamneh discovered that OpenSSL incorrectly handled certain malformed PKCS12 files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2024-0727) Update Instructions: Run `sudo pro fix USN-6622-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl-dev - 1.1.1f-1ubuntu2.21 libssl-doc - 1.1.1f-1ubuntu2.21 libssl1.1 - 1.1.1f-1ubuntu2.21 openssl - 1.1.1f-1ubuntu2.21 No subscription required Low CVE-2023-5678 CVE-2023-6129 CVE-2023-6237 CVE-2024-0727 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain inputs that uses intcomma template filter. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6623-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 2:2.2.12-1ubuntu0.21 python3-django - 2:2.2.12-1ubuntu0.21 No subscription required Medium CVE-2024-24680 Ubuntu 20.04 LTS Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-45863) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) Update Instructions: Run `sudo pro fix USN-6625-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1030-iot - 5.4.0-1030.31 linux-headers-5.4.0-1030-iot - 5.4.0-1030.31 linux-image-5.4.0-1030-iot - 5.4.0-1030.31 linux-image-unsigned-5.4.0-1030-iot - 5.4.0-1030.31 linux-iot-headers-5.4.0-1030 - 5.4.0-1030.31 linux-iot-tools-5.4.0-1030 - 5.4.0-1030.31 linux-iot-tools-common - 5.4.0-1030.31 linux-modules-5.4.0-1030-iot - 5.4.0-1030.31 linux-tools-5.4.0-1030-iot - 5.4.0-1030.31 No subscription required linux-buildinfo-5.4.0-1037-xilinx-zynqmp - 5.4.0-1037.41 linux-headers-5.4.0-1037-xilinx-zynqmp - 5.4.0-1037.41 linux-image-5.4.0-1037-xilinx-zynqmp - 5.4.0-1037.41 linux-modules-5.4.0-1037-xilinx-zynqmp - 5.4.0-1037.41 linux-tools-5.4.0-1037-xilinx-zynqmp - 5.4.0-1037.41 linux-xilinx-zynqmp-headers-5.4.0-1037 - 5.4.0-1037.41 linux-xilinx-zynqmp-tools-5.4.0-1037 - 5.4.0-1037.41 No subscription required linux-buildinfo-5.4.0-1065-ibm - 5.4.0-1065.70 linux-headers-5.4.0-1065-ibm - 5.4.0-1065.70 linux-ibm-cloud-tools-common - 5.4.0-1065.70 linux-ibm-headers-5.4.0-1065 - 5.4.0-1065.70 linux-ibm-source-5.4.0 - 5.4.0-1065.70 linux-ibm-tools-5.4.0-1065 - 5.4.0-1065.70 linux-ibm-tools-common - 5.4.0-1065.70 linux-image-5.4.0-1065-ibm - 5.4.0-1065.70 linux-image-unsigned-5.4.0-1065-ibm - 5.4.0-1065.70 linux-modules-5.4.0-1065-ibm - 5.4.0-1065.70 linux-modules-extra-5.4.0-1065-ibm - 5.4.0-1065.70 linux-tools-5.4.0-1065-ibm - 5.4.0-1065.70 No subscription required linux-bluefield-headers-5.4.0-1078 - 5.4.0-1078.84 linux-bluefield-tools-5.4.0-1078 - 5.4.0-1078.84 linux-buildinfo-5.4.0-1078-bluefield - 5.4.0-1078.84 linux-headers-5.4.0-1078-bluefield - 5.4.0-1078.84 linux-image-5.4.0-1078-bluefield - 5.4.0-1078.84 linux-image-unsigned-5.4.0-1078-bluefield - 5.4.0-1078.84 linux-modules-5.4.0-1078-bluefield - 5.4.0-1078.84 linux-tools-5.4.0-1078-bluefield - 5.4.0-1078.84 No subscription required linux-buildinfo-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-cloud-tools-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-gkeop-cloud-tools-5.4.0-1085 - 5.4.0-1085.89 linux-gkeop-headers-5.4.0-1085 - 5.4.0-1085.89 linux-gkeop-source-5.4.0 - 5.4.0-1085.89 linux-gkeop-tools-5.4.0-1085 - 5.4.0-1085.89 linux-headers-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-image-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-image-unsigned-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-modules-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-modules-extra-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-tools-5.4.0-1085-gkeop - 5.4.0-1085.89 No subscription required linux-buildinfo-5.4.0-1106-kvm - 5.4.0-1106.113 linux-headers-5.4.0-1106-kvm - 5.4.0-1106.113 linux-image-5.4.0-1106-kvm - 5.4.0-1106.113 linux-image-unsigned-5.4.0-1106-kvm - 5.4.0-1106.113 linux-kvm-headers-5.4.0-1106 - 5.4.0-1106.113 linux-kvm-tools-5.4.0-1106 - 5.4.0-1106.113 linux-modules-5.4.0-1106-kvm - 5.4.0-1106.113 linux-tools-5.4.0-1106-kvm - 5.4.0-1106.113 No subscription required linux-buildinfo-5.4.0-1117-oracle - 5.4.0-1117.126 linux-headers-5.4.0-1117-oracle - 5.4.0-1117.126 linux-image-5.4.0-1117-oracle - 5.4.0-1117.126 linux-image-unsigned-5.4.0-1117-oracle - 5.4.0-1117.126 linux-modules-5.4.0-1117-oracle - 5.4.0-1117.126 linux-modules-extra-5.4.0-1117-oracle - 5.4.0-1117.126 linux-oracle-headers-5.4.0-1117 - 5.4.0-1117.126 linux-oracle-tools-5.4.0-1117 - 5.4.0-1117.126 linux-tools-5.4.0-1117-oracle - 5.4.0-1117.126 No subscription required linux-aws-cloud-tools-5.4.0-1118 - 5.4.0-1118.128 linux-aws-headers-5.4.0-1118 - 5.4.0-1118.128 linux-aws-tools-5.4.0-1118 - 5.4.0-1118.128 linux-buildinfo-5.4.0-1118-aws - 5.4.0-1118.128 linux-cloud-tools-5.4.0-1118-aws - 5.4.0-1118.128 linux-headers-5.4.0-1118-aws - 5.4.0-1118.128 linux-image-5.4.0-1118-aws - 5.4.0-1118.128 linux-image-unsigned-5.4.0-1118-aws - 5.4.0-1118.128 linux-modules-5.4.0-1118-aws - 5.4.0-1118.128 linux-modules-extra-5.4.0-1118-aws - 5.4.0-1118.128 linux-tools-5.4.0-1118-aws - 5.4.0-1118.128 No subscription required linux-azure-cloud-tools-5.4.0-1123 - 5.4.0-1123.130 linux-azure-headers-5.4.0-1123 - 5.4.0-1123.130 linux-azure-tools-5.4.0-1123 - 5.4.0-1123.130 linux-buildinfo-5.4.0-1123-azure - 5.4.0-1123.130 linux-cloud-tools-5.4.0-1123-azure - 5.4.0-1123.130 linux-headers-5.4.0-1123-azure - 5.4.0-1123.130 linux-image-5.4.0-1123-azure - 5.4.0-1123.130 linux-image-unsigned-5.4.0-1123-azure - 5.4.0-1123.130 linux-modules-5.4.0-1123-azure - 5.4.0-1123.130 linux-modules-extra-5.4.0-1123-azure - 5.4.0-1123.130 linux-tools-5.4.0-1123-azure - 5.4.0-1123.130 No subscription required linux-buildinfo-5.4.0-171-generic - 5.4.0-171.189 linux-buildinfo-5.4.0-171-generic-lpae - 5.4.0-171.189 linux-buildinfo-5.4.0-171-lowlatency - 5.4.0-171.189 linux-cloud-tools-5.4.0-171 - 5.4.0-171.189 linux-cloud-tools-5.4.0-171-generic - 5.4.0-171.189 linux-cloud-tools-5.4.0-171-lowlatency - 5.4.0-171.189 linux-cloud-tools-common - 5.4.0-171.189 linux-doc - 5.4.0-171.189 linux-headers-5.4.0-171 - 5.4.0-171.189 linux-headers-5.4.0-171-generic - 5.4.0-171.189 linux-headers-5.4.0-171-generic-lpae - 5.4.0-171.189 linux-headers-5.4.0-171-lowlatency - 5.4.0-171.189 linux-image-5.4.0-171-generic - 5.4.0-171.189 linux-image-5.4.0-171-generic-lpae - 5.4.0-171.189 linux-image-5.4.0-171-lowlatency - 5.4.0-171.189 linux-image-unsigned-5.4.0-171-generic - 5.4.0-171.189 linux-image-unsigned-5.4.0-171-lowlatency - 5.4.0-171.189 linux-libc-dev - 5.4.0-171.189 linux-modules-5.4.0-171-generic - 5.4.0-171.189 linux-modules-5.4.0-171-generic-lpae - 5.4.0-171.189 linux-modules-5.4.0-171-lowlatency - 5.4.0-171.189 linux-modules-extra-5.4.0-171-generic - 5.4.0-171.189 linux-source-5.4.0 - 5.4.0-171.189 linux-tools-5.4.0-171 - 5.4.0-171.189 linux-tools-5.4.0-171-generic - 5.4.0-171.189 linux-tools-5.4.0-171-generic-lpae - 5.4.0-171.189 linux-tools-5.4.0-171-lowlatency - 5.4.0-171.189 linux-tools-common - 5.4.0-171.189 linux-tools-host - 5.4.0-171.189 No subscription required linux-headers-iot - 5.4.0.1030.28 linux-image-iot - 5.4.0.1030.28 linux-iot - 5.4.0.1030.28 linux-tools-iot - 5.4.0.1030.28 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1037.37 linux-image-xilinx-zynqmp - 5.4.0.1037.37 linux-tools-xilinx-zynqmp - 5.4.0.1037.37 linux-xilinx-zynqmp - 5.4.0.1037.37 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1065.94 linux-ibm-lts-20.04 - 5.4.0.1065.94 linux-image-ibm-lts-20.04 - 5.4.0.1065.94 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1065.94 linux-tools-ibm-lts-20.04 - 5.4.0.1065.94 No subscription required linux-bluefield - 5.4.0.1078.73 linux-headers-bluefield - 5.4.0.1078.73 linux-image-bluefield - 5.4.0.1078.73 linux-tools-bluefield - 5.4.0.1078.73 No subscription required linux-cloud-tools-gkeop - 5.4.0.1085.83 linux-cloud-tools-gkeop-5.4 - 5.4.0.1085.83 linux-gkeop - 5.4.0.1085.83 linux-gkeop-5.4 - 5.4.0.1085.83 linux-headers-gkeop - 5.4.0.1085.83 linux-headers-gkeop-5.4 - 5.4.0.1085.83 linux-image-gkeop - 5.4.0.1085.83 linux-image-gkeop-5.4 - 5.4.0.1085.83 linux-modules-extra-gkeop - 5.4.0.1085.83 linux-modules-extra-gkeop-5.4 - 5.4.0.1085.83 linux-tools-gkeop - 5.4.0.1085.83 linux-tools-gkeop-5.4 - 5.4.0.1085.83 No subscription required linux-headers-kvm - 5.4.0.1106.102 linux-image-kvm - 5.4.0.1106.102 linux-kvm - 5.4.0.1106.102 linux-tools-kvm - 5.4.0.1106.102 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1117.110 linux-image-oracle-lts-20.04 - 5.4.0.1117.110 linux-oracle-lts-20.04 - 5.4.0.1117.110 linux-tools-oracle-lts-20.04 - 5.4.0.1117.110 No subscription required linux-aws-lts-20.04 - 5.4.0.1118.115 linux-headers-aws-lts-20.04 - 5.4.0.1118.115 linux-image-aws-lts-20.04 - 5.4.0.1118.115 linux-modules-extra-aws-lts-20.04 - 5.4.0.1118.115 linux-tools-aws-lts-20.04 - 5.4.0.1118.115 No subscription required linux-azure-lts-20.04 - 5.4.0.1123.116 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1123.116 linux-headers-azure-lts-20.04 - 5.4.0.1123.116 linux-image-azure-lts-20.04 - 5.4.0.1123.116 linux-modules-extra-azure-lts-20.04 - 5.4.0.1123.116 linux-tools-azure-lts-20.04 - 5.4.0.1123.116 No subscription required linux-cloud-tools-generic - 5.4.0.171.169 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.171.169 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.171.169 linux-cloud-tools-lowlatency - 5.4.0.171.169 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.171.169 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.171.169 linux-cloud-tools-virtual - 5.4.0.171.169 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.171.169 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.171.169 linux-crashdump - 5.4.0.171.169 linux-generic - 5.4.0.171.169 linux-generic-hwe-18.04 - 5.4.0.171.169 linux-generic-hwe-18.04-edge - 5.4.0.171.169 linux-generic-lpae - 5.4.0.171.169 linux-generic-lpae-hwe-18.04 - 5.4.0.171.169 linux-generic-lpae-hwe-18.04-edge - 5.4.0.171.169 linux-headers-generic - 5.4.0.171.169 linux-headers-generic-hwe-18.04 - 5.4.0.171.169 linux-headers-generic-hwe-18.04-edge - 5.4.0.171.169 linux-headers-generic-lpae - 5.4.0.171.169 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.171.169 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.171.169 linux-headers-lowlatency - 5.4.0.171.169 linux-headers-lowlatency-hwe-18.04 - 5.4.0.171.169 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.171.169 linux-headers-oem - 5.4.0.171.169 linux-headers-oem-osp1 - 5.4.0.171.169 linux-headers-virtual - 5.4.0.171.169 linux-headers-virtual-hwe-18.04 - 5.4.0.171.169 linux-headers-virtual-hwe-18.04-edge - 5.4.0.171.169 linux-image-extra-virtual - 5.4.0.171.169 linux-image-extra-virtual-hwe-18.04 - 5.4.0.171.169 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.171.169 linux-image-generic - 5.4.0.171.169 linux-image-generic-hwe-18.04 - 5.4.0.171.169 linux-image-generic-hwe-18.04-edge - 5.4.0.171.169 linux-image-generic-lpae - 5.4.0.171.169 linux-image-generic-lpae-hwe-18.04 - 5.4.0.171.169 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.171.169 linux-image-lowlatency - 5.4.0.171.169 linux-image-lowlatency-hwe-18.04 - 5.4.0.171.169 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.171.169 linux-image-oem - 5.4.0.171.169 linux-image-oem-osp1 - 5.4.0.171.169 linux-image-virtual - 5.4.0.171.169 linux-image-virtual-hwe-18.04 - 5.4.0.171.169 linux-image-virtual-hwe-18.04-edge - 5.4.0.171.169 linux-lowlatency - 5.4.0.171.169 linux-lowlatency-hwe-18.04 - 5.4.0.171.169 linux-lowlatency-hwe-18.04-edge - 5.4.0.171.169 linux-oem - 5.4.0.171.169 linux-oem-osp1 - 5.4.0.171.169 linux-oem-osp1-tools-host - 5.4.0.171.169 linux-oem-tools-host - 5.4.0.171.169 linux-source - 5.4.0.171.169 linux-tools-generic - 5.4.0.171.169 linux-tools-generic-hwe-18.04 - 5.4.0.171.169 linux-tools-generic-hwe-18.04-edge - 5.4.0.171.169 linux-tools-generic-lpae - 5.4.0.171.169 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.171.169 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.171.169 linux-tools-lowlatency - 5.4.0.171.169 linux-tools-lowlatency-hwe-18.04 - 5.4.0.171.169 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.171.169 linux-tools-oem - 5.4.0.171.169 linux-tools-oem-osp1 - 5.4.0.171.169 linux-tools-virtual - 5.4.0.171.169 linux-tools-virtual-hwe-18.04 - 5.4.0.171.169 linux-tools-virtual-hwe-18.04-edge - 5.4.0.171.169 linux-virtual - 5.4.0.171.169 linux-virtual-hwe-18.04 - 5.4.0.171.169 linux-virtual-hwe-18.04-edge - 5.4.0.171.169 No subscription required Medium CVE-2023-34324 CVE-2023-35827 CVE-2023-45863 CVE-2023-46343 Ubuntu 20.04 LTS Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-45863) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) Update Instructions: Run `sudo pro fix USN-6625-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1122-gcp - 5.4.0-1122.131 linux-gcp-headers-5.4.0-1122 - 5.4.0-1122.131 linux-gcp-tools-5.4.0-1122 - 5.4.0-1122.131 linux-headers-5.4.0-1122-gcp - 5.4.0-1122.131 linux-image-5.4.0-1122-gcp - 5.4.0-1122.131 linux-image-unsigned-5.4.0-1122-gcp - 5.4.0-1122.131 linux-modules-5.4.0-1122-gcp - 5.4.0-1122.131 linux-modules-extra-5.4.0-1122-gcp - 5.4.0-1122.131 linux-tools-5.4.0-1122-gcp - 5.4.0-1122.131 No subscription required linux-gcp-lts-20.04 - 5.4.0.1122.124 linux-headers-gcp-lts-20.04 - 5.4.0.1122.124 linux-image-gcp-lts-20.04 - 5.4.0.1122.124 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1122.124 linux-tools-gcp-lts-20.04 - 5.4.0.1122.124 No subscription required Medium CVE-2023-34324 CVE-2023-35827 CVE-2023-45863 CVE-2023-46343 Ubuntu 20.04 LTS Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-45863) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) Update Instructions: Run `sudo pro fix USN-6625-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1102-raspi - 5.4.0-1102.114 linux-headers-5.4.0-1102-raspi - 5.4.0-1102.114 linux-image-5.4.0-1102-raspi - 5.4.0-1102.114 linux-modules-5.4.0-1102-raspi - 5.4.0-1102.114 linux-raspi-headers-5.4.0-1102 - 5.4.0-1102.114 linux-raspi-tools-5.4.0-1102 - 5.4.0-1102.114 linux-tools-5.4.0-1102-raspi - 5.4.0-1102.114 No subscription required linux-headers-raspi - 5.4.0.1102.132 linux-headers-raspi-hwe-18.04 - 5.4.0.1102.132 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1102.132 linux-headers-raspi2 - 5.4.0.1102.132 linux-headers-raspi2-hwe-18.04 - 5.4.0.1102.132 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1102.132 linux-image-raspi - 5.4.0.1102.132 linux-image-raspi-hwe-18.04 - 5.4.0.1102.132 linux-image-raspi-hwe-18.04-edge - 5.4.0.1102.132 linux-image-raspi2 - 5.4.0.1102.132 linux-image-raspi2-hwe-18.04 - 5.4.0.1102.132 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1102.132 linux-raspi - 5.4.0.1102.132 linux-raspi-hwe-18.04 - 5.4.0.1102.132 linux-raspi-hwe-18.04-edge - 5.4.0.1102.132 linux-raspi2 - 5.4.0.1102.132 linux-raspi2-hwe-18.04 - 5.4.0.1102.132 linux-raspi2-hwe-18.04-edge - 5.4.0.1102.132 linux-tools-raspi - 5.4.0.1102.132 linux-tools-raspi-hwe-18.04 - 5.4.0.1102.132 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1102.132 linux-tools-raspi2 - 5.4.0.1102.132 linux-tools-raspi2-hwe-18.04 - 5.4.0.1102.132 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1102.132 No subscription required Medium CVE-2023-34324 CVE-2023-35827 CVE-2023-45863 CVE-2023-46343 Ubuntu 20.04 LTS Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32250, CVE-2023-32252, CVE-2023-32257) Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) Tom Dohrmann discovered that the Secure Encrypted Virtualization (SEV) implementation for AMD processors in the Linux kernel contained a race condition when accessing MMIO registers. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-46813) It was discovered that the Microchip USB Ethernet driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-6039) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle dynset expressions passed from userspace, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6622) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly handle locking during tipc_crypto_key_revoke() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2024-0641) Update Instructions: Run `sudo pro fix USN-6626-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-cloud-tools-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1036 - 5.15.0-1036.42~20.04.1 linux-gkeop-5.15-headers-5.15.0-1036 - 5.15.0-1036.42~20.04.1 linux-gkeop-5.15-tools-5.15.0-1036 - 5.15.0-1036.42~20.04.1 linux-headers-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-image-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-image-unsigned-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-modules-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-modules-extra-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-tools-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 No subscription required linux-buildinfo-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 linux-headers-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 linux-ibm-5.15-headers-5.15.0-1046 - 5.15.0-1046.49~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1046.49~20.04.1 linux-ibm-5.15-tools-5.15.0-1046 - 5.15.0-1046.49~20.04.1 linux-image-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 linux-image-unsigned-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 linux-modules-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 linux-modules-extra-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 linux-tools-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 No subscription required linux-buildinfo-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 linux-headers-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 linux-image-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 linux-image-unsigned-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 linux-modules-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 linux-modules-extra-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 linux-oracle-5.15-headers-5.15.0-1051 - 5.15.0-1051.57~20.04.1 linux-oracle-5.15-tools-5.15.0-1051 - 5.15.0-1051.57~20.04.1 linux-tools-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 No subscription required linux-buildinfo-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-gcp-5.15-headers-5.15.0-1051 - 5.15.0-1051.59~20.04.1 linux-gcp-5.15-tools-5.15.0-1051 - 5.15.0-1051.59~20.04.1 linux-headers-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-image-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-image-unsigned-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-modules-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-modules-extra-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-modules-iwlwifi-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-tools-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1053 - 5.15.0-1053.58~20.04.1 linux-aws-5.15-headers-5.15.0-1053 - 5.15.0-1053.58~20.04.1 linux-aws-5.15-tools-5.15.0-1053 - 5.15.0-1053.58~20.04.1 linux-buildinfo-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-cloud-tools-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-headers-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-image-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-image-unsigned-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-modules-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-modules-extra-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-tools-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 No subscription required linux-buildinfo-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-buildinfo-5.15.0-94-generic-64k - 5.15.0-94.104~20.04.1 linux-buildinfo-5.15.0-94-generic-lpae - 5.15.0-94.104~20.04.1 linux-buildinfo-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-buildinfo-5.15.0-94-lowlatency-64k - 5.15.0-94.104~20.04.1 linux-cloud-tools-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-cloud-tools-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-headers-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-headers-5.15.0-94-generic-64k - 5.15.0-94.104~20.04.1 linux-headers-5.15.0-94-generic-lpae - 5.15.0-94.104~20.04.1 linux-headers-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-headers-5.15.0-94-lowlatency-64k - 5.15.0-94.104~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-94 - 5.15.0-94.104~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-94.104~20.04.1 linux-hwe-5.15-headers-5.15.0-94 - 5.15.0-94.104~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-94.104~20.04.1 linux-hwe-5.15-tools-5.15.0-94 - 5.15.0-94.104~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-94.104~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-94.104~20.04.1 linux-image-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-image-5.15.0-94-generic-64k - 5.15.0-94.104~20.04.1 linux-image-5.15.0-94-generic-lpae - 5.15.0-94.104~20.04.1 linux-image-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-image-5.15.0-94-lowlatency-64k - 5.15.0-94.104~20.04.1 linux-image-unsigned-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-image-unsigned-5.15.0-94-generic-64k - 5.15.0-94.104~20.04.1 linux-image-unsigned-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-image-unsigned-5.15.0-94-lowlatency-64k - 5.15.0-94.104~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-94 - 5.15.0-94.104~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-94.104~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-94 - 5.15.0-94.104~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-94 - 5.15.0-94.104~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-94.104~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-94.104~20.04.1 linux-modules-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-modules-5.15.0-94-generic-64k - 5.15.0-94.104~20.04.1 linux-modules-5.15.0-94-generic-lpae - 5.15.0-94.104~20.04.1 linux-modules-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-modules-5.15.0-94-lowlatency-64k - 5.15.0-94.104~20.04.1 linux-modules-extra-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-modules-iwlwifi-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-modules-iwlwifi-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-tools-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-tools-5.15.0-94-generic-64k - 5.15.0-94.104~20.04.1 linux-tools-5.15.0-94-generic-lpae - 5.15.0-94.104~20.04.1 linux-tools-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-tools-5.15.0-94-lowlatency-64k - 5.15.0-94.104~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1036.42~20.04.32 linux-cloud-tools-gkeop-edge - 5.15.0.1036.42~20.04.32 linux-gkeop-5.15 - 5.15.0.1036.42~20.04.32 linux-gkeop-edge - 5.15.0.1036.42~20.04.32 linux-headers-gkeop-5.15 - 5.15.0.1036.42~20.04.32 linux-headers-gkeop-edge - 5.15.0.1036.42~20.04.32 linux-image-gkeop-5.15 - 5.15.0.1036.42~20.04.32 linux-image-gkeop-edge - 5.15.0.1036.42~20.04.32 linux-modules-extra-gkeop-5.15 - 5.15.0.1036.42~20.04.32 linux-modules-extra-gkeop-edge - 5.15.0.1036.42~20.04.32 linux-tools-gkeop-5.15 - 5.15.0.1036.42~20.04.32 linux-tools-gkeop-edge - 5.15.0.1036.42~20.04.32 No subscription required linux-headers-ibm - 5.15.0.1046.49~20.04.18 linux-headers-ibm-edge - 5.15.0.1046.49~20.04.18 linux-ibm - 5.15.0.1046.49~20.04.18 linux-ibm-edge - 5.15.0.1046.49~20.04.18 linux-image-ibm - 5.15.0.1046.49~20.04.18 linux-image-ibm-edge - 5.15.0.1046.49~20.04.18 linux-tools-ibm - 5.15.0.1046.49~20.04.18 linux-tools-ibm-edge - 5.15.0.1046.49~20.04.18 No subscription required linux-headers-oracle - 5.15.0.1051.57~20.04.1 linux-headers-oracle-edge - 5.15.0.1051.57~20.04.1 linux-image-oracle - 5.15.0.1051.57~20.04.1 linux-image-oracle-edge - 5.15.0.1051.57~20.04.1 linux-oracle - 5.15.0.1051.57~20.04.1 linux-oracle-edge - 5.15.0.1051.57~20.04.1 linux-tools-oracle - 5.15.0.1051.57~20.04.1 linux-tools-oracle-edge - 5.15.0.1051.57~20.04.1 No subscription required linux-gcp - 5.15.0.1051.59~20.04.1 linux-gcp-edge - 5.15.0.1051.59~20.04.1 linux-headers-gcp - 5.15.0.1051.59~20.04.1 linux-headers-gcp-edge - 5.15.0.1051.59~20.04.1 linux-image-gcp - 5.15.0.1051.59~20.04.1 linux-image-gcp-edge - 5.15.0.1051.59~20.04.1 linux-modules-extra-gcp - 5.15.0.1051.59~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1051.59~20.04.1 linux-tools-gcp - 5.15.0.1051.59~20.04.1 linux-tools-gcp-edge - 5.15.0.1051.59~20.04.1 No subscription required linux-aws - 5.15.0.1053.58~20.04.41 linux-aws-edge - 5.15.0.1053.58~20.04.41 linux-headers-aws - 5.15.0.1053.58~20.04.41 linux-headers-aws-edge - 5.15.0.1053.58~20.04.41 linux-image-aws - 5.15.0.1053.58~20.04.41 linux-image-aws-edge - 5.15.0.1053.58~20.04.41 linux-modules-extra-aws - 5.15.0.1053.58~20.04.41 linux-modules-extra-aws-edge - 5.15.0.1053.58~20.04.41 linux-tools-aws - 5.15.0.1053.58~20.04.41 linux-tools-aws-edge - 5.15.0.1053.58~20.04.41 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-headers-lowlatency-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-image-lowlatency-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-lowlatency-64k-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-lowlatency-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-lowlatency-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-tools-lowlatency-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.94.104~20.04.47 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-generic-64k-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-generic-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-generic-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-generic-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-generic-lpae-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-generic-lpae-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-headers-generic-64k-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-headers-generic-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-headers-generic-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-headers-oem-20.04 - 5.15.0.94.104~20.04.50 linux-headers-oem-20.04b - 5.15.0.94.104~20.04.50 linux-headers-oem-20.04c - 5.15.0.94.104~20.04.50 linux-headers-oem-20.04d - 5.15.0.94.104~20.04.50 linux-headers-virtual-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-headers-virtual-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-image-extra-virtual-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-image-generic-64k-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-image-generic-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-image-generic-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-image-generic-lpae-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-image-oem-20.04 - 5.15.0.94.104~20.04.50 linux-image-oem-20.04b - 5.15.0.94.104~20.04.50 linux-image-oem-20.04c - 5.15.0.94.104~20.04.50 linux-image-oem-20.04d - 5.15.0.94.104~20.04.50 linux-image-virtual-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-image-virtual-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-modules-iwlwifi-oem-20.04 - 5.15.0.94.104~20.04.50 linux-modules-iwlwifi-oem-20.04d - 5.15.0.94.104~20.04.50 linux-oem-20.04 - 5.15.0.94.104~20.04.50 linux-oem-20.04b - 5.15.0.94.104~20.04.50 linux-oem-20.04c - 5.15.0.94.104~20.04.50 linux-oem-20.04d - 5.15.0.94.104~20.04.50 linux-tools-generic-64k-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-tools-generic-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-tools-generic-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-tools-oem-20.04 - 5.15.0.94.104~20.04.50 linux-tools-oem-20.04b - 5.15.0.94.104~20.04.50 linux-tools-oem-20.04c - 5.15.0.94.104~20.04.50 linux-tools-oem-20.04d - 5.15.0.94.104~20.04.50 linux-tools-virtual-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-tools-virtual-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-virtual-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-virtual-hwe-20.04-edge - 5.15.0.94.104~20.04.50 No subscription required High CVE-2023-32250 CVE-2023-32252 CVE-2023-32257 CVE-2023-34324 CVE-2023-35827 CVE-2023-46813 CVE-2023-6039 CVE-2023-6176 CVE-2023-6622 CVE-2024-0641 Ubuntu 20.04 LTS Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32250, CVE-2023-32252, CVE-2023-32257) Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) Tom Dohrmann discovered that the Secure Encrypted Virtualization (SEV) implementation for AMD processors in the Linux kernel contained a race condition when accessing MMIO registers. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-46813) It was discovered that the Microchip USB Ethernet driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-6039) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle dynset expressions passed from userspace, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6622) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly handle locking during tipc_crypto_key_revoke() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2024-0641) Update Instructions: Run `sudo pro fix USN-6626-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1056 - 5.15.0-1056.64~20.04.1 linux-azure-5.15-headers-5.15.0-1056 - 5.15.0-1056.64~20.04.1 linux-azure-5.15-tools-5.15.0-1056 - 5.15.0-1056.64~20.04.1 linux-buildinfo-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-cloud-tools-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-headers-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-image-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-image-unsigned-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-modules-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-modules-extra-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-modules-iwlwifi-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-tools-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 No subscription required linux-image-5.15.0-1056-azure-fde - 5.15.0-1056.64~20.04.1.1 linux-image-unsigned-5.15.0-1056-azure-fde - 5.15.0-1056.64~20.04.1.1 No subscription required linux-azure-fde - 5.15.0.1056.64~20.04.1.34 linux-azure-fde-edge - 5.15.0.1056.64~20.04.1.34 linux-cloud-tools-azure-fde - 5.15.0.1056.64~20.04.1.34 linux-cloud-tools-azure-fde-edge - 5.15.0.1056.64~20.04.1.34 linux-headers-azure-fde - 5.15.0.1056.64~20.04.1.34 linux-headers-azure-fde-edge - 5.15.0.1056.64~20.04.1.34 linux-image-azure-fde - 5.15.0.1056.64~20.04.1.34 linux-image-azure-fde-edge - 5.15.0.1056.64~20.04.1.34 linux-modules-extra-azure-fde - 5.15.0.1056.64~20.04.1.34 linux-modules-extra-azure-fde-edge - 5.15.0.1056.64~20.04.1.34 linux-tools-azure-fde - 5.15.0.1056.64~20.04.1.34 linux-tools-azure-fde-edge - 5.15.0.1056.64~20.04.1.34 No subscription required linux-azure - 5.15.0.1056.64~20.04.45 linux-azure-cvm - 5.15.0.1056.64~20.04.45 linux-azure-edge - 5.15.0.1056.64~20.04.45 linux-cloud-tools-azure - 5.15.0.1056.64~20.04.45 linux-cloud-tools-azure-cvm - 5.15.0.1056.64~20.04.45 linux-cloud-tools-azure-edge - 5.15.0.1056.64~20.04.45 linux-headers-azure - 5.15.0.1056.64~20.04.45 linux-headers-azure-cvm - 5.15.0.1056.64~20.04.45 linux-headers-azure-edge - 5.15.0.1056.64~20.04.45 linux-image-azure - 5.15.0.1056.64~20.04.45 linux-image-azure-cvm - 5.15.0.1056.64~20.04.45 linux-image-azure-edge - 5.15.0.1056.64~20.04.45 linux-modules-extra-azure - 5.15.0.1056.64~20.04.45 linux-modules-extra-azure-cvm - 5.15.0.1056.64~20.04.45 linux-modules-extra-azure-edge - 5.15.0.1056.64~20.04.45 linux-tools-azure - 5.15.0.1056.64~20.04.45 linux-tools-azure-cvm - 5.15.0.1056.64~20.04.45 linux-tools-azure-edge - 5.15.0.1056.64~20.04.45 No subscription required High CVE-2023-32250 CVE-2023-32252 CVE-2023-32257 CVE-2023-34324 CVE-2023-35827 CVE-2023-46813 CVE-2023-6039 CVE-2023-6176 CVE-2023-6622 CVE-2024-0641 Ubuntu 20.04 LTS It was discovered that libde265 could be made to read out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2021-35452, CVE-2021-36411, CVE-2022-43238, CVE-2022-43241, CVE-2022-43242) It was discovered that libde265 did not properly manage memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2021-36408) It was discovered that libde265 contained a logical error. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2021-36409) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-36410, CVE-2022-43235, CVE-2022-43236, CVE-2022-43237, CVE-2022-43239, CVE-2022-43240, CVE-2022-43243, CVE-2022-43248, CVE-2022-43252, CVE-2022-43253) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1253) Update Instructions: Run `sudo pro fix USN-6627-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libde265-0 - 1.0.4-1ubuntu0.2 libde265-dev - 1.0.4-1ubuntu0.2 libde265-examples - 1.0.4-1ubuntu0.2 No subscription required Medium CVE-2021-35452 CVE-2021-36408 CVE-2021-36409 CVE-2021-36410 CVE-2021-36411 CVE-2022-1253 CVE-2022-43235 CVE-2022-43236 CVE-2022-43237 CVE-2022-43238 CVE-2022-43239 CVE-2022-43240 CVE-2022-43241 CVE-2022-43242 CVE-2022-43243 CVE-2022-43248 CVE-2022-43252 CVE-2022-43253 Ubuntu 20.04 LTS Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32250, CVE-2023-32252, CVE-2023-32257) Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) Tom Dohrmann discovered that the Secure Encrypted Virtualization (SEV) implementation for AMD processors in the Linux kernel contained a race condition when accessing MMIO registers. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-46813) It was discovered that the Microchip USB Ethernet driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-6039) Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6040) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle dynset expressions passed from userspace, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6622) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6817) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly check deactivated elements in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0193) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly handle locking during tipc_crypto_key_revoke() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2024-0641) Update Instructions: Run `sudo pro fix USN-6628-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-cloud-tools-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-headers-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-image-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-image-unsigned-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1048 - 5.15.0-1048.54~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1048.54~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1048 - 5.15.0-1048.54~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1048 - 5.15.0-1048.54~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1048.54~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1048.54~20.04.1 linux-modules-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-modules-extra-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-modules-iwlwifi-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-tools-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1048.54~20.04.38 linux-headers-intel - 5.15.0.1048.54~20.04.38 linux-headers-intel-iotg - 5.15.0.1048.54~20.04.38 linux-headers-intel-iotg-edge - 5.15.0.1048.54~20.04.38 linux-image-intel - 5.15.0.1048.54~20.04.38 linux-image-intel-iotg - 5.15.0.1048.54~20.04.38 linux-image-intel-iotg-edge - 5.15.0.1048.54~20.04.38 linux-intel - 5.15.0.1048.54~20.04.38 linux-intel-iotg - 5.15.0.1048.54~20.04.38 linux-intel-iotg-edge - 5.15.0.1048.54~20.04.38 linux-tools-intel - 5.15.0.1048.54~20.04.38 linux-tools-intel-iotg - 5.15.0.1048.54~20.04.38 linux-tools-intel-iotg-edge - 5.15.0.1048.54~20.04.38 No subscription required High CVE-2023-32250 CVE-2023-32252 CVE-2023-32257 CVE-2023-34324 CVE-2023-35827 CVE-2023-6040 CVE-2023-6622 CVE-2023-6932 CVE-2024-0641 CVE-2023-46813 CVE-2023-46813 CVE-2023-6039 CVE-2023-6176 CVE-2023-6606 CVE-2023-6817 CVE-2023-6931 CVE-2024-0193 Ubuntu 20.04 LTS USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2021-45958) Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An attacker could possibly use this issue to cause key confusion and overwrite values in dictionaries. (CVE-2022-31116) It was discovered that UltraJSON incorrectly handled an error when reallocating a buffer for string decoding. An attacker could possibly use this issue to corrupt memory. (CVE-2022-31117) Update Instructions: Run `sudo pro fix USN-6629-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-ujson - 1.35-4ubuntu0.1 No subscription required Medium CVE-2021-45958 Ubuntu 20.04 LTS USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2021-45958) Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An attacker could possibly use this issue to cause key confusion and overwrite values in dictionaries. (CVE-2022-31116) It was discovered that UltraJSON incorrectly handled an error when reallocating a buffer for string decoding. An attacker could possibly use this issue to corrupt memory. (CVE-2022-31117) Update Instructions: Run `sudo pro fix USN-6629-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-ujson - 1.35-4ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-31116 CVE-2022-31117 Ubuntu 20.04 LTS It was discovered that Glance_store incorrectly handled logging when the DEBUG log level is enabled. A local attacker could use this issue to obtain access_key values. Update Instructions: Run `sudo pro fix USN-6630-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-glance-store-doc - 2.0.0-0ubuntu4.3 python3-glance-store - 2.0.0-0ubuntu4.3 No subscription required Medium CVE-2024-1141 Ubuntu 20.04 LTS Marc Beatove discovered buffer overflows exit in EDK2. An attacker on the local network could potentially use this to impact availability or possibly cause remote code execution. (CVE-2022-36763, CVE-2022-36764, CVE-2022-36765) It was discovered that a buffer overflows exists in EDK2's Network Package An attacker on the local network could potentially use these to impact availability or possibly cause remote code execution. (CVE-2023-45230, CVE-2023-45234, CVE-2023-45235) It was discovered that an out-of-bounds read exists in EDK2's Network Package An attacker on the local network could potentially use this to impact confidentiality. (CVE-2023-45231) It was discovered that infinite-loops exists in EDK2's Network Package An attacker on the local network could potentially use these to impact availability. (CVE-2023-45232, CVE-2023-45233) Mate Kukri discovered that an insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. An attacker could use this to bypass Secure Boot. (CVE-2023-48733) Update Instructions: Run `sudo pro fix USN-6638-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ovmf - 0~20191122.bd85bf54-2ubuntu3.5 qemu-efi - 0~20191122.bd85bf54-2ubuntu3.5 qemu-efi-aarch64 - 0~20191122.bd85bf54-2ubuntu3.5 qemu-efi-arm - 0~20191122.bd85bf54-2ubuntu3.5 No subscription required Medium CVE-2022-36763 CVE-2022-36764 CVE-2022-36765 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2023-48733 https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137 Ubuntu 20.04 LTS It was discovered that shadow was not properly sanitizing memory when running the password utility. An attacker could possibly use this issue to retrieve a password from memory, exposing sensitive information. Update Instructions: Run `sudo pro fix USN-6640-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: login - 1:4.8.1-1ubuntu5.20.04.5 passwd - 1:4.8.1-1ubuntu5.20.04.5 uidmap - 1:4.8.1-1ubuntu5.20.04.5 No subscription required Low CVE-2023-4641 Ubuntu 20.04 LTS Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-4408) Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-50387) It was discovered that Bind incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-50868) It was discovered that Bind incorrectly handled reverse zone queries when nxdomain-redirect is enabled. A remote attacker could possibly use this issue to cause Bind to crash, leading to a denial of service. (CVE-2023-5517) It was discovered that Bind incorrectly handled certain specific recursive query patterns. A remote attacker could possibly use this issue to cause Bind to consume memory, leading to a denial of service. (CVE-2023-6516) Bind has been updated to 9.6.48. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://downloads.isc.org/isc/bind9/9.16.48/doc/arm/html/notes.html Update Instructions: Run `sudo pro fix USN-6642-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bind9 - 1:9.16.48-0ubuntu0.20.04.1 bind9-dnsutils - 1:9.16.48-0ubuntu0.20.04.1 bind9-doc - 1:9.16.48-0ubuntu0.20.04.1 bind9-host - 1:9.16.48-0ubuntu0.20.04.1 bind9-libs - 1:9.16.48-0ubuntu0.20.04.1 bind9-utils - 1:9.16.48-0ubuntu0.20.04.1 bind9utils - 1:9.16.48-0ubuntu0.20.04.1 dnsutils - 1:9.16.48-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-4408 CVE-2023-50387 CVE-2023-50868 CVE-2023-5517 CVE-2023-6516 Ubuntu 20.04 LTS Emre Durmaz discovered that NPM IP package incorrectly distinguished between private and public IP addresses. A remote attacker could possibly use this issue to perform Server-Side Request Forgery (SSRF) attacks. Update Instructions: Run `sudo pro fix USN-6643-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-ip - 1.1.5-5ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-42282 Ubuntu 20.04 LTS It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. (CVE-2023-52356) It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service. (CVE-2023-6228) It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to consume resources, resulting in a denial of service. (CVE-2023-6277) Update Instructions: Run `sudo pro fix USN-6644-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.12 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.12 libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.12 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.12 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.12 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.12 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.12 No subscription required Medium CVE-2023-52356 CVE-2023-6228 CVE-2023-6277 Ubuntu 20.04 LTS It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51781) Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6915) Robert Morris discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain server commands fields, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-0565) Jann Horn discovered that the TLS subsystem in the Linux kernel did not properly handle spliced messages, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0646) Update Instructions: Run `sudo pro fix USN-6648-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1031-iot - 5.4.0-1031.32 linux-headers-5.4.0-1031-iot - 5.4.0-1031.32 linux-image-5.4.0-1031-iot - 5.4.0-1031.32 linux-image-unsigned-5.4.0-1031-iot - 5.4.0-1031.32 linux-iot-headers-5.4.0-1031 - 5.4.0-1031.32 linux-iot-tools-5.4.0-1031 - 5.4.0-1031.32 linux-iot-tools-common - 5.4.0-1031.32 linux-modules-5.4.0-1031-iot - 5.4.0-1031.32 linux-tools-5.4.0-1031-iot - 5.4.0-1031.32 No subscription required linux-buildinfo-5.4.0-1038-xilinx-zynqmp - 5.4.0-1038.42 linux-headers-5.4.0-1038-xilinx-zynqmp - 5.4.0-1038.42 linux-image-5.4.0-1038-xilinx-zynqmp - 5.4.0-1038.42 linux-modules-5.4.0-1038-xilinx-zynqmp - 5.4.0-1038.42 linux-tools-5.4.0-1038-xilinx-zynqmp - 5.4.0-1038.42 linux-xilinx-zynqmp-headers-5.4.0-1038 - 5.4.0-1038.42 linux-xilinx-zynqmp-tools-5.4.0-1038 - 5.4.0-1038.42 No subscription required linux-buildinfo-5.4.0-1066-ibm - 5.4.0-1066.71 linux-headers-5.4.0-1066-ibm - 5.4.0-1066.71 linux-ibm-cloud-tools-common - 5.4.0-1066.71 linux-ibm-headers-5.4.0-1066 - 5.4.0-1066.71 linux-ibm-source-5.4.0 - 5.4.0-1066.71 linux-ibm-tools-5.4.0-1066 - 5.4.0-1066.71 linux-ibm-tools-common - 5.4.0-1066.71 linux-image-5.4.0-1066-ibm - 5.4.0-1066.71 linux-image-unsigned-5.4.0-1066-ibm - 5.4.0-1066.71 linux-modules-5.4.0-1066-ibm - 5.4.0-1066.71 linux-modules-extra-5.4.0-1066-ibm - 5.4.0-1066.71 linux-tools-5.4.0-1066-ibm - 5.4.0-1066.71 No subscription required linux-bluefield-headers-5.4.0-1079 - 5.4.0-1079.85 linux-bluefield-tools-5.4.0-1079 - 5.4.0-1079.85 linux-buildinfo-5.4.0-1079-bluefield - 5.4.0-1079.85 linux-headers-5.4.0-1079-bluefield - 5.4.0-1079.85 linux-image-5.4.0-1079-bluefield - 5.4.0-1079.85 linux-image-unsigned-5.4.0-1079-bluefield - 5.4.0-1079.85 linux-modules-5.4.0-1079-bluefield - 5.4.0-1079.85 linux-tools-5.4.0-1079-bluefield - 5.4.0-1079.85 No subscription required linux-buildinfo-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-cloud-tools-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-gkeop-cloud-tools-5.4.0-1086 - 5.4.0-1086.90 linux-gkeop-headers-5.4.0-1086 - 5.4.0-1086.90 linux-gkeop-source-5.4.0 - 5.4.0-1086.90 linux-gkeop-tools-5.4.0-1086 - 5.4.0-1086.90 linux-headers-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-image-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-image-unsigned-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-modules-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-modules-extra-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-tools-5.4.0-1086-gkeop - 5.4.0-1086.90 No subscription required linux-buildinfo-5.4.0-1103-raspi - 5.4.0-1103.115 linux-headers-5.4.0-1103-raspi - 5.4.0-1103.115 linux-image-5.4.0-1103-raspi - 5.4.0-1103.115 linux-modules-5.4.0-1103-raspi - 5.4.0-1103.115 linux-raspi-headers-5.4.0-1103 - 5.4.0-1103.115 linux-raspi-tools-5.4.0-1103 - 5.4.0-1103.115 linux-tools-5.4.0-1103-raspi - 5.4.0-1103.115 No subscription required linux-buildinfo-5.4.0-1107-kvm - 5.4.0-1107.114 linux-headers-5.4.0-1107-kvm - 5.4.0-1107.114 linux-image-5.4.0-1107-kvm - 5.4.0-1107.114 linux-image-unsigned-5.4.0-1107-kvm - 5.4.0-1107.114 linux-kvm-headers-5.4.0-1107 - 5.4.0-1107.114 linux-kvm-tools-5.4.0-1107 - 5.4.0-1107.114 linux-modules-5.4.0-1107-kvm - 5.4.0-1107.114 linux-tools-5.4.0-1107-kvm - 5.4.0-1107.114 No subscription required linux-buildinfo-5.4.0-1118-oracle - 5.4.0-1118.127 linux-headers-5.4.0-1118-oracle - 5.4.0-1118.127 linux-image-5.4.0-1118-oracle - 5.4.0-1118.127 linux-image-unsigned-5.4.0-1118-oracle - 5.4.0-1118.127 linux-modules-5.4.0-1118-oracle - 5.4.0-1118.127 linux-modules-extra-5.4.0-1118-oracle - 5.4.0-1118.127 linux-oracle-headers-5.4.0-1118 - 5.4.0-1118.127 linux-oracle-tools-5.4.0-1118 - 5.4.0-1118.127 linux-tools-5.4.0-1118-oracle - 5.4.0-1118.127 No subscription required linux-aws-cloud-tools-5.4.0-1119 - 5.4.0-1119.129 linux-aws-headers-5.4.0-1119 - 5.4.0-1119.129 linux-aws-tools-5.4.0-1119 - 5.4.0-1119.129 linux-buildinfo-5.4.0-1119-aws - 5.4.0-1119.129 linux-cloud-tools-5.4.0-1119-aws - 5.4.0-1119.129 linux-headers-5.4.0-1119-aws - 5.4.0-1119.129 linux-image-5.4.0-1119-aws - 5.4.0-1119.129 linux-image-unsigned-5.4.0-1119-aws - 5.4.0-1119.129 linux-modules-5.4.0-1119-aws - 5.4.0-1119.129 linux-modules-extra-5.4.0-1119-aws - 5.4.0-1119.129 linux-tools-5.4.0-1119-aws - 5.4.0-1119.129 No subscription required linux-buildinfo-5.4.0-1123-gcp - 5.4.0-1123.132 linux-gcp-headers-5.4.0-1123 - 5.4.0-1123.132 linux-gcp-tools-5.4.0-1123 - 5.4.0-1123.132 linux-headers-5.4.0-1123-gcp - 5.4.0-1123.132 linux-image-5.4.0-1123-gcp - 5.4.0-1123.132 linux-image-unsigned-5.4.0-1123-gcp - 5.4.0-1123.132 linux-modules-5.4.0-1123-gcp - 5.4.0-1123.132 linux-modules-extra-5.4.0-1123-gcp - 5.4.0-1123.132 linux-tools-5.4.0-1123-gcp - 5.4.0-1123.132 No subscription required linux-buildinfo-5.4.0-172-generic - 5.4.0-172.190 linux-buildinfo-5.4.0-172-generic-lpae - 5.4.0-172.190 linux-buildinfo-5.4.0-172-lowlatency - 5.4.0-172.190 linux-cloud-tools-5.4.0-172 - 5.4.0-172.190 linux-cloud-tools-5.4.0-172-generic - 5.4.0-172.190 linux-cloud-tools-5.4.0-172-lowlatency - 5.4.0-172.190 linux-cloud-tools-common - 5.4.0-172.190 linux-doc - 5.4.0-172.190 linux-headers-5.4.0-172 - 5.4.0-172.190 linux-headers-5.4.0-172-generic - 5.4.0-172.190 linux-headers-5.4.0-172-generic-lpae - 5.4.0-172.190 linux-headers-5.4.0-172-lowlatency - 5.4.0-172.190 linux-image-5.4.0-172-generic - 5.4.0-172.190 linux-image-5.4.0-172-generic-lpae - 5.4.0-172.190 linux-image-5.4.0-172-lowlatency - 5.4.0-172.190 linux-image-unsigned-5.4.0-172-generic - 5.4.0-172.190 linux-image-unsigned-5.4.0-172-lowlatency - 5.4.0-172.190 linux-libc-dev - 5.4.0-172.190 linux-modules-5.4.0-172-generic - 5.4.0-172.190 linux-modules-5.4.0-172-generic-lpae - 5.4.0-172.190 linux-modules-5.4.0-172-lowlatency - 5.4.0-172.190 linux-modules-extra-5.4.0-172-generic - 5.4.0-172.190 linux-source-5.4.0 - 5.4.0-172.190 linux-tools-5.4.0-172 - 5.4.0-172.190 linux-tools-5.4.0-172-generic - 5.4.0-172.190 linux-tools-5.4.0-172-generic-lpae - 5.4.0-172.190 linux-tools-5.4.0-172-lowlatency - 5.4.0-172.190 linux-tools-common - 5.4.0-172.190 linux-tools-host - 5.4.0-172.190 No subscription required linux-headers-iot - 5.4.0.1031.29 linux-image-iot - 5.4.0.1031.29 linux-iot - 5.4.0.1031.29 linux-tools-iot - 5.4.0.1031.29 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1038.38 linux-image-xilinx-zynqmp - 5.4.0.1038.38 linux-tools-xilinx-zynqmp - 5.4.0.1038.38 linux-xilinx-zynqmp - 5.4.0.1038.38 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1066.95 linux-ibm-lts-20.04 - 5.4.0.1066.95 linux-image-ibm-lts-20.04 - 5.4.0.1066.95 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1066.95 linux-tools-ibm-lts-20.04 - 5.4.0.1066.95 No subscription required linux-bluefield - 5.4.0.1079.74 linux-headers-bluefield - 5.4.0.1079.74 linux-image-bluefield - 5.4.0.1079.74 linux-tools-bluefield - 5.4.0.1079.74 No subscription required linux-cloud-tools-gkeop - 5.4.0.1086.84 linux-cloud-tools-gkeop-5.4 - 5.4.0.1086.84 linux-gkeop - 5.4.0.1086.84 linux-gkeop-5.4 - 5.4.0.1086.84 linux-headers-gkeop - 5.4.0.1086.84 linux-headers-gkeop-5.4 - 5.4.0.1086.84 linux-image-gkeop - 5.4.0.1086.84 linux-image-gkeop-5.4 - 5.4.0.1086.84 linux-modules-extra-gkeop - 5.4.0.1086.84 linux-modules-extra-gkeop-5.4 - 5.4.0.1086.84 linux-tools-gkeop - 5.4.0.1086.84 linux-tools-gkeop-5.4 - 5.4.0.1086.84 No subscription required linux-headers-raspi - 5.4.0.1103.133 linux-headers-raspi-hwe-18.04 - 5.4.0.1103.133 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1103.133 linux-headers-raspi2 - 5.4.0.1103.133 linux-headers-raspi2-hwe-18.04 - 5.4.0.1103.133 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1103.133 linux-image-raspi - 5.4.0.1103.133 linux-image-raspi-hwe-18.04 - 5.4.0.1103.133 linux-image-raspi-hwe-18.04-edge - 5.4.0.1103.133 linux-image-raspi2 - 5.4.0.1103.133 linux-image-raspi2-hwe-18.04 - 5.4.0.1103.133 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1103.133 linux-raspi - 5.4.0.1103.133 linux-raspi-hwe-18.04 - 5.4.0.1103.133 linux-raspi-hwe-18.04-edge - 5.4.0.1103.133 linux-raspi2 - 5.4.0.1103.133 linux-raspi2-hwe-18.04 - 5.4.0.1103.133 linux-raspi2-hwe-18.04-edge - 5.4.0.1103.133 linux-tools-raspi - 5.4.0.1103.133 linux-tools-raspi-hwe-18.04 - 5.4.0.1103.133 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1103.133 linux-tools-raspi2 - 5.4.0.1103.133 linux-tools-raspi2-hwe-18.04 - 5.4.0.1103.133 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1103.133 No subscription required linux-headers-kvm - 5.4.0.1107.103 linux-image-kvm - 5.4.0.1107.103 linux-kvm - 5.4.0.1107.103 linux-tools-kvm - 5.4.0.1107.103 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1118.111 linux-image-oracle-lts-20.04 - 5.4.0.1118.111 linux-oracle-lts-20.04 - 5.4.0.1118.111 linux-tools-oracle-lts-20.04 - 5.4.0.1118.111 No subscription required linux-aws-lts-20.04 - 5.4.0.1119.116 linux-headers-aws-lts-20.04 - 5.4.0.1119.116 linux-image-aws-lts-20.04 - 5.4.0.1119.116 linux-modules-extra-aws-lts-20.04 - 5.4.0.1119.116 linux-tools-aws-lts-20.04 - 5.4.0.1119.116 No subscription required linux-gcp-lts-20.04 - 5.4.0.1123.125 linux-headers-gcp-lts-20.04 - 5.4.0.1123.125 linux-image-gcp-lts-20.04 - 5.4.0.1123.125 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1123.125 linux-tools-gcp-lts-20.04 - 5.4.0.1123.125 No subscription required linux-cloud-tools-generic - 5.4.0.172.170 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.172.170 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.172.170 linux-cloud-tools-lowlatency - 5.4.0.172.170 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.172.170 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.172.170 linux-cloud-tools-virtual - 5.4.0.172.170 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.172.170 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.172.170 linux-crashdump - 5.4.0.172.170 linux-generic - 5.4.0.172.170 linux-generic-hwe-18.04 - 5.4.0.172.170 linux-generic-hwe-18.04-edge - 5.4.0.172.170 linux-generic-lpae - 5.4.0.172.170 linux-generic-lpae-hwe-18.04 - 5.4.0.172.170 linux-generic-lpae-hwe-18.04-edge - 5.4.0.172.170 linux-headers-generic - 5.4.0.172.170 linux-headers-generic-hwe-18.04 - 5.4.0.172.170 linux-headers-generic-hwe-18.04-edge - 5.4.0.172.170 linux-headers-generic-lpae - 5.4.0.172.170 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.172.170 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.172.170 linux-headers-lowlatency - 5.4.0.172.170 linux-headers-lowlatency-hwe-18.04 - 5.4.0.172.170 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.172.170 linux-headers-oem - 5.4.0.172.170 linux-headers-oem-osp1 - 5.4.0.172.170 linux-headers-virtual - 5.4.0.172.170 linux-headers-virtual-hwe-18.04 - 5.4.0.172.170 linux-headers-virtual-hwe-18.04-edge - 5.4.0.172.170 linux-image-extra-virtual - 5.4.0.172.170 linux-image-extra-virtual-hwe-18.04 - 5.4.0.172.170 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.172.170 linux-image-generic - 5.4.0.172.170 linux-image-generic-hwe-18.04 - 5.4.0.172.170 linux-image-generic-hwe-18.04-edge - 5.4.0.172.170 linux-image-generic-lpae - 5.4.0.172.170 linux-image-generic-lpae-hwe-18.04 - 5.4.0.172.170 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.172.170 linux-image-lowlatency - 5.4.0.172.170 linux-image-lowlatency-hwe-18.04 - 5.4.0.172.170 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.172.170 linux-image-oem - 5.4.0.172.170 linux-image-oem-osp1 - 5.4.0.172.170 linux-image-virtual - 5.4.0.172.170 linux-image-virtual-hwe-18.04 - 5.4.0.172.170 linux-image-virtual-hwe-18.04-edge - 5.4.0.172.170 linux-lowlatency - 5.4.0.172.170 linux-lowlatency-hwe-18.04 - 5.4.0.172.170 linux-lowlatency-hwe-18.04-edge - 5.4.0.172.170 linux-oem - 5.4.0.172.170 linux-oem-osp1 - 5.4.0.172.170 linux-oem-osp1-tools-host - 5.4.0.172.170 linux-oem-tools-host - 5.4.0.172.170 linux-source - 5.4.0.172.170 linux-tools-generic - 5.4.0.172.170 linux-tools-generic-hwe-18.04 - 5.4.0.172.170 linux-tools-generic-hwe-18.04-edge - 5.4.0.172.170 linux-tools-generic-lpae - 5.4.0.172.170 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.172.170 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.172.170 linux-tools-lowlatency - 5.4.0.172.170 linux-tools-lowlatency-hwe-18.04 - 5.4.0.172.170 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.172.170 linux-tools-oem - 5.4.0.172.170 linux-tools-oem-osp1 - 5.4.0.172.170 linux-tools-virtual - 5.4.0.172.170 linux-tools-virtual-hwe-18.04 - 5.4.0.172.170 linux-tools-virtual-hwe-18.04-edge - 5.4.0.172.170 linux-virtual - 5.4.0.172.170 linux-virtual-hwe-18.04 - 5.4.0.172.170 linux-virtual-hwe-18.04-edge - 5.4.0.172.170 No subscription required High CVE-2023-51781 CVE-2023-6915 CVE-2024-0565 CVE-2024-0646 Ubuntu 20.04 LTS It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51781) Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6915) Robert Morris discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain server commands fields, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-0565) Jann Horn discovered that the TLS subsystem in the Linux kernel did not properly handle spliced messages, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0646) Update Instructions: Run `sudo pro fix USN-6648-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-5.4.0-1124 - 5.4.0-1124.131 linux-azure-headers-5.4.0-1124 - 5.4.0-1124.131 linux-azure-tools-5.4.0-1124 - 5.4.0-1124.131 linux-buildinfo-5.4.0-1124-azure - 5.4.0-1124.131 linux-cloud-tools-5.4.0-1124-azure - 5.4.0-1124.131 linux-headers-5.4.0-1124-azure - 5.4.0-1124.131 linux-image-5.4.0-1124-azure - 5.4.0-1124.131 linux-image-unsigned-5.4.0-1124-azure - 5.4.0-1124.131 linux-modules-5.4.0-1124-azure - 5.4.0-1124.131 linux-modules-extra-5.4.0-1124-azure - 5.4.0-1124.131 linux-tools-5.4.0-1124-azure - 5.4.0-1124.131 No subscription required linux-azure-lts-20.04 - 5.4.0.1124.117 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1124.117 linux-headers-azure-lts-20.04 - 5.4.0.1124.117 linux-image-azure-lts-20.04 - 5.4.0.1124.117 linux-modules-extra-azure-lts-20.04 - 5.4.0.1124.117 linux-tools-azure-lts-20.04 - 5.4.0.1124.117 No subscription required High CVE-2023-51781 CVE-2023-6915 CVE-2024-0565 CVE-2024-0646 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1553, CVE-2024-1554, CVE-2024-1555, CVE-2024-1557) Alfred Peters discovered that Firefox did not properly manage memory when storing and re-accessing data on a networking channel. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-1546) Johan Carlsson discovered that Firefox incorrectly handled Set-Cookie response headers in multipart HTTP responses. An attacker could potentially exploit this issue to inject arbitrary cookie values. (CVE-2024-1551) Gary Kwong discovered that Firefox incorrectly generated codes on 32-bit ARM devices, which could lead to unexpected numeric conversions or undefined behaviour. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-1552) Ronald Crane discovered that Firefox did not properly manage memory when accessing the built-in profiler. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-1556) Update Instructions: Run `sudo pro fix USN-6649-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 123.0+build3-0ubuntu0.20.04.1 firefox-dev - 123.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-nl - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-szl - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-tg - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 123.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 123.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-1546 CVE-2024-1547 CVE-2024-1548 CVE-2024-1549 CVE-2024-1550 CVE-2024-1551 CVE-2024-1552 CVE-2024-1553 CVE-2024-1554 CVE-2024-1555 CVE-2024-1556 CVE-2024-1557 Ubuntu 20.04 LTS USN-6649-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1553, CVE-2024-1554, CVE-2024-1555, CVE-2024-1557) Alfred Peters discovered that Firefox did not properly manage memory when storing and re-accessing data on a networking channel. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-1546) Johan Carlsson discovered that Firefox incorrectly handled Set-Cookie response headers in multipart HTTP responses. An attacker could potentially exploit this issue to inject arbitrary cookie values. (CVE-2024-1551) Gary Kwong discovered that Firefox incorrectly generated codes on 32-bit ARM devices, which could lead to unexpected numeric conversions or undefined behaviour. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-1552) Ronald Crane discovered that Firefox did not properly manage memory when accessing the built-in profiler. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-1556) Update Instructions: Run `sudo pro fix USN-6649-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 123.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 123.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nl - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 123.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 123.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2056258 Ubuntu 20.04 LTS It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51781) Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6915) Robert Morris discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain server commands fields, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-0565) Jann Horn discovered that the TLS subsystem in the Linux kernel did not properly handle spliced messages, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0646) Update Instructions: Run `sudo pro fix USN-6653-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-cloud-tools-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1037 - 5.15.0-1037.43~20.04.1 linux-gkeop-5.15-headers-5.15.0-1037 - 5.15.0-1037.43~20.04.1 linux-gkeop-5.15-tools-5.15.0-1037 - 5.15.0-1037.43~20.04.1 linux-headers-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-image-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-image-unsigned-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-modules-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-modules-extra-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-tools-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 No subscription required linux-buildinfo-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 linux-headers-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 linux-ibm-5.15-headers-5.15.0-1047 - 5.15.0-1047.50~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1047.50~20.04.1 linux-ibm-5.15-tools-5.15.0-1047 - 5.15.0-1047.50~20.04.1 linux-image-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 linux-image-unsigned-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 linux-modules-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 linux-modules-extra-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 linux-tools-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 No subscription required linux-buildinfo-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-cloud-tools-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-headers-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-image-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-image-unsigned-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1049 - 5.15.0-1049.55~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1049.55~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1049 - 5.15.0-1049.55~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1049 - 5.15.0-1049.55~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1049.55~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1049.55~20.04.1 linux-modules-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-modules-extra-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-modules-iwlwifi-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-tools-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 No subscription required linux-buildinfo-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 linux-headers-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 linux-image-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 linux-image-unsigned-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 linux-modules-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 linux-modules-extra-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 linux-oracle-5.15-headers-5.15.0-1052 - 5.15.0-1052.58~20.04.1 linux-oracle-5.15-tools-5.15.0-1052 - 5.15.0-1052.58~20.04.1 linux-tools-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 No subscription required linux-buildinfo-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-gcp-5.15-headers-5.15.0-1052 - 5.15.0-1052.60~20.04.1 linux-gcp-5.15-tools-5.15.0-1052 - 5.15.0-1052.60~20.04.1 linux-headers-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-image-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-image-unsigned-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-modules-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-modules-extra-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-modules-iwlwifi-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-tools-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1057 - 5.15.0-1057.65~20.04.1 linux-azure-5.15-headers-5.15.0-1057 - 5.15.0-1057.65~20.04.1 linux-azure-5.15-tools-5.15.0-1057 - 5.15.0-1057.65~20.04.1 linux-buildinfo-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-cloud-tools-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-headers-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-image-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-image-unsigned-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-modules-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-modules-extra-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-modules-iwlwifi-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-tools-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 No subscription required linux-image-5.15.0-1057-azure-fde - 5.15.0-1057.65~20.04.1.1 linux-image-unsigned-5.15.0-1057-azure-fde - 5.15.0-1057.65~20.04.1.1 No subscription required linux-buildinfo-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-buildinfo-5.15.0-97-generic-64k - 5.15.0-97.107~20.04.1 linux-buildinfo-5.15.0-97-generic-lpae - 5.15.0-97.107~20.04.1 linux-buildinfo-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-buildinfo-5.15.0-97-lowlatency-64k - 5.15.0-97.107~20.04.1 linux-cloud-tools-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-cloud-tools-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-headers-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-headers-5.15.0-97-generic-64k - 5.15.0-97.107~20.04.1 linux-headers-5.15.0-97-generic-lpae - 5.15.0-97.107~20.04.1 linux-headers-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-headers-5.15.0-97-lowlatency-64k - 5.15.0-97.107~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-97 - 5.15.0-97.107~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-97.107~20.04.1 linux-hwe-5.15-headers-5.15.0-97 - 5.15.0-97.107~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-97.107~20.04.1 linux-hwe-5.15-tools-5.15.0-97 - 5.15.0-97.107~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-97.107~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-97.107~20.04.1 linux-image-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-image-5.15.0-97-generic-64k - 5.15.0-97.107~20.04.1 linux-image-5.15.0-97-generic-lpae - 5.15.0-97.107~20.04.1 linux-image-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-image-5.15.0-97-lowlatency-64k - 5.15.0-97.107~20.04.1 linux-image-unsigned-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-image-unsigned-5.15.0-97-generic-64k - 5.15.0-97.107~20.04.1 linux-image-unsigned-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-image-unsigned-5.15.0-97-lowlatency-64k - 5.15.0-97.107~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-97 - 5.15.0-97.107~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-97.107~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-97 - 5.15.0-97.107~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-97 - 5.15.0-97.107~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-97.107~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-97.107~20.04.1 linux-modules-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-modules-5.15.0-97-generic-64k - 5.15.0-97.107~20.04.1 linux-modules-5.15.0-97-generic-lpae - 5.15.0-97.107~20.04.1 linux-modules-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-modules-5.15.0-97-lowlatency-64k - 5.15.0-97.107~20.04.1 linux-modules-extra-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-modules-iwlwifi-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-modules-iwlwifi-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-tools-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-tools-5.15.0-97-generic-64k - 5.15.0-97.107~20.04.1 linux-tools-5.15.0-97-generic-lpae - 5.15.0-97.107~20.04.1 linux-tools-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-tools-5.15.0-97-lowlatency-64k - 5.15.0-97.107~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1037.43~20.04.33 linux-cloud-tools-gkeop-edge - 5.15.0.1037.43~20.04.33 linux-gkeop-5.15 - 5.15.0.1037.43~20.04.33 linux-gkeop-edge - 5.15.0.1037.43~20.04.33 linux-headers-gkeop-5.15 - 5.15.0.1037.43~20.04.33 linux-headers-gkeop-edge - 5.15.0.1037.43~20.04.33 linux-image-gkeop-5.15 - 5.15.0.1037.43~20.04.33 linux-image-gkeop-edge - 5.15.0.1037.43~20.04.33 linux-modules-extra-gkeop-5.15 - 5.15.0.1037.43~20.04.33 linux-modules-extra-gkeop-edge - 5.15.0.1037.43~20.04.33 linux-tools-gkeop-5.15 - 5.15.0.1037.43~20.04.33 linux-tools-gkeop-edge - 5.15.0.1037.43~20.04.33 No subscription required linux-headers-ibm - 5.15.0.1047.50~20.04.19 linux-headers-ibm-edge - 5.15.0.1047.50~20.04.19 linux-ibm - 5.15.0.1047.50~20.04.19 linux-ibm-edge - 5.15.0.1047.50~20.04.19 linux-image-ibm - 5.15.0.1047.50~20.04.19 linux-image-ibm-edge - 5.15.0.1047.50~20.04.19 linux-tools-ibm - 5.15.0.1047.50~20.04.19 linux-tools-ibm-edge - 5.15.0.1047.50~20.04.19 No subscription required linux-cloud-tools-intel - 5.15.0.1049.55~20.04.39 linux-headers-intel - 5.15.0.1049.55~20.04.39 linux-headers-intel-iotg - 5.15.0.1049.55~20.04.39 linux-headers-intel-iotg-edge - 5.15.0.1049.55~20.04.39 linux-image-intel - 5.15.0.1049.55~20.04.39 linux-image-intel-iotg - 5.15.0.1049.55~20.04.39 linux-image-intel-iotg-edge - 5.15.0.1049.55~20.04.39 linux-intel - 5.15.0.1049.55~20.04.39 linux-intel-iotg - 5.15.0.1049.55~20.04.39 linux-intel-iotg-edge - 5.15.0.1049.55~20.04.39 linux-tools-intel - 5.15.0.1049.55~20.04.39 linux-tools-intel-iotg - 5.15.0.1049.55~20.04.39 linux-tools-intel-iotg-edge - 5.15.0.1049.55~20.04.39 No subscription required linux-headers-oracle - 5.15.0.1052.58~20.04.1 linux-headers-oracle-edge - 5.15.0.1052.58~20.04.1 linux-image-oracle - 5.15.0.1052.58~20.04.1 linux-image-oracle-edge - 5.15.0.1052.58~20.04.1 linux-oracle - 5.15.0.1052.58~20.04.1 linux-oracle-edge - 5.15.0.1052.58~20.04.1 linux-tools-oracle - 5.15.0.1052.58~20.04.1 linux-tools-oracle-edge - 5.15.0.1052.58~20.04.1 No subscription required linux-gcp - 5.15.0.1052.60~20.04.1 linux-gcp-edge - 5.15.0.1052.60~20.04.1 linux-headers-gcp - 5.15.0.1052.60~20.04.1 linux-headers-gcp-edge - 5.15.0.1052.60~20.04.1 linux-image-gcp - 5.15.0.1052.60~20.04.1 linux-image-gcp-edge - 5.15.0.1052.60~20.04.1 linux-modules-extra-gcp - 5.15.0.1052.60~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1052.60~20.04.1 linux-tools-gcp - 5.15.0.1052.60~20.04.1 linux-tools-gcp-edge - 5.15.0.1052.60~20.04.1 No subscription required linux-azure-fde - 5.15.0.1057.65~20.04.1.35 linux-azure-fde-edge - 5.15.0.1057.65~20.04.1.35 linux-cloud-tools-azure-fde - 5.15.0.1057.65~20.04.1.35 linux-cloud-tools-azure-fde-edge - 5.15.0.1057.65~20.04.1.35 linux-headers-azure-fde - 5.15.0.1057.65~20.04.1.35 linux-headers-azure-fde-edge - 5.15.0.1057.65~20.04.1.35 linux-image-azure-fde - 5.15.0.1057.65~20.04.1.35 linux-image-azure-fde-edge - 5.15.0.1057.65~20.04.1.35 linux-modules-extra-azure-fde - 5.15.0.1057.65~20.04.1.35 linux-modules-extra-azure-fde-edge - 5.15.0.1057.65~20.04.1.35 linux-tools-azure-fde - 5.15.0.1057.65~20.04.1.35 linux-tools-azure-fde-edge - 5.15.0.1057.65~20.04.1.35 No subscription required linux-azure - 5.15.0.1057.65~20.04.46 linux-azure-cvm - 5.15.0.1057.65~20.04.46 linux-azure-edge - 5.15.0.1057.65~20.04.46 linux-cloud-tools-azure - 5.15.0.1057.65~20.04.46 linux-cloud-tools-azure-cvm - 5.15.0.1057.65~20.04.46 linux-cloud-tools-azure-edge - 5.15.0.1057.65~20.04.46 linux-headers-azure - 5.15.0.1057.65~20.04.46 linux-headers-azure-cvm - 5.15.0.1057.65~20.04.46 linux-headers-azure-edge - 5.15.0.1057.65~20.04.46 linux-image-azure - 5.15.0.1057.65~20.04.46 linux-image-azure-cvm - 5.15.0.1057.65~20.04.46 linux-image-azure-edge - 5.15.0.1057.65~20.04.46 linux-modules-extra-azure - 5.15.0.1057.65~20.04.46 linux-modules-extra-azure-cvm - 5.15.0.1057.65~20.04.46 linux-modules-extra-azure-edge - 5.15.0.1057.65~20.04.46 linux-tools-azure - 5.15.0.1057.65~20.04.46 linux-tools-azure-cvm - 5.15.0.1057.65~20.04.46 linux-tools-azure-edge - 5.15.0.1057.65~20.04.46 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-headers-lowlatency-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-image-lowlatency-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-lowlatency-64k-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-lowlatency-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-lowlatency-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-tools-lowlatency-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.97.107~20.04.48 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-generic-64k-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-generic-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-generic-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-generic-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-generic-lpae-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-generic-lpae-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-headers-generic-64k-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-headers-generic-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-headers-generic-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-headers-oem-20.04 - 5.15.0.97.107~20.04.51 linux-headers-oem-20.04b - 5.15.0.97.107~20.04.51 linux-headers-oem-20.04c - 5.15.0.97.107~20.04.51 linux-headers-oem-20.04d - 5.15.0.97.107~20.04.51 linux-headers-virtual-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-headers-virtual-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-image-extra-virtual-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-image-generic-64k-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-image-generic-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-image-generic-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-image-generic-lpae-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-image-oem-20.04 - 5.15.0.97.107~20.04.51 linux-image-oem-20.04b - 5.15.0.97.107~20.04.51 linux-image-oem-20.04c - 5.15.0.97.107~20.04.51 linux-image-oem-20.04d - 5.15.0.97.107~20.04.51 linux-image-virtual-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-image-virtual-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-modules-iwlwifi-oem-20.04 - 5.15.0.97.107~20.04.51 linux-modules-iwlwifi-oem-20.04d - 5.15.0.97.107~20.04.51 linux-oem-20.04 - 5.15.0.97.107~20.04.51 linux-oem-20.04b - 5.15.0.97.107~20.04.51 linux-oem-20.04c - 5.15.0.97.107~20.04.51 linux-oem-20.04d - 5.15.0.97.107~20.04.51 linux-tools-generic-64k-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-tools-generic-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-tools-generic-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-tools-oem-20.04 - 5.15.0.97.107~20.04.51 linux-tools-oem-20.04b - 5.15.0.97.107~20.04.51 linux-tools-oem-20.04c - 5.15.0.97.107~20.04.51 linux-tools-oem-20.04d - 5.15.0.97.107~20.04.51 linux-tools-virtual-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-tools-virtual-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-virtual-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-virtual-hwe-20.04-edge - 5.15.0.97.107~20.04.51 No subscription required High CVE-2023-51780 CVE-2023-51781 CVE-2023-6915 CVE-2024-0565 CVE-2024-0646 Ubuntu 20.04 LTS It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51781) Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6915) Robert Morris discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain server commands fields, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-0565) Jann Horn discovered that the TLS subsystem in the Linux kernel did not properly handle spliced messages, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0646) Update Instructions: Run `sudo pro fix USN-6653-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-cloud-tools-5.15.0-1055 - 5.15.0-1055.60~20.04.1 linux-aws-5.15-headers-5.15.0-1055 - 5.15.0-1055.60~20.04.1 linux-aws-5.15-tools-5.15.0-1055 - 5.15.0-1055.60~20.04.1 linux-buildinfo-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-cloud-tools-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-headers-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-image-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-image-unsigned-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-modules-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-modules-extra-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-tools-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 No subscription required linux-aws - 5.15.0.1055.60~20.04.42 linux-aws-edge - 5.15.0.1055.60~20.04.42 linux-headers-aws - 5.15.0.1055.60~20.04.42 linux-headers-aws-edge - 5.15.0.1055.60~20.04.42 linux-image-aws - 5.15.0.1055.60~20.04.42 linux-image-aws-edge - 5.15.0.1055.60~20.04.42 linux-modules-extra-aws - 5.15.0.1055.60~20.04.42 linux-modules-extra-aws-edge - 5.15.0.1055.60~20.04.42 linux-tools-aws - 5.15.0.1055.60~20.04.42 linux-tools-aws-edge - 5.15.0.1055.60~20.04.42 No subscription required High CVE-2023-51780 CVE-2023-51781 CVE-2023-6915 CVE-2024-0565 CVE-2024-0646 Ubuntu 20.04 LTS It was discovered that Roundcube Webmail incorrectly sanitized characters in the linkrefs text messages. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. (CVE-2023-43770) Update Instructions: Run `sudo pro fix USN-6654-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: roundcube - 1.4.3+dfsg.1-1ubuntu0.1~esm3 roundcube-core - 1.4.3+dfsg.1-1ubuntu0.1~esm3 roundcube-mysql - 1.4.3+dfsg.1-1ubuntu0.1~esm3 roundcube-pgsql - 1.4.3+dfsg.1-1ubuntu0.1~esm3 roundcube-plugins - 1.4.3+dfsg.1-1ubuntu0.1~esm3 roundcube-sqlite3 - 1.4.3+dfsg.1-1ubuntu0.1~esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-43770 Ubuntu 20.04 LTS It was discovered that GNU binutils was not properly handling the logic behind certain memory management related operations, which could lead to an invalid memory access. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-47695) It was discovered that GNU binutils was not properly performing bounds checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-48063) It was discovered that GNU binutils incorrectly handled memory management operations in several of its functions, which could lead to excessive memory consumption due to memory leaks. An attacker could possibly use these issues to cause a denial of service. (CVE-2022-48065) Update Instructions: Run `sudo pro fix USN-6655-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils - 2.34-6ubuntu1.9 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.9 binutils-alpha-linux-gnu - 2.34-6ubuntu1.9 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.9 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.9 binutils-common - 2.34-6ubuntu1.9 binutils-dev - 2.34-6ubuntu1.9 binutils-doc - 2.34-6ubuntu1.9 binutils-for-build - 2.34-6ubuntu1.9 binutils-for-host - 2.34-6ubuntu1.9 binutils-hppa-linux-gnu - 2.34-6ubuntu1.9 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.9 binutils-i686-gnu - 2.34-6ubuntu1.9 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.9 binutils-i686-linux-gnu - 2.34-6ubuntu1.9 binutils-ia64-linux-gnu - 2.34-6ubuntu1.9 binutils-m68k-linux-gnu - 2.34-6ubuntu1.9 binutils-multiarch - 2.34-6ubuntu1.9 binutils-multiarch-dev - 2.34-6ubuntu1.9 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.9 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.9 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.9 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.9 binutils-s390x-linux-gnu - 2.34-6ubuntu1.9 binutils-sh4-linux-gnu - 2.34-6ubuntu1.9 binutils-source - 2.34-6ubuntu1.9 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.9 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.9 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.9 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.9 libbinutils - 2.34-6ubuntu1.9 libctf-nobfd0 - 2.34-6ubuntu1.9 libctf0 - 2.34-6ubuntu1.9 No subscription required Medium CVE-2022-47695 CVE-2022-48063 CVE-2022-48065 Ubuntu 20.04 LTS It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a user or automatic system were tricked into running a specially crafted command, a remote attacker could possibly use this issue to execute arbitrary SQL functions. Update Instructions: Run `sudo pro fix USN-6656-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libecpg-compat3 - 12.18-0ubuntu0.20.04.1 libecpg-dev - 12.18-0ubuntu0.20.04.1 libecpg6 - 12.18-0ubuntu0.20.04.1 libpgtypes3 - 12.18-0ubuntu0.20.04.1 libpq-dev - 12.18-0ubuntu0.20.04.1 libpq5 - 12.18-0ubuntu0.20.04.1 postgresql-12 - 12.18-0ubuntu0.20.04.1 postgresql-client-12 - 12.18-0ubuntu0.20.04.1 postgresql-doc-12 - 12.18-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.18-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.18-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.18-0ubuntu0.20.04.1 postgresql-server-dev-12 - 12.18-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-0985 Ubuntu 20.04 LTS Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Dnsmasq icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. (CVE-2023-50387) It was discovered that Dnsmasq incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. (CVE-2023-50868) It was discovered that Dnsmasq incorrectly set the maximum EDNS.0 UDP packet size as required by DNS Flag Day 2020. This issue only affected Ubuntu 23.10. (CVE-2023-28450) Update Instructions: Run `sudo pro fix USN-6657-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsmasq - 2.90-0ubuntu0.20.04.1 dnsmasq-base - 2.90-0ubuntu0.20.04.1 dnsmasq-base-lua - 2.90-0ubuntu0.20.04.1 dnsmasq-utils - 2.90-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-28450 CVE-2023-50387 CVE-2023-50868 Ubuntu 20.04 LTS It was discovered that libxml2 incorrectly handled certain XML documents. A remote attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6658-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.7 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.7 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.7 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.7 python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.7 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.7 No subscription required Medium CVE-2024-25062 Ubuntu 20.04 LTS It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-43244, CVE-2022-43249, CVE-2022-43250, CVE-2022-47665, CVE-2023-25221) It was discovered that libde265 could be made to read out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2022-43245) It was discovered that libde265 could be made to dereference invalid memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2023-24751, CVE-2023-24752, CVE-2023-24754, CVE-2023-24755, CVE-2023-24756, CVE-2023-24757, CVE-2023-24758) Update Instructions: Run `sudo pro fix USN-6659-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libde265-0 - 1.0.4-1ubuntu0.3 libde265-dev - 1.0.4-1ubuntu0.3 libde265-examples - 1.0.4-1ubuntu0.3 No subscription required Medium CVE-2022-43244 CVE-2022-43245 CVE-2022-43249 CVE-2022-43250 CVE-2022-47665 CVE-2023-24751 CVE-2023-24752 CVE-2023-24754 CVE-2023-24755 CVE-2023-24756 CVE-2023-24757 CVE-2023-24758 CVE-2023-25221 Ubuntu 20.04 LTS Yi Yang discovered that the Hotspot component of OpenJDK 11 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 11 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 11 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921) Valentin Eudeline discovered that OpenJDK 11 incorrectly handled certain options in the Nashorn JavaScript subcomponent. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-20926) It was discovered that OpenJDK 11 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 11 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-6660-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-demo - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-doc - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-jdk - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-jdk-headless - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-jre - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-jre-headless - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-jre-zero - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-source - 11.0.22+7-0ubuntu2~20.04.1 No subscription required Medium CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20926 CVE-2024-20945 CVE-2024-20952 Ubuntu 20.04 LTS Yi Yang discovered that the Hotspot component of OpenJDK 17 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 17 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 17 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921) Yakov Shafranovich discovered that OpenJDK 17 incorrectly handled ZIP archives that have file and directory entries with the same name. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20932) It was discovered that OpenJDK 17 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 17 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-6661-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-17-demo - 17.0.10+7-1~20.04.1 openjdk-17-doc - 17.0.10+7-1~20.04.1 openjdk-17-jdk - 17.0.10+7-1~20.04.1 openjdk-17-jdk-headless - 17.0.10+7-1~20.04.1 openjdk-17-jre - 17.0.10+7-1~20.04.1 openjdk-17-jre-headless - 17.0.10+7-1~20.04.1 openjdk-17-jre-zero - 17.0.10+7-1~20.04.1 openjdk-17-source - 17.0.10+7-1~20.04.1 No subscription required Medium CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20932 CVE-2024-20945 CVE-2024-20952 Ubuntu 20.04 LTS Yi Yang discovered that the Hotspot component of OpenJDK 21 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 21 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 21 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921) It was discovered that OpenJDK 21 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 21 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-6662-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-21-demo - 21.0.2+13-1~20.04.1 openjdk-21-doc - 21.0.2+13-1~20.04.1 openjdk-21-jdk - 21.0.2+13-1~20.04.1 openjdk-21-jdk-headless - 21.0.2+13-1~20.04.1 openjdk-21-jre - 21.0.2+13-1~20.04.1 openjdk-21-jre-headless - 21.0.2+13-1~20.04.1 openjdk-21-jre-zero - 21.0.2+13-1~20.04.1 openjdk-21-source - 21.0.2+13-1~20.04.1 No subscription required Medium CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20945 CVE-2024-20952 Ubuntu 20.04 LTS As a security improvement, OpenSSL will now return deterministic random bytes instead of an error when detecting wrong padding in PKCS#1 v1.5 RSA to prevent its use in possible Bleichenbacher timing attacks. Update Instructions: Run `sudo pro fix USN-6663-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl-dev - 1.1.1f-1ubuntu2.22 libssl-doc - 1.1.1f-1ubuntu2.22 libssl1.1 - 1.1.1f-1ubuntu2.22 openssl - 1.1.1f-1ubuntu2.22 No subscription required None https://launchpad.net/bugs/2054090 Ubuntu 20.04 LTS It was discovered that less incorrectly handled certain file names. An attacker could possibly use this issue to cause a crash or execute arbitrary commands. Update Instructions: Run `sudo pro fix USN-6664-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: less - 551-1ubuntu0.2 No subscription required Medium CVE-2022-48624 Ubuntu 20.04 LTS Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Unbound incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service. (CVE-2023-50387) It was discovered that Unbound incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service. (CVE-2023-50868) Update Instructions: Run `sudo pro fix USN-6665-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libunbound-dev - 1.9.4-2ubuntu1.5 libunbound8 - 1.9.4-2ubuntu1.5 python-unbound - 1.9.4-2ubuntu1.5 python3-unbound - 1.9.4-2ubuntu1.5 unbound - 1.9.4-2ubuntu1.5 unbound-anchor - 1.9.4-2ubuntu1.5 unbound-host - 1.9.4-2ubuntu1.5 No subscription required Medium CVE-2023-50387 CVE-2023-50868 Ubuntu 20.04 LTS It was discovered that libuv incorrectly truncated certain hostnames. A remote attacker could possibly use this issue with specially crafted hostnames to bypass certain checks. Update Instructions: Run `sudo pro fix USN-6666-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libuv1 - 1.34.2-1ubuntu1.5 libuv1-dev - 1.34.2-1ubuntu1.5 No subscription required Medium CVE-2024-24806 Ubuntu 20.04 LTS It was discovered that Cpanel-JSON-XS incorrectly decoded certain data. A remote attacker could use this issue to cause Cpanel-JSON-XS to crash, resulting in a denial of service, or possibly obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6667-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcpanel-json-xs-perl - 4.19-1ubuntu0.1 No subscription required Medium CVE-2022-48623 Ubuntu 20.04 LTS It was discovered that when python-openstackclient attempted to delete a non-existing access rule, it would delete another existing access rule instead, contrary to expectations. Update Instructions: Run `sudo pro fix USN-6668-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-openstackclient-doc - 5.2.0-0ubuntu1.20.04.2 python3-openstackclient - 5.2.0-0ubuntu1.20.04.2 No subscription required Medium CVE-2023-6110 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-0741, CVE-2024-0742, CVE-2024-0747, CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0755, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1553, CVE-2024-1936) Cornel Ionce discovered that Thunderbird did not properly manage memory when opening the print preview dialog. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-0746) Alfred Peters discovered that Thunderbird did not properly manage memory when storing and re-accessing data on a networking channel. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-1546) Johan Carlsson discovered that Thunderbird incorrectly handled Set-Cookie response headers in multipart HTTP responses. An attacker could potentially exploit this issue to inject arbitrary cookie values. (CVE-2024-1551) Gary Kwong discovered that Thunderbird incorrectly generated codes on 32-bit ARM devices, which could lead to unexpected numeric conversions or undefined behaviour. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-1552) Update Instructions: Run `sudo pro fix USN-6669-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.8.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.8.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.8.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.8.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-0741 CVE-2024-0742 CVE-2024-0746 CVE-2024-0747 CVE-2024-0749 CVE-2024-0750 CVE-2024-0751 CVE-2024-0753 CVE-2024-0755 CVE-2024-1546 CVE-2024-1547 CVE-2024-1548 CVE-2024-1549 CVE-2024-1550 CVE-2024-1551 CVE-2024-1552 CVE-2024-1553 CVE-2024-1936 Ubuntu 20.04 LTS It was discovered that php-guzzlehttp-psr7 incorrectly parsed HTTP headers. A remote attacker could possibly use these issues to perform an HTTP header injection attack. Update Instructions: Run `sudo pro fix USN-6670-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-guzzlehttp-psr7 - 1.4.2-0.1+deb10u2build0.20.04.1 No subscription required Medium CVE-2022-24775 CVE-2023-29197 Ubuntu 20.04 LTS Morgan Jones discovered that Node.js incorrectly handled certain inputs that leads to false positive errors during some cryptographic operations. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.10. (CVE-2023-23919) It was discovered that Node.js incorrectly handled certain inputs leaded to a untrusted search path vulnerability. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a privilege escalation. (CVE-2023-23920) Matt Caswell discovered that Node.js incorrectly handled certain inputs with specially crafted ASN.1 object identifiers or data containing them. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-2650) Update Instructions: Run `sudo pro fix USN-6672-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnode-dev - 10.19.0~dfsg-3ubuntu1.5 libnode64 - 10.19.0~dfsg-3ubuntu1.5 nodejs - 10.19.0~dfsg-3ubuntu1.5 nodejs-doc - 10.19.0~dfsg-3ubuntu1.5 No subscription required Medium CVE-2023-23919 CVE-2023-23920 CVE-2023-2650 Ubuntu 20.04 LTS Hubert Kario discovered that python-cryptography incorrectly handled errors returned by the OpenSSL API when processing incorrect padding in RSA PKCS#1 v1.5. A remote attacker could possibly use this issue to expose confidential or sensitive information. (CVE-2023-50782) It was discovered that python-cryptography incorrectly handled memory operations when processing mismatched PKCS#12 keys. A remote attacker could possibly use this issue to cause python-cryptography to crash, leading to a denial of service. This issue only affected Ubuntu 23.10. (CVE-2024-26130) Update Instructions: Run `sudo pro fix USN-6673-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-cryptography - 2.8-3ubuntu0.3 python-cryptography-doc - 2.8-3ubuntu0.3 python3-cryptography - 2.8-3ubuntu0.3 No subscription required Medium CVE-2023-50782 CVE-2024-26130 Ubuntu 20.04 LTS Seokchan Yoon discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6674-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 2:2.2.12-1ubuntu0.22 python3-django - 2:2.2.12-1ubuntu0.22 No subscription required Medium CVE-2024-27351 Ubuntu 20.04 LTS It was discovered that ImageProcessing incorrectly handled series of operations that are coming from unsanitised inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6675-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-image-processing - 1.10.3-1ubuntu0.20.04.1 No subscription required Medium CVE-2022-24720 Ubuntu 20.04 LTS Vojtěch Vobr discovered that c-ares incorrectly handled user input from local configuration files. An attacker could possibly use this issue to cause a denial of service via application crash. Update Instructions: Run `sudo pro fix USN-6676-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc-ares-dev - 1.15.0-1ubuntu0.5 libc-ares2 - 1.15.0-1ubuntu0.5 No subscription required Medium CVE-2024-25629 Ubuntu 20.04 LTS It was discovered that libde265 could be made to dereference invalid memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-27102) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-27103) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-43887, CVE-2023-47471, CVE-2023-49465, CVE-2023-49467, CVE-2023-49468) Update Instructions: Run `sudo pro fix USN-6677-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libde265-0 - 1.0.4-1ubuntu0.4 libde265-dev - 1.0.4-1ubuntu0.4 libde265-examples - 1.0.4-1ubuntu0.4 No subscription required Medium CVE-2023-27102 CVE-2023-27103 CVE-2023-43887 CVE-2023-47471 CVE-2023-49465 CVE-2023-49467 CVE-2023-49468 Ubuntu 20.04 LTS It was discovered that libgit2 mishandled equivalent filenames on NTFS partitions. If a user or automated system were tricked into cloning a specially crafted repository, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-12278, CVE-2020-12279) It was discovered that libgit2 did not perform certificate checking by default. An attacker could possibly use this issue to perform a machine-in-the-middle attack. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-22742) It was discovered that libgit2 could be made to run into an infinite loop. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.10. (CVE-2024-24575) It was discovered that libgit2 did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-24577) Update Instructions: Run `sudo pro fix USN-6678-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgit2-28 - 0.28.4+dfsg.1-2ubuntu0.1 libgit2-dev - 0.28.4+dfsg.1-2ubuntu0.1 No subscription required Medium CVE-2020-12278 CVE-2020-12279 CVE-2023-22742 CVE-2024-24575 CVE-2024-24577 Ubuntu 20.04 LTS Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Update Instructions: Run `sudo pro fix USN-6681-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1032-iot - 5.4.0-1032.33 linux-headers-5.4.0-1032-iot - 5.4.0-1032.33 linux-image-5.4.0-1032-iot - 5.4.0-1032.33 linux-image-unsigned-5.4.0-1032-iot - 5.4.0-1032.33 linux-iot-headers-5.4.0-1032 - 5.4.0-1032.33 linux-iot-tools-5.4.0-1032 - 5.4.0-1032.33 linux-iot-tools-common - 5.4.0-1032.33 linux-modules-5.4.0-1032-iot - 5.4.0-1032.33 linux-tools-5.4.0-1032-iot - 5.4.0-1032.33 No subscription required linux-buildinfo-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-cloud-tools-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-gkeop-cloud-tools-5.4.0-1087 - 5.4.0-1087.91 linux-gkeop-headers-5.4.0-1087 - 5.4.0-1087.91 linux-gkeop-source-5.4.0 - 5.4.0-1087.91 linux-gkeop-tools-5.4.0-1087 - 5.4.0-1087.91 linux-headers-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-image-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-image-unsigned-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-modules-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-modules-extra-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-tools-5.4.0-1087-gkeop - 5.4.0-1087.91 No subscription required linux-buildinfo-5.4.0-1104-raspi - 5.4.0-1104.116 linux-headers-5.4.0-1104-raspi - 5.4.0-1104.116 linux-image-5.4.0-1104-raspi - 5.4.0-1104.116 linux-modules-5.4.0-1104-raspi - 5.4.0-1104.116 linux-raspi-headers-5.4.0-1104 - 5.4.0-1104.116 linux-raspi-tools-5.4.0-1104 - 5.4.0-1104.116 linux-tools-5.4.0-1104-raspi - 5.4.0-1104.116 No subscription required linux-buildinfo-5.4.0-1108-kvm - 5.4.0-1108.115 linux-headers-5.4.0-1108-kvm - 5.4.0-1108.115 linux-image-5.4.0-1108-kvm - 5.4.0-1108.115 linux-image-unsigned-5.4.0-1108-kvm - 5.4.0-1108.115 linux-kvm-headers-5.4.0-1108 - 5.4.0-1108.115 linux-kvm-tools-5.4.0-1108 - 5.4.0-1108.115 linux-modules-5.4.0-1108-kvm - 5.4.0-1108.115 linux-tools-5.4.0-1108-kvm - 5.4.0-1108.115 No subscription required linux-buildinfo-5.4.0-1124-gcp - 5.4.0-1124.133 linux-gcp-headers-5.4.0-1124 - 5.4.0-1124.133 linux-gcp-tools-5.4.0-1124 - 5.4.0-1124.133 linux-headers-5.4.0-1124-gcp - 5.4.0-1124.133 linux-image-5.4.0-1124-gcp - 5.4.0-1124.133 linux-image-unsigned-5.4.0-1124-gcp - 5.4.0-1124.133 linux-modules-5.4.0-1124-gcp - 5.4.0-1124.133 linux-modules-extra-5.4.0-1124-gcp - 5.4.0-1124.133 linux-tools-5.4.0-1124-gcp - 5.4.0-1124.133 No subscription required linux-buildinfo-5.4.0-173-generic - 5.4.0-173.191 linux-buildinfo-5.4.0-173-generic-lpae - 5.4.0-173.191 linux-buildinfo-5.4.0-173-lowlatency - 5.4.0-173.191 linux-cloud-tools-5.4.0-173 - 5.4.0-173.191 linux-cloud-tools-5.4.0-173-generic - 5.4.0-173.191 linux-cloud-tools-5.4.0-173-lowlatency - 5.4.0-173.191 linux-cloud-tools-common - 5.4.0-173.191 linux-doc - 5.4.0-173.191 linux-headers-5.4.0-173 - 5.4.0-173.191 linux-headers-5.4.0-173-generic - 5.4.0-173.191 linux-headers-5.4.0-173-generic-lpae - 5.4.0-173.191 linux-headers-5.4.0-173-lowlatency - 5.4.0-173.191 linux-image-5.4.0-173-generic - 5.4.0-173.191 linux-image-5.4.0-173-generic-lpae - 5.4.0-173.191 linux-image-5.4.0-173-lowlatency - 5.4.0-173.191 linux-image-unsigned-5.4.0-173-generic - 5.4.0-173.191 linux-image-unsigned-5.4.0-173-lowlatency - 5.4.0-173.191 linux-libc-dev - 5.4.0-173.191 linux-modules-5.4.0-173-generic - 5.4.0-173.191 linux-modules-5.4.0-173-generic-lpae - 5.4.0-173.191 linux-modules-5.4.0-173-lowlatency - 5.4.0-173.191 linux-modules-extra-5.4.0-173-generic - 5.4.0-173.191 linux-source-5.4.0 - 5.4.0-173.191 linux-tools-5.4.0-173 - 5.4.0-173.191 linux-tools-5.4.0-173-generic - 5.4.0-173.191 linux-tools-5.4.0-173-generic-lpae - 5.4.0-173.191 linux-tools-5.4.0-173-lowlatency - 5.4.0-173.191 linux-tools-common - 5.4.0-173.191 linux-tools-host - 5.4.0-173.191 No subscription required linux-headers-iot - 5.4.0.1032.30 linux-image-iot - 5.4.0.1032.30 linux-iot - 5.4.0.1032.30 linux-tools-iot - 5.4.0.1032.30 No subscription required linux-cloud-tools-gkeop - 5.4.0.1087.85 linux-cloud-tools-gkeop-5.4 - 5.4.0.1087.85 linux-gkeop - 5.4.0.1087.85 linux-gkeop-5.4 - 5.4.0.1087.85 linux-headers-gkeop - 5.4.0.1087.85 linux-headers-gkeop-5.4 - 5.4.0.1087.85 linux-image-gkeop - 5.4.0.1087.85 linux-image-gkeop-5.4 - 5.4.0.1087.85 linux-modules-extra-gkeop - 5.4.0.1087.85 linux-modules-extra-gkeop-5.4 - 5.4.0.1087.85 linux-tools-gkeop - 5.4.0.1087.85 linux-tools-gkeop-5.4 - 5.4.0.1087.85 No subscription required linux-headers-raspi - 5.4.0.1104.134 linux-headers-raspi-hwe-18.04 - 5.4.0.1104.134 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1104.134 linux-headers-raspi2 - 5.4.0.1104.134 linux-headers-raspi2-hwe-18.04 - 5.4.0.1104.134 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1104.134 linux-image-raspi - 5.4.0.1104.134 linux-image-raspi-hwe-18.04 - 5.4.0.1104.134 linux-image-raspi-hwe-18.04-edge - 5.4.0.1104.134 linux-image-raspi2 - 5.4.0.1104.134 linux-image-raspi2-hwe-18.04 - 5.4.0.1104.134 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1104.134 linux-raspi - 5.4.0.1104.134 linux-raspi-hwe-18.04 - 5.4.0.1104.134 linux-raspi-hwe-18.04-edge - 5.4.0.1104.134 linux-raspi2 - 5.4.0.1104.134 linux-raspi2-hwe-18.04 - 5.4.0.1104.134 linux-raspi2-hwe-18.04-edge - 5.4.0.1104.134 linux-tools-raspi - 5.4.0.1104.134 linux-tools-raspi-hwe-18.04 - 5.4.0.1104.134 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1104.134 linux-tools-raspi2 - 5.4.0.1104.134 linux-tools-raspi2-hwe-18.04 - 5.4.0.1104.134 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1104.134 No subscription required linux-headers-kvm - 5.4.0.1108.104 linux-image-kvm - 5.4.0.1108.104 linux-kvm - 5.4.0.1108.104 linux-tools-kvm - 5.4.0.1108.104 No subscription required linux-gcp-lts-20.04 - 5.4.0.1124.126 linux-headers-gcp-lts-20.04 - 5.4.0.1124.126 linux-image-gcp-lts-20.04 - 5.4.0.1124.126 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1124.126 linux-tools-gcp-lts-20.04 - 5.4.0.1124.126 No subscription required linux-cloud-tools-generic - 5.4.0.173.171 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.173.171 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.173.171 linux-cloud-tools-lowlatency - 5.4.0.173.171 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.173.171 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.173.171 linux-cloud-tools-virtual - 5.4.0.173.171 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.173.171 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.173.171 linux-crashdump - 5.4.0.173.171 linux-generic - 5.4.0.173.171 linux-generic-hwe-18.04 - 5.4.0.173.171 linux-generic-hwe-18.04-edge - 5.4.0.173.171 linux-generic-lpae - 5.4.0.173.171 linux-generic-lpae-hwe-18.04 - 5.4.0.173.171 linux-generic-lpae-hwe-18.04-edge - 5.4.0.173.171 linux-headers-generic - 5.4.0.173.171 linux-headers-generic-hwe-18.04 - 5.4.0.173.171 linux-headers-generic-hwe-18.04-edge - 5.4.0.173.171 linux-headers-generic-lpae - 5.4.0.173.171 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.173.171 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.173.171 linux-headers-lowlatency - 5.4.0.173.171 linux-headers-lowlatency-hwe-18.04 - 5.4.0.173.171 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.173.171 linux-headers-oem - 5.4.0.173.171 linux-headers-oem-osp1 - 5.4.0.173.171 linux-headers-virtual - 5.4.0.173.171 linux-headers-virtual-hwe-18.04 - 5.4.0.173.171 linux-headers-virtual-hwe-18.04-edge - 5.4.0.173.171 linux-image-extra-virtual - 5.4.0.173.171 linux-image-extra-virtual-hwe-18.04 - 5.4.0.173.171 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.173.171 linux-image-generic - 5.4.0.173.171 linux-image-generic-hwe-18.04 - 5.4.0.173.171 linux-image-generic-hwe-18.04-edge - 5.4.0.173.171 linux-image-generic-lpae - 5.4.0.173.171 linux-image-generic-lpae-hwe-18.04 - 5.4.0.173.171 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.173.171 linux-image-lowlatency - 5.4.0.173.171 linux-image-lowlatency-hwe-18.04 - 5.4.0.173.171 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.173.171 linux-image-oem - 5.4.0.173.171 linux-image-oem-osp1 - 5.4.0.173.171 linux-image-virtual - 5.4.0.173.171 linux-image-virtual-hwe-18.04 - 5.4.0.173.171 linux-image-virtual-hwe-18.04-edge - 5.4.0.173.171 linux-lowlatency - 5.4.0.173.171 linux-lowlatency-hwe-18.04 - 5.4.0.173.171 linux-lowlatency-hwe-18.04-edge - 5.4.0.173.171 linux-oem - 5.4.0.173.171 linux-oem-osp1 - 5.4.0.173.171 linux-oem-osp1-tools-host - 5.4.0.173.171 linux-oem-tools-host - 5.4.0.173.171 linux-source - 5.4.0.173.171 linux-tools-generic - 5.4.0.173.171 linux-tools-generic-hwe-18.04 - 5.4.0.173.171 linux-tools-generic-hwe-18.04-edge - 5.4.0.173.171 linux-tools-generic-lpae - 5.4.0.173.171 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.173.171 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.173.171 linux-tools-lowlatency - 5.4.0.173.171 linux-tools-lowlatency-hwe-18.04 - 5.4.0.173.171 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.173.171 linux-tools-oem - 5.4.0.173.171 linux-tools-oem-osp1 - 5.4.0.173.171 linux-tools-virtual - 5.4.0.173.171 linux-tools-virtual-hwe-18.04 - 5.4.0.173.171 linux-tools-virtual-hwe-18.04-edge - 5.4.0.173.171 linux-virtual - 5.4.0.173.171 linux-virtual-hwe-18.04 - 5.4.0.173.171 linux-virtual-hwe-18.04-edge - 5.4.0.173.171 No subscription required High CVE-2021-44879 CVE-2023-22995 CVE-2023-4244 CVE-2023-51779 CVE-2023-51780 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 Ubuntu 20.04 LTS Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Update Instructions: Run `sudo pro fix USN-6681-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1039-xilinx-zynqmp - 5.4.0-1039.43 linux-headers-5.4.0-1039-xilinx-zynqmp - 5.4.0-1039.43 linux-image-5.4.0-1039-xilinx-zynqmp - 5.4.0-1039.43 linux-modules-5.4.0-1039-xilinx-zynqmp - 5.4.0-1039.43 linux-tools-5.4.0-1039-xilinx-zynqmp - 5.4.0-1039.43 linux-xilinx-zynqmp-headers-5.4.0-1039 - 5.4.0-1039.43 linux-xilinx-zynqmp-tools-5.4.0-1039 - 5.4.0-1039.43 No subscription required linux-bluefield-headers-5.4.0-1080 - 5.4.0-1080.87 linux-bluefield-tools-5.4.0-1080 - 5.4.0-1080.87 linux-buildinfo-5.4.0-1080-bluefield - 5.4.0-1080.87 linux-headers-5.4.0-1080-bluefield - 5.4.0-1080.87 linux-image-5.4.0-1080-bluefield - 5.4.0-1080.87 linux-image-unsigned-5.4.0-1080-bluefield - 5.4.0-1080.87 linux-modules-5.4.0-1080-bluefield - 5.4.0-1080.87 linux-tools-5.4.0-1080-bluefield - 5.4.0-1080.87 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1039.39 linux-image-xilinx-zynqmp - 5.4.0.1039.39 linux-tools-xilinx-zynqmp - 5.4.0.1039.39 linux-xilinx-zynqmp - 5.4.0.1039.39 No subscription required linux-bluefield - 5.4.0.1080.76 linux-headers-bluefield - 5.4.0.1080.76 linux-image-bluefield - 5.4.0.1080.76 linux-tools-bluefield - 5.4.0.1080.76 No subscription required High CVE-2021-44879 CVE-2023-22995 CVE-2023-4244 CVE-2023-51779 CVE-2023-51780 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 Ubuntu 20.04 LTS Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Update Instructions: Run `sudo pro fix USN-6681-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1067-ibm - 5.4.0-1067.72 linux-headers-5.4.0-1067-ibm - 5.4.0-1067.72 linux-ibm-cloud-tools-common - 5.4.0-1067.72 linux-ibm-headers-5.4.0-1067 - 5.4.0-1067.72 linux-ibm-source-5.4.0 - 5.4.0-1067.72 linux-ibm-tools-5.4.0-1067 - 5.4.0-1067.72 linux-ibm-tools-common - 5.4.0-1067.72 linux-image-5.4.0-1067-ibm - 5.4.0-1067.72 linux-image-unsigned-5.4.0-1067-ibm - 5.4.0-1067.72 linux-modules-5.4.0-1067-ibm - 5.4.0-1067.72 linux-modules-extra-5.4.0-1067-ibm - 5.4.0-1067.72 linux-tools-5.4.0-1067-ibm - 5.4.0-1067.72 No subscription required linux-buildinfo-5.4.0-1119-oracle - 5.4.0-1119.128 linux-headers-5.4.0-1119-oracle - 5.4.0-1119.128 linux-image-5.4.0-1119-oracle - 5.4.0-1119.128 linux-image-unsigned-5.4.0-1119-oracle - 5.4.0-1119.128 linux-modules-5.4.0-1119-oracle - 5.4.0-1119.128 linux-modules-extra-5.4.0-1119-oracle - 5.4.0-1119.128 linux-oracle-headers-5.4.0-1119 - 5.4.0-1119.128 linux-oracle-tools-5.4.0-1119 - 5.4.0-1119.128 linux-tools-5.4.0-1119-oracle - 5.4.0-1119.128 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1067.96 linux-ibm-lts-20.04 - 5.4.0.1067.96 linux-image-ibm-lts-20.04 - 5.4.0.1067.96 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1067.96 linux-tools-ibm-lts-20.04 - 5.4.0.1067.96 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1119.112 linux-image-oracle-lts-20.04 - 5.4.0.1119.112 linux-oracle-lts-20.04 - 5.4.0.1119.112 linux-tools-oracle-lts-20.04 - 5.4.0.1119.112 No subscription required High CVE-2021-44879 CVE-2023-22995 CVE-2023-4244 CVE-2023-51779 CVE-2023-51780 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 Ubuntu 20.04 LTS Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Update Instructions: Run `sudo pro fix USN-6681-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-cloud-tools-5.4.0-1120 - 5.4.0-1120.130 linux-aws-headers-5.4.0-1120 - 5.4.0-1120.130 linux-aws-tools-5.4.0-1120 - 5.4.0-1120.130 linux-buildinfo-5.4.0-1120-aws - 5.4.0-1120.130 linux-cloud-tools-5.4.0-1120-aws - 5.4.0-1120.130 linux-headers-5.4.0-1120-aws - 5.4.0-1120.130 linux-image-5.4.0-1120-aws - 5.4.0-1120.130 linux-image-unsigned-5.4.0-1120-aws - 5.4.0-1120.130 linux-modules-5.4.0-1120-aws - 5.4.0-1120.130 linux-modules-extra-5.4.0-1120-aws - 5.4.0-1120.130 linux-tools-5.4.0-1120-aws - 5.4.0-1120.130 No subscription required linux-aws-lts-20.04 - 5.4.0.1120.117 linux-headers-aws-lts-20.04 - 5.4.0.1120.117 linux-image-aws-lts-20.04 - 5.4.0.1120.117 linux-modules-extra-aws-lts-20.04 - 5.4.0.1120.117 linux-tools-aws-lts-20.04 - 5.4.0.1120.117 No subscription required High CVE-2021-44879 CVE-2023-22995 CVE-2023-4244 CVE-2023-51779 CVE-2023-51780 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 Ubuntu 20.04 LTS ZeddYu Lu discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-11076) It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-11077) Jean Boussier discovered that Puma might not always release resources properly after handling HTTP requests. A remote attacker could possibly use this issue to read sensitive information. (CVE-2022-23634) It was discovered that Puma incorrectly handled certain malformed headers. A remote attacker could use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-24790) Ben Kallus discovered that Puma incorrectly handled parsing certain headers. A remote attacker could use this issue to perform an HTTP Request Smuggling attack. (CVE-2023-40175) Bartek Nowotarski discovered that Puma incorrectly handled parsing certain encoded content. A remote attacker could possibly use this to cause a denial of service. (CVE-2024-21647) Update Instructions: Run `sudo pro fix USN-6682-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: puma - 3.12.4-1ubuntu2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-11076 CVE-2020-11077 CVE-2022-23634 CVE-2022-24790 CVE-2023-40175 CVE-2024-21647 Ubuntu 20.04 LTS It was discovered that HtmlCleaner incorrectly handled certain html documents. An attacker could possibly use this issue to cause a denial of service via application crash. Update Instructions: Run `sudo pro fix USN-6683-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhtmlcleaner-java - 2.23-1ubuntu0.1~esm1 libhtmlcleaner-java-doc - 2.23-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Low CVE-2023-34624 Ubuntu 20.04 LTS It was discovered that mqtt-client incorrectly handled memory while parsing malformed MQTT frames. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6685-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmqtt-client-java - 1.14-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2019-0222 Ubuntu 20.04 LTS It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4134) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46862) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Update Instructions: Run `sudo pro fix USN-6686-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-buildinfo-5.15.0-100-generic-64k - 5.15.0-100.110~20.04.1 linux-buildinfo-5.15.0-100-generic-lpae - 5.15.0-100.110~20.04.1 linux-buildinfo-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-buildinfo-5.15.0-100-lowlatency-64k - 5.15.0-100.110~20.04.1 linux-cloud-tools-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-cloud-tools-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-headers-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-headers-5.15.0-100-generic-64k - 5.15.0-100.110~20.04.1 linux-headers-5.15.0-100-generic-lpae - 5.15.0-100.110~20.04.1 linux-headers-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-headers-5.15.0-100-lowlatency-64k - 5.15.0-100.110~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-100 - 5.15.0-100.110~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-100.110~20.04.1 linux-hwe-5.15-headers-5.15.0-100 - 5.15.0-100.110~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-100.110~20.04.1 linux-hwe-5.15-tools-5.15.0-100 - 5.15.0-100.110~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-100.110~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-100.110~20.04.1 linux-image-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-image-5.15.0-100-generic-64k - 5.15.0-100.110~20.04.1 linux-image-5.15.0-100-generic-lpae - 5.15.0-100.110~20.04.1 linux-image-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-image-5.15.0-100-lowlatency-64k - 5.15.0-100.110~20.04.1 linux-image-unsigned-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-image-unsigned-5.15.0-100-generic-64k - 5.15.0-100.110~20.04.1 linux-image-unsigned-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-image-unsigned-5.15.0-100-lowlatency-64k - 5.15.0-100.110~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-100 - 5.15.0-100.110~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-100.110~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-100 - 5.15.0-100.110~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-100 - 5.15.0-100.110~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-100.110~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-100.110~20.04.1 linux-modules-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-modules-5.15.0-100-generic-64k - 5.15.0-100.110~20.04.1 linux-modules-5.15.0-100-generic-lpae - 5.15.0-100.110~20.04.1 linux-modules-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-modules-5.15.0-100-lowlatency-64k - 5.15.0-100.110~20.04.1 linux-modules-extra-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-modules-iwlwifi-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-modules-iwlwifi-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-tools-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-tools-5.15.0-100-generic-64k - 5.15.0-100.110~20.04.1 linux-tools-5.15.0-100-generic-lpae - 5.15.0-100.110~20.04.1 linux-tools-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-tools-5.15.0-100-lowlatency-64k - 5.15.0-100.110~20.04.1 No subscription required linux-buildinfo-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-cloud-tools-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1038 - 5.15.0-1038.44~20.04.1 linux-gkeop-5.15-headers-5.15.0-1038 - 5.15.0-1038.44~20.04.1 linux-gkeop-5.15-tools-5.15.0-1038 - 5.15.0-1038.44~20.04.1 linux-headers-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-image-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-image-unsigned-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-modules-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-modules-extra-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-tools-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 No subscription required linux-buildinfo-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 linux-headers-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 linux-ibm-5.15-headers-5.15.0-1048 - 5.15.0-1048.51~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1048.51~20.04.1 linux-ibm-5.15-tools-5.15.0-1048 - 5.15.0-1048.51~20.04.1 linux-image-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 linux-image-unsigned-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 linux-modules-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 linux-modules-extra-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 linux-tools-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 No subscription required linux-buildinfo-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-gcp-5.15-headers-5.15.0-1053 - 5.15.0-1053.61~20.04.1 linux-gcp-5.15-tools-5.15.0-1053 - 5.15.0-1053.61~20.04.1 linux-headers-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-image-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-image-unsigned-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-modules-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-modules-extra-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-modules-iwlwifi-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-tools-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1058 - 5.15.0-1058.66~20.04.2 linux-azure-5.15-headers-5.15.0-1058 - 5.15.0-1058.66~20.04.2 linux-azure-5.15-tools-5.15.0-1058 - 5.15.0-1058.66~20.04.2 linux-buildinfo-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-cloud-tools-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-headers-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-image-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-image-unsigned-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-modules-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-modules-extra-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-tools-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 No subscription required linux-image-5.15.0-1058-azure-fde - 5.15.0-1058.66~20.04.2.1 linux-image-unsigned-5.15.0-1058-azure-fde - 5.15.0-1058.66~20.04.2.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-headers-lowlatency-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-image-lowlatency-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-lowlatency-64k-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-lowlatency-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-lowlatency-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-tools-lowlatency-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.100.110~20.04.49 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-generic-64k-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-generic-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-generic-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-generic-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-generic-lpae-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-generic-lpae-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-headers-generic-64k-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-headers-generic-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-headers-generic-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-headers-oem-20.04 - 5.15.0.100.110~20.04.52 linux-headers-oem-20.04b - 5.15.0.100.110~20.04.52 linux-headers-oem-20.04c - 5.15.0.100.110~20.04.52 linux-headers-oem-20.04d - 5.15.0.100.110~20.04.52 linux-headers-virtual-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-headers-virtual-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-image-extra-virtual-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-image-generic-64k-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-image-generic-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-image-generic-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-image-generic-lpae-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-image-oem-20.04 - 5.15.0.100.110~20.04.52 linux-image-oem-20.04b - 5.15.0.100.110~20.04.52 linux-image-oem-20.04c - 5.15.0.100.110~20.04.52 linux-image-oem-20.04d - 5.15.0.100.110~20.04.52 linux-image-virtual-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-image-virtual-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-modules-iwlwifi-oem-20.04 - 5.15.0.100.110~20.04.52 linux-modules-iwlwifi-oem-20.04d - 5.15.0.100.110~20.04.52 linux-oem-20.04 - 5.15.0.100.110~20.04.52 linux-oem-20.04b - 5.15.0.100.110~20.04.52 linux-oem-20.04c - 5.15.0.100.110~20.04.52 linux-oem-20.04d - 5.15.0.100.110~20.04.52 linux-tools-generic-64k-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-tools-generic-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-tools-generic-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-tools-oem-20.04 - 5.15.0.100.110~20.04.52 linux-tools-oem-20.04b - 5.15.0.100.110~20.04.52 linux-tools-oem-20.04c - 5.15.0.100.110~20.04.52 linux-tools-oem-20.04d - 5.15.0.100.110~20.04.52 linux-tools-virtual-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-tools-virtual-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-virtual-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-virtual-hwe-20.04-edge - 5.15.0.100.110~20.04.52 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1038.44~20.04.34 linux-cloud-tools-gkeop-edge - 5.15.0.1038.44~20.04.34 linux-gkeop-5.15 - 5.15.0.1038.44~20.04.34 linux-gkeop-edge - 5.15.0.1038.44~20.04.34 linux-headers-gkeop-5.15 - 5.15.0.1038.44~20.04.34 linux-headers-gkeop-edge - 5.15.0.1038.44~20.04.34 linux-image-gkeop-5.15 - 5.15.0.1038.44~20.04.34 linux-image-gkeop-edge - 5.15.0.1038.44~20.04.34 linux-modules-extra-gkeop-5.15 - 5.15.0.1038.44~20.04.34 linux-modules-extra-gkeop-edge - 5.15.0.1038.44~20.04.34 linux-tools-gkeop-5.15 - 5.15.0.1038.44~20.04.34 linux-tools-gkeop-edge - 5.15.0.1038.44~20.04.34 No subscription required linux-headers-ibm - 5.15.0.1048.51~20.04.20 linux-headers-ibm-edge - 5.15.0.1048.51~20.04.20 linux-ibm - 5.15.0.1048.51~20.04.20 linux-ibm-edge - 5.15.0.1048.51~20.04.20 linux-image-ibm - 5.15.0.1048.51~20.04.20 linux-image-ibm-edge - 5.15.0.1048.51~20.04.20 linux-tools-ibm - 5.15.0.1048.51~20.04.20 linux-tools-ibm-edge - 5.15.0.1048.51~20.04.20 No subscription required linux-gcp - 5.15.0.1053.61~20.04.1 linux-gcp-edge - 5.15.0.1053.61~20.04.1 linux-headers-gcp - 5.15.0.1053.61~20.04.1 linux-headers-gcp-edge - 5.15.0.1053.61~20.04.1 linux-image-gcp - 5.15.0.1053.61~20.04.1 linux-image-gcp-edge - 5.15.0.1053.61~20.04.1 linux-modules-extra-gcp - 5.15.0.1053.61~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1053.61~20.04.1 linux-tools-gcp - 5.15.0.1053.61~20.04.1 linux-tools-gcp-edge - 5.15.0.1053.61~20.04.1 No subscription required linux-azure-fde - 5.15.0.1058.66~20.04.1.36 linux-azure-fde-edge - 5.15.0.1058.66~20.04.1.36 linux-cloud-tools-azure-fde - 5.15.0.1058.66~20.04.1.36 linux-cloud-tools-azure-fde-edge - 5.15.0.1058.66~20.04.1.36 linux-headers-azure-fde - 5.15.0.1058.66~20.04.1.36 linux-headers-azure-fde-edge - 5.15.0.1058.66~20.04.1.36 linux-image-azure-fde - 5.15.0.1058.66~20.04.1.36 linux-image-azure-fde-edge - 5.15.0.1058.66~20.04.1.36 linux-modules-extra-azure-fde - 5.15.0.1058.66~20.04.1.36 linux-modules-extra-azure-fde-edge - 5.15.0.1058.66~20.04.1.36 linux-tools-azure-fde - 5.15.0.1058.66~20.04.1.36 linux-tools-azure-fde-edge - 5.15.0.1058.66~20.04.1.36 No subscription required linux-azure - 5.15.0.1058.66~20.04.48 linux-azure-cvm - 5.15.0.1058.66~20.04.48 linux-azure-edge - 5.15.0.1058.66~20.04.48 linux-cloud-tools-azure - 5.15.0.1058.66~20.04.48 linux-cloud-tools-azure-cvm - 5.15.0.1058.66~20.04.48 linux-cloud-tools-azure-edge - 5.15.0.1058.66~20.04.48 linux-headers-azure - 5.15.0.1058.66~20.04.48 linux-headers-azure-cvm - 5.15.0.1058.66~20.04.48 linux-headers-azure-edge - 5.15.0.1058.66~20.04.48 linux-image-azure - 5.15.0.1058.66~20.04.48 linux-image-azure-cvm - 5.15.0.1058.66~20.04.48 linux-image-azure-edge - 5.15.0.1058.66~20.04.48 linux-modules-extra-azure - 5.15.0.1058.66~20.04.48 linux-modules-extra-azure-cvm - 5.15.0.1058.66~20.04.48 linux-modules-extra-azure-edge - 5.15.0.1058.66~20.04.48 linux-tools-azure - 5.15.0.1058.66~20.04.48 linux-tools-azure-cvm - 5.15.0.1058.66~20.04.48 linux-tools-azure-edge - 5.15.0.1058.66~20.04.48 No subscription required Medium CVE-2023-22995 CVE-2023-4134 CVE-2023-46343 CVE-2023-46862 CVE-2023-51779 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 CVE-2024-0607 Ubuntu 20.04 LTS It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4134) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46862) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Update Instructions: Run `sudo pro fix USN-6686-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 linux-headers-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 linux-image-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 linux-image-unsigned-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 linux-modules-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 linux-modules-extra-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 linux-oracle-5.15-headers-5.15.0-1053 - 5.15.0-1053.59~20.04.1 linux-oracle-5.15-tools-5.15.0-1053 - 5.15.0-1053.59~20.04.1 linux-tools-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1053.59~20.04.1 linux-headers-oracle-edge - 5.15.0.1053.59~20.04.1 linux-image-oracle - 5.15.0.1053.59~20.04.1 linux-image-oracle-edge - 5.15.0.1053.59~20.04.1 linux-oracle - 5.15.0.1053.59~20.04.1 linux-oracle-edge - 5.15.0.1053.59~20.04.1 linux-tools-oracle - 5.15.0.1053.59~20.04.1 linux-tools-oracle-edge - 5.15.0.1053.59~20.04.1 No subscription required Medium CVE-2023-22995 CVE-2023-4134 CVE-2023-46343 CVE-2023-46862 CVE-2023-51779 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 CVE-2024-0607 Ubuntu 20.04 LTS It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4134) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46862) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Update Instructions: Run `sudo pro fix USN-6686-5` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-cloud-tools-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-headers-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-image-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-image-unsigned-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1050 - 5.15.0-1050.56~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1050.56~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1050 - 5.15.0-1050.56~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1050 - 5.15.0-1050.56~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1050.56~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1050.56~20.04.1 linux-modules-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-modules-extra-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-modules-iwlwifi-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-tools-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1050.56~20.04.40 linux-headers-intel - 5.15.0.1050.56~20.04.40 linux-headers-intel-iotg - 5.15.0.1050.56~20.04.40 linux-headers-intel-iotg-edge - 5.15.0.1050.56~20.04.40 linux-image-intel - 5.15.0.1050.56~20.04.40 linux-image-intel-iotg - 5.15.0.1050.56~20.04.40 linux-image-intel-iotg-edge - 5.15.0.1050.56~20.04.40 linux-intel - 5.15.0.1050.56~20.04.40 linux-intel-iotg - 5.15.0.1050.56~20.04.40 linux-intel-iotg-edge - 5.15.0.1050.56~20.04.40 linux-tools-intel - 5.15.0.1050.56~20.04.40 linux-tools-intel-iotg - 5.15.0.1050.56~20.04.40 linux-tools-intel-iotg-edge - 5.15.0.1050.56~20.04.40 No subscription required Medium CVE-2023-22995 CVE-2023-4134 CVE-2023-46343 CVE-2023-46862 CVE-2023-51779 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 CVE-2024-0607 Ubuntu 20.04 LTS It was discovered that AccountsService called a helper incorrectly when performing password change operations. A local attacker could possibly use this issue to obtain encrypted passwords. Update Instructions: Run `sudo pro fix USN-6687-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: accountsservice - 0.6.55-0ubuntu12~20.04.7 gir1.2-accountsservice-1.0 - 0.6.55-0ubuntu12~20.04.7 libaccountsservice-dev - 0.6.55-0ubuntu12~20.04.7 libaccountsservice-doc - 0.6.55-0ubuntu12~20.04.7 libaccountsservice0 - 0.6.55-0ubuntu12~20.04.7 No subscription required Low CVE-2012-6655 Ubuntu 20.04 LTS Timothy Redaelli and Haresh Khandelwal discovered that Open vSwitch incorrectly handled certain crafted Geneve packets when hardware offloading via the netlink path is enabled. A remote attacker could possibly use this issue to cause Open vSwitch to crash, leading to a denial of service. (CVE-2023-3966) It was discovered that Open vSwitch incorrectly handled certain ICMPv6 Neighbor Advertisement packets. A remote attacker could possibly use this issue to redirect traffic to arbitrary IP addresses. (CVE-2023-5366) Update Instructions: Run `sudo pro fix USN-6690-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-common - 2.13.8-0ubuntu1.4 openvswitch-doc - 2.13.8-0ubuntu1.4 openvswitch-pki - 2.13.8-0ubuntu1.4 openvswitch-source - 2.13.8-0ubuntu1.4 openvswitch-switch - 2.13.8-0ubuntu1.4 openvswitch-switch-dpdk - 2.13.8-0ubuntu1.4 openvswitch-test - 2.13.8-0ubuntu1.4 openvswitch-testcontroller - 2.13.8-0ubuntu1.4 openvswitch-vtep - 2.13.8-0ubuntu1.4 python3-openvswitch - 2.13.8-0ubuntu1.4 No subscription required Medium CVE-2023-3966 CVE-2023-5366 Ubuntu 20.04 LTS It was discovered that OVN incorrectly enabled OVS Bidirectional Forwarding Detection on logical ports. A remote attacker could possibly use this issue to disrupt traffic. Update Instructions: Run `sudo pro fix USN-6691-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ovn-central - 20.03.2-0ubuntu0.20.04.5 ovn-common - 20.03.2-0ubuntu0.20.04.5 ovn-controller-vtep - 20.03.2-0ubuntu0.20.04.5 ovn-doc - 20.03.2-0ubuntu0.20.04.5 ovn-docker - 20.03.2-0ubuntu0.20.04.5 ovn-host - 20.03.2-0ubuntu0.20.04.5 ovn-ic - 20.03.2-0ubuntu0.20.04.5 ovn-ic-db - 20.03.2-0ubuntu0.20.04.5 No subscription required Medium CVE-2024-2182 Ubuntu 20.04 LTS It was discovered that Gson incorrectly handled deserialization of untrusted input data. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6692-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgoogle-gson-java - 2.8.5-3+deb10u1build0.20.04.1 No subscription required Medium CVE-2022-25647 Ubuntu 20.04 LTS It was discovered that TeX Live incorrectly handled certain memory operations in the embedded axodraw2 tool. An attacker could possibly use this issue to cause TeX Live to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2019-18604) It was discovered that TeX Live allowed documents to make arbitrary network requests. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to exfiltrate sensitive information, or perform other network-related attacks. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-32668) It was discovered that TeX Live incorrectly handled certain TrueType fonts. If a user or automated system were tricked into opening a specially crafted TrueType font, a remote attacker could use this issue to cause TeX Live to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-25262) Update Instructions: Run `sudo pro fix USN-6695-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libkpathsea-dev - 2019.20190605.51237-3ubuntu0.2 libkpathsea6 - 2019.20190605.51237-3ubuntu0.2 libptexenc-dev - 2019.20190605.51237-3ubuntu0.2 libptexenc1 - 2019.20190605.51237-3ubuntu0.2 libsynctex-dev - 2019.20190605.51237-3ubuntu0.2 libsynctex2 - 2019.20190605.51237-3ubuntu0.2 libtexlua53 - 2019.20190605.51237-3ubuntu0.2 libtexlua53-dev - 2019.20190605.51237-3ubuntu0.2 libtexluajit-dev - 2019.20190605.51237-3ubuntu0.2 libtexluajit2 - 2019.20190605.51237-3ubuntu0.2 texlive-binaries - 2019.20190605.51237-3ubuntu0.2 No subscription required Medium CVE-2019-18604 CVE-2023-32668 CVE-2024-25262 Ubuntu 20.04 LTS Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 8 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 8 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921) Valentin Eudeline discovered that OpenJDK 8 incorrectly handled certain options in the Nashorn JavaScript subcomponent. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-20926) It was discovered that OpenJDK 8 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 8 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-6696-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-demo - 8u402-ga-2ubuntu1~20.04 openjdk-8-doc - 8u402-ga-2ubuntu1~20.04 openjdk-8-jdk - 8u402-ga-2ubuntu1~20.04 openjdk-8-jdk-headless - 8u402-ga-2ubuntu1~20.04 openjdk-8-jre - 8u402-ga-2ubuntu1~20.04 openjdk-8-jre-headless - 8u402-ga-2ubuntu1~20.04 openjdk-8-jre-zero - 8u402-ga-2ubuntu1~20.04 openjdk-8-source - 8u402-ga-2ubuntu1~20.04 No subscription required Medium CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20926 CVE-2024-20945 CVE-2024-20952 Ubuntu 20.04 LTS Zhen Zhou discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service Update Instructions: Run `sudo pro fix USN-6698-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:8.1.2269-1ubuntu5.22 vim-athena - 2:8.1.2269-1ubuntu5.22 vim-common - 2:8.1.2269-1ubuntu5.22 vim-doc - 2:8.1.2269-1ubuntu5.22 vim-gtk - 2:8.1.2269-1ubuntu5.22 vim-gtk3 - 2:8.1.2269-1ubuntu5.22 vim-gui-common - 2:8.1.2269-1ubuntu5.22 vim-nox - 2:8.1.2269-1ubuntu5.22 vim-runtime - 2:8.1.2269-1ubuntu5.22 vim-tiny - 2:8.1.2269-1ubuntu5.22 xxd - 2:8.1.2269-1ubuntu5.22 No subscription required Low CVE-2024-22667 Ubuntu 20.04 LTS It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6702-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1033-iot - 5.4.0-1033.34 linux-headers-5.4.0-1033-iot - 5.4.0-1033.34 linux-image-5.4.0-1033-iot - 5.4.0-1033.34 linux-image-unsigned-5.4.0-1033-iot - 5.4.0-1033.34 linux-iot-headers-5.4.0-1033 - 5.4.0-1033.34 linux-iot-tools-5.4.0-1033 - 5.4.0-1033.34 linux-iot-tools-common - 5.4.0-1033.34 linux-modules-5.4.0-1033-iot - 5.4.0-1033.34 linux-tools-5.4.0-1033-iot - 5.4.0-1033.34 No subscription required linux-buildinfo-5.4.0-1068-ibm - 5.4.0-1068.73 linux-headers-5.4.0-1068-ibm - 5.4.0-1068.73 linux-ibm-cloud-tools-common - 5.4.0-1068.73 linux-ibm-headers-5.4.0-1068 - 5.4.0-1068.73 linux-ibm-source-5.4.0 - 5.4.0-1068.73 linux-ibm-tools-5.4.0-1068 - 5.4.0-1068.73 linux-ibm-tools-common - 5.4.0-1068.73 linux-image-5.4.0-1068-ibm - 5.4.0-1068.73 linux-image-unsigned-5.4.0-1068-ibm - 5.4.0-1068.73 linux-modules-5.4.0-1068-ibm - 5.4.0-1068.73 linux-modules-extra-5.4.0-1068-ibm - 5.4.0-1068.73 linux-tools-5.4.0-1068-ibm - 5.4.0-1068.73 No subscription required linux-bluefield-headers-5.4.0-1081 - 5.4.0-1081.88 linux-bluefield-tools-5.4.0-1081 - 5.4.0-1081.88 linux-buildinfo-5.4.0-1081-bluefield - 5.4.0-1081.88 linux-headers-5.4.0-1081-bluefield - 5.4.0-1081.88 linux-image-5.4.0-1081-bluefield - 5.4.0-1081.88 linux-image-unsigned-5.4.0-1081-bluefield - 5.4.0-1081.88 linux-modules-5.4.0-1081-bluefield - 5.4.0-1081.88 linux-tools-5.4.0-1081-bluefield - 5.4.0-1081.88 No subscription required linux-buildinfo-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-cloud-tools-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-gkeop-cloud-tools-5.4.0-1088 - 5.4.0-1088.92 linux-gkeop-headers-5.4.0-1088 - 5.4.0-1088.92 linux-gkeop-source-5.4.0 - 5.4.0-1088.92 linux-gkeop-tools-5.4.0-1088 - 5.4.0-1088.92 linux-headers-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-image-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-image-unsigned-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-modules-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-modules-extra-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-tools-5.4.0-1088-gkeop - 5.4.0-1088.92 No subscription required linux-buildinfo-5.4.0-1109-kvm - 5.4.0-1109.116 linux-headers-5.4.0-1109-kvm - 5.4.0-1109.116 linux-image-5.4.0-1109-kvm - 5.4.0-1109.116 linux-image-unsigned-5.4.0-1109-kvm - 5.4.0-1109.116 linux-kvm-headers-5.4.0-1109 - 5.4.0-1109.116 linux-kvm-tools-5.4.0-1109 - 5.4.0-1109.116 linux-modules-5.4.0-1109-kvm - 5.4.0-1109.116 linux-tools-5.4.0-1109-kvm - 5.4.0-1109.116 No subscription required linux-buildinfo-5.4.0-1120-oracle - 5.4.0-1120.129 linux-headers-5.4.0-1120-oracle - 5.4.0-1120.129 linux-image-5.4.0-1120-oracle - 5.4.0-1120.129 linux-image-unsigned-5.4.0-1120-oracle - 5.4.0-1120.129 linux-modules-5.4.0-1120-oracle - 5.4.0-1120.129 linux-modules-extra-5.4.0-1120-oracle - 5.4.0-1120.129 linux-oracle-headers-5.4.0-1120 - 5.4.0-1120.129 linux-oracle-tools-5.4.0-1120 - 5.4.0-1120.129 linux-tools-5.4.0-1120-oracle - 5.4.0-1120.129 No subscription required linux-buildinfo-5.4.0-1125-gcp - 5.4.0-1125.134 linux-gcp-headers-5.4.0-1125 - 5.4.0-1125.134 linux-gcp-tools-5.4.0-1125 - 5.4.0-1125.134 linux-headers-5.4.0-1125-gcp - 5.4.0-1125.134 linux-image-5.4.0-1125-gcp - 5.4.0-1125.134 linux-image-unsigned-5.4.0-1125-gcp - 5.4.0-1125.134 linux-modules-5.4.0-1125-gcp - 5.4.0-1125.134 linux-modules-extra-5.4.0-1125-gcp - 5.4.0-1125.134 linux-tools-5.4.0-1125-gcp - 5.4.0-1125.134 No subscription required linux-buildinfo-5.4.0-174-generic - 5.4.0-174.193 linux-buildinfo-5.4.0-174-generic-lpae - 5.4.0-174.193 linux-buildinfo-5.4.0-174-lowlatency - 5.4.0-174.193 linux-cloud-tools-5.4.0-174 - 5.4.0-174.193 linux-cloud-tools-5.4.0-174-generic - 5.4.0-174.193 linux-cloud-tools-5.4.0-174-lowlatency - 5.4.0-174.193 linux-cloud-tools-common - 5.4.0-174.193 linux-doc - 5.4.0-174.193 linux-headers-5.4.0-174 - 5.4.0-174.193 linux-headers-5.4.0-174-generic - 5.4.0-174.193 linux-headers-5.4.0-174-generic-lpae - 5.4.0-174.193 linux-headers-5.4.0-174-lowlatency - 5.4.0-174.193 linux-image-5.4.0-174-generic - 5.4.0-174.193 linux-image-5.4.0-174-generic-lpae - 5.4.0-174.193 linux-image-5.4.0-174-lowlatency - 5.4.0-174.193 linux-image-unsigned-5.4.0-174-generic - 5.4.0-174.193 linux-image-unsigned-5.4.0-174-lowlatency - 5.4.0-174.193 linux-libc-dev - 5.4.0-174.193 linux-modules-5.4.0-174-generic - 5.4.0-174.193 linux-modules-5.4.0-174-generic-lpae - 5.4.0-174.193 linux-modules-5.4.0-174-lowlatency - 5.4.0-174.193 linux-modules-extra-5.4.0-174-generic - 5.4.0-174.193 linux-source-5.4.0 - 5.4.0-174.193 linux-tools-5.4.0-174 - 5.4.0-174.193 linux-tools-5.4.0-174-generic - 5.4.0-174.193 linux-tools-5.4.0-174-generic-lpae - 5.4.0-174.193 linux-tools-5.4.0-174-lowlatency - 5.4.0-174.193 linux-tools-common - 5.4.0-174.193 linux-tools-host - 5.4.0-174.193 No subscription required linux-headers-iot - 5.4.0.1033.31 linux-image-iot - 5.4.0.1033.31 linux-iot - 5.4.0.1033.31 linux-tools-iot - 5.4.0.1033.31 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1068.97 linux-ibm-lts-20.04 - 5.4.0.1068.97 linux-image-ibm-lts-20.04 - 5.4.0.1068.97 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1068.97 linux-tools-ibm-lts-20.04 - 5.4.0.1068.97 No subscription required linux-bluefield - 5.4.0.1081.77 linux-headers-bluefield - 5.4.0.1081.77 linux-image-bluefield - 5.4.0.1081.77 linux-tools-bluefield - 5.4.0.1081.77 No subscription required linux-cloud-tools-gkeop - 5.4.0.1088.86 linux-cloud-tools-gkeop-5.4 - 5.4.0.1088.86 linux-gkeop - 5.4.0.1088.86 linux-gkeop-5.4 - 5.4.0.1088.86 linux-headers-gkeop - 5.4.0.1088.86 linux-headers-gkeop-5.4 - 5.4.0.1088.86 linux-image-gkeop - 5.4.0.1088.86 linux-image-gkeop-5.4 - 5.4.0.1088.86 linux-modules-extra-gkeop - 5.4.0.1088.86 linux-modules-extra-gkeop-5.4 - 5.4.0.1088.86 linux-tools-gkeop - 5.4.0.1088.86 linux-tools-gkeop-5.4 - 5.4.0.1088.86 No subscription required linux-headers-kvm - 5.4.0.1109.105 linux-image-kvm - 5.4.0.1109.105 linux-kvm - 5.4.0.1109.105 linux-tools-kvm - 5.4.0.1109.105 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1120.113 linux-image-oracle-lts-20.04 - 5.4.0.1120.113 linux-oracle-lts-20.04 - 5.4.0.1120.113 linux-tools-oracle-lts-20.04 - 5.4.0.1120.113 No subscription required linux-gcp-lts-20.04 - 5.4.0.1125.127 linux-headers-gcp-lts-20.04 - 5.4.0.1125.127 linux-image-gcp-lts-20.04 - 5.4.0.1125.127 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1125.127 linux-tools-gcp-lts-20.04 - 5.4.0.1125.127 No subscription required linux-cloud-tools-generic - 5.4.0.174.172 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.174.172 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.174.172 linux-cloud-tools-lowlatency - 5.4.0.174.172 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.174.172 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.174.172 linux-cloud-tools-virtual - 5.4.0.174.172 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.174.172 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.174.172 linux-crashdump - 5.4.0.174.172 linux-generic - 5.4.0.174.172 linux-generic-hwe-18.04 - 5.4.0.174.172 linux-generic-hwe-18.04-edge - 5.4.0.174.172 linux-generic-lpae - 5.4.0.174.172 linux-generic-lpae-hwe-18.04 - 5.4.0.174.172 linux-generic-lpae-hwe-18.04-edge - 5.4.0.174.172 linux-headers-generic - 5.4.0.174.172 linux-headers-generic-hwe-18.04 - 5.4.0.174.172 linux-headers-generic-hwe-18.04-edge - 5.4.0.174.172 linux-headers-generic-lpae - 5.4.0.174.172 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.174.172 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.174.172 linux-headers-lowlatency - 5.4.0.174.172 linux-headers-lowlatency-hwe-18.04 - 5.4.0.174.172 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.174.172 linux-headers-oem - 5.4.0.174.172 linux-headers-oem-osp1 - 5.4.0.174.172 linux-headers-virtual - 5.4.0.174.172 linux-headers-virtual-hwe-18.04 - 5.4.0.174.172 linux-headers-virtual-hwe-18.04-edge - 5.4.0.174.172 linux-image-extra-virtual - 5.4.0.174.172 linux-image-extra-virtual-hwe-18.04 - 5.4.0.174.172 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.174.172 linux-image-generic - 5.4.0.174.172 linux-image-generic-hwe-18.04 - 5.4.0.174.172 linux-image-generic-hwe-18.04-edge - 5.4.0.174.172 linux-image-generic-lpae - 5.4.0.174.172 linux-image-generic-lpae-hwe-18.04 - 5.4.0.174.172 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.174.172 linux-image-lowlatency - 5.4.0.174.172 linux-image-lowlatency-hwe-18.04 - 5.4.0.174.172 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.174.172 linux-image-oem - 5.4.0.174.172 linux-image-oem-osp1 - 5.4.0.174.172 linux-image-virtual - 5.4.0.174.172 linux-image-virtual-hwe-18.04 - 5.4.0.174.172 linux-image-virtual-hwe-18.04-edge - 5.4.0.174.172 linux-lowlatency - 5.4.0.174.172 linux-lowlatency-hwe-18.04 - 5.4.0.174.172 linux-lowlatency-hwe-18.04-edge - 5.4.0.174.172 linux-oem - 5.4.0.174.172 linux-oem-osp1 - 5.4.0.174.172 linux-oem-osp1-tools-host - 5.4.0.174.172 linux-oem-tools-host - 5.4.0.174.172 linux-source - 5.4.0.174.172 linux-tools-generic - 5.4.0.174.172 linux-tools-generic-hwe-18.04 - 5.4.0.174.172 linux-tools-generic-hwe-18.04-edge - 5.4.0.174.172 linux-tools-generic-lpae - 5.4.0.174.172 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.174.172 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.174.172 linux-tools-lowlatency - 5.4.0.174.172 linux-tools-lowlatency-hwe-18.04 - 5.4.0.174.172 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.174.172 linux-tools-oem - 5.4.0.174.172 linux-tools-oem-osp1 - 5.4.0.174.172 linux-tools-virtual - 5.4.0.174.172 linux-tools-virtual-hwe-18.04 - 5.4.0.174.172 linux-tools-virtual-hwe-18.04-edge - 5.4.0.174.172 linux-virtual - 5.4.0.174.172 linux-virtual-hwe-18.04 - 5.4.0.174.172 linux-virtual-hwe-18.04-edge - 5.4.0.174.172 No subscription required High CVE-2023-23000 CVE-2023-23004 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6702-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1040-xilinx-zynqmp - 5.4.0-1040.44 linux-headers-5.4.0-1040-xilinx-zynqmp - 5.4.0-1040.44 linux-image-5.4.0-1040-xilinx-zynqmp - 5.4.0-1040.44 linux-modules-5.4.0-1040-xilinx-zynqmp - 5.4.0-1040.44 linux-tools-5.4.0-1040-xilinx-zynqmp - 5.4.0-1040.44 linux-xilinx-zynqmp-headers-5.4.0-1040 - 5.4.0-1040.44 linux-xilinx-zynqmp-tools-5.4.0-1040 - 5.4.0-1040.44 No subscription required linux-buildinfo-5.4.0-1105-raspi - 5.4.0-1105.117 linux-headers-5.4.0-1105-raspi - 5.4.0-1105.117 linux-image-5.4.0-1105-raspi - 5.4.0-1105.117 linux-modules-5.4.0-1105-raspi - 5.4.0-1105.117 linux-raspi-headers-5.4.0-1105 - 5.4.0-1105.117 linux-raspi-tools-5.4.0-1105 - 5.4.0-1105.117 linux-tools-5.4.0-1105-raspi - 5.4.0-1105.117 No subscription required linux-aws-cloud-tools-5.4.0-1121 - 5.4.0-1121.131 linux-aws-headers-5.4.0-1121 - 5.4.0-1121.131 linux-aws-tools-5.4.0-1121 - 5.4.0-1121.131 linux-buildinfo-5.4.0-1121-aws - 5.4.0-1121.131 linux-cloud-tools-5.4.0-1121-aws - 5.4.0-1121.131 linux-headers-5.4.0-1121-aws - 5.4.0-1121.131 linux-image-5.4.0-1121-aws - 5.4.0-1121.131 linux-image-unsigned-5.4.0-1121-aws - 5.4.0-1121.131 linux-modules-5.4.0-1121-aws - 5.4.0-1121.131 linux-modules-extra-5.4.0-1121-aws - 5.4.0-1121.131 linux-tools-5.4.0-1121-aws - 5.4.0-1121.131 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1040.40 linux-image-xilinx-zynqmp - 5.4.0.1040.40 linux-tools-xilinx-zynqmp - 5.4.0.1040.40 linux-xilinx-zynqmp - 5.4.0.1040.40 No subscription required linux-headers-raspi - 5.4.0.1105.135 linux-headers-raspi-hwe-18.04 - 5.4.0.1105.135 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1105.135 linux-headers-raspi2 - 5.4.0.1105.135 linux-headers-raspi2-hwe-18.04 - 5.4.0.1105.135 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1105.135 linux-image-raspi - 5.4.0.1105.135 linux-image-raspi-hwe-18.04 - 5.4.0.1105.135 linux-image-raspi-hwe-18.04-edge - 5.4.0.1105.135 linux-image-raspi2 - 5.4.0.1105.135 linux-image-raspi2-hwe-18.04 - 5.4.0.1105.135 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1105.135 linux-raspi - 5.4.0.1105.135 linux-raspi-hwe-18.04 - 5.4.0.1105.135 linux-raspi-hwe-18.04-edge - 5.4.0.1105.135 linux-raspi2 - 5.4.0.1105.135 linux-raspi2-hwe-18.04 - 5.4.0.1105.135 linux-raspi2-hwe-18.04-edge - 5.4.0.1105.135 linux-tools-raspi - 5.4.0.1105.135 linux-tools-raspi-hwe-18.04 - 5.4.0.1105.135 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1105.135 linux-tools-raspi2 - 5.4.0.1105.135 linux-tools-raspi2-hwe-18.04 - 5.4.0.1105.135 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1105.135 No subscription required linux-aws-lts-20.04 - 5.4.0.1121.118 linux-headers-aws-lts-20.04 - 5.4.0.1121.118 linux-image-aws-lts-20.04 - 5.4.0.1121.118 linux-modules-extra-aws-lts-20.04 - 5.4.0.1121.118 linux-tools-aws-lts-20.04 - 5.4.0.1121.118 No subscription required High CVE-2023-23000 CVE-2023-23004 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-2609, CVE-2024-2611, CVE-2024-2614, CVE-2024-2615) Hubert Kario discovered that Firefox had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2023-5388) It was discovered that Firefox did not properly handle WASM register values in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-2606) Gary Kwong discovered that Firefox incorrectly updated return registers for JIT code on Armv7-A systems. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2024-2607) Ronald Crane discovered that Firefox did not properly manage memory during character encoding. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-2608) Georg Felber and Marco Squarcina discovered that Firefox incorrectly handled html and body tags. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able obtain sensitive information. (CVE-2024-2610) Ronald Crane discovered a use-after-free in Firefox when handling code in SafeRefPtr. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-2612) Max Inden discovered that Firefox incorrectly handled QUIC ACK frame decoding. A attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-2613) Update Instructions: Run `sudo pro fix USN-6703-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 124.0+build1-0ubuntu0.20.04.1 firefox-dev - 124.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-nl - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-tg - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 124.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 124.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-5388 CVE-2024-2606 CVE-2024-2607 CVE-2024-2608 CVE-2024-2609 CVE-2024-2610 CVE-2024-2611 CVE-2024-2612 CVE-2024-2613 CVE-2024-2614 CVE-2024-2615 Ubuntu 20.04 LTS It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2023-32247) Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6704-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-buildinfo-5.15.0-101-generic-64k - 5.15.0-101.111~20.04.1 linux-buildinfo-5.15.0-101-generic-lpae - 5.15.0-101.111~20.04.1 linux-buildinfo-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-buildinfo-5.15.0-101-lowlatency-64k - 5.15.0-101.111~20.04.1 linux-cloud-tools-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-cloud-tools-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-headers-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-headers-5.15.0-101-generic-64k - 5.15.0-101.111~20.04.1 linux-headers-5.15.0-101-generic-lpae - 5.15.0-101.111~20.04.1 linux-headers-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-headers-5.15.0-101-lowlatency-64k - 5.15.0-101.111~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-101 - 5.15.0-101.111~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-101.111~20.04.1 linux-hwe-5.15-headers-5.15.0-101 - 5.15.0-101.111~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-101.111~20.04.1 linux-hwe-5.15-tools-5.15.0-101 - 5.15.0-101.111~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-101.111~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-101.111~20.04.1 linux-image-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-image-5.15.0-101-generic-64k - 5.15.0-101.111~20.04.1 linux-image-5.15.0-101-generic-lpae - 5.15.0-101.111~20.04.1 linux-image-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-image-5.15.0-101-lowlatency-64k - 5.15.0-101.111~20.04.1 linux-image-unsigned-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-image-unsigned-5.15.0-101-generic-64k - 5.15.0-101.111~20.04.1 linux-image-unsigned-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-image-unsigned-5.15.0-101-lowlatency-64k - 5.15.0-101.111~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-101 - 5.15.0-101.111~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-101.111~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-101 - 5.15.0-101.111~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-101 - 5.15.0-101.111~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-101.111~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-101.111~20.04.1 linux-modules-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-modules-5.15.0-101-generic-64k - 5.15.0-101.111~20.04.1 linux-modules-5.15.0-101-generic-lpae - 5.15.0-101.111~20.04.1 linux-modules-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-modules-5.15.0-101-lowlatency-64k - 5.15.0-101.111~20.04.1 linux-modules-extra-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-modules-iwlwifi-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-modules-iwlwifi-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-tools-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-tools-5.15.0-101-generic-64k - 5.15.0-101.111~20.04.1 linux-tools-5.15.0-101-generic-lpae - 5.15.0-101.111~20.04.1 linux-tools-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-tools-5.15.0-101-lowlatency-64k - 5.15.0-101.111~20.04.1 No subscription required linux-buildinfo-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-cloud-tools-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1039 - 5.15.0-1039.45~20.04.1 linux-gkeop-5.15-headers-5.15.0-1039 - 5.15.0-1039.45~20.04.1 linux-gkeop-5.15-tools-5.15.0-1039 - 5.15.0-1039.45~20.04.1 linux-headers-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-image-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-image-unsigned-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-modules-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-modules-extra-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-tools-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 No subscription required linux-buildinfo-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 linux-headers-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 linux-ibm-5.15-headers-5.15.0-1049 - 5.15.0-1049.52~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1049.52~20.04.1 linux-ibm-5.15-tools-5.15.0-1049 - 5.15.0-1049.52~20.04.1 linux-image-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 linux-image-unsigned-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 linux-modules-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 linux-modules-extra-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 linux-tools-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 No subscription required linux-buildinfo-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-gcp-5.15-headers-5.15.0-1054 - 5.15.0-1054.62~20.04.1 linux-gcp-5.15-tools-5.15.0-1054 - 5.15.0-1054.62~20.04.1 linux-headers-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-image-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-image-unsigned-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-modules-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-modules-extra-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-modules-iwlwifi-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-tools-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1059 - 5.15.0-1059.67~20.04.1 linux-azure-5.15-headers-5.15.0-1059 - 5.15.0-1059.67~20.04.1 linux-azure-5.15-tools-5.15.0-1059 - 5.15.0-1059.67~20.04.1 linux-buildinfo-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-cloud-tools-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-headers-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-image-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-image-unsigned-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-modules-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-modules-extra-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-tools-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 No subscription required linux-image-5.15.0-1059-azure-fde - 5.15.0-1059.67~20.04.1.1 linux-image-unsigned-5.15.0-1059-azure-fde - 5.15.0-1059.67~20.04.1.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-headers-lowlatency-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-image-lowlatency-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-lowlatency-64k-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-lowlatency-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-lowlatency-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-tools-lowlatency-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.101.111~20.04.50 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-generic-64k-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-generic-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-generic-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-generic-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-generic-lpae-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-generic-lpae-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-headers-generic-64k-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-headers-generic-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-headers-generic-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-headers-oem-20.04 - 5.15.0.101.111~20.04.53 linux-headers-oem-20.04b - 5.15.0.101.111~20.04.53 linux-headers-oem-20.04c - 5.15.0.101.111~20.04.53 linux-headers-oem-20.04d - 5.15.0.101.111~20.04.53 linux-headers-virtual-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-headers-virtual-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-image-extra-virtual-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-image-generic-64k-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-image-generic-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-image-generic-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-image-generic-lpae-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-image-oem-20.04 - 5.15.0.101.111~20.04.53 linux-image-oem-20.04b - 5.15.0.101.111~20.04.53 linux-image-oem-20.04c - 5.15.0.101.111~20.04.53 linux-image-oem-20.04d - 5.15.0.101.111~20.04.53 linux-image-virtual-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-image-virtual-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-modules-iwlwifi-oem-20.04 - 5.15.0.101.111~20.04.53 linux-modules-iwlwifi-oem-20.04d - 5.15.0.101.111~20.04.53 linux-oem-20.04 - 5.15.0.101.111~20.04.53 linux-oem-20.04b - 5.15.0.101.111~20.04.53 linux-oem-20.04c - 5.15.0.101.111~20.04.53 linux-oem-20.04d - 5.15.0.101.111~20.04.53 linux-tools-generic-64k-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-tools-generic-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-tools-generic-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-tools-oem-20.04 - 5.15.0.101.111~20.04.53 linux-tools-oem-20.04b - 5.15.0.101.111~20.04.53 linux-tools-oem-20.04c - 5.15.0.101.111~20.04.53 linux-tools-oem-20.04d - 5.15.0.101.111~20.04.53 linux-tools-virtual-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-tools-virtual-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-virtual-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-virtual-hwe-20.04-edge - 5.15.0.101.111~20.04.53 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1039.45~20.04.35 linux-cloud-tools-gkeop-edge - 5.15.0.1039.45~20.04.35 linux-gkeop-5.15 - 5.15.0.1039.45~20.04.35 linux-gkeop-edge - 5.15.0.1039.45~20.04.35 linux-headers-gkeop-5.15 - 5.15.0.1039.45~20.04.35 linux-headers-gkeop-edge - 5.15.0.1039.45~20.04.35 linux-image-gkeop-5.15 - 5.15.0.1039.45~20.04.35 linux-image-gkeop-edge - 5.15.0.1039.45~20.04.35 linux-modules-extra-gkeop-5.15 - 5.15.0.1039.45~20.04.35 linux-modules-extra-gkeop-edge - 5.15.0.1039.45~20.04.35 linux-tools-gkeop-5.15 - 5.15.0.1039.45~20.04.35 linux-tools-gkeop-edge - 5.15.0.1039.45~20.04.35 No subscription required linux-headers-ibm - 5.15.0.1049.52~20.04.21 linux-headers-ibm-edge - 5.15.0.1049.52~20.04.21 linux-ibm - 5.15.0.1049.52~20.04.21 linux-ibm-edge - 5.15.0.1049.52~20.04.21 linux-image-ibm - 5.15.0.1049.52~20.04.21 linux-image-ibm-edge - 5.15.0.1049.52~20.04.21 linux-tools-ibm - 5.15.0.1049.52~20.04.21 linux-tools-ibm-edge - 5.15.0.1049.52~20.04.21 No subscription required linux-gcp - 5.15.0.1054.62~20.04.1 linux-gcp-edge - 5.15.0.1054.62~20.04.1 linux-headers-gcp - 5.15.0.1054.62~20.04.1 linux-headers-gcp-edge - 5.15.0.1054.62~20.04.1 linux-image-gcp - 5.15.0.1054.62~20.04.1 linux-image-gcp-edge - 5.15.0.1054.62~20.04.1 linux-modules-extra-gcp - 5.15.0.1054.62~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1054.62~20.04.1 linux-tools-gcp - 5.15.0.1054.62~20.04.1 linux-tools-gcp-edge - 5.15.0.1054.62~20.04.1 No subscription required linux-azure-fde - 5.15.0.1059.67~20.04.1.38 linux-azure-fde-edge - 5.15.0.1059.67~20.04.1.38 linux-cloud-tools-azure-fde - 5.15.0.1059.67~20.04.1.38 linux-cloud-tools-azure-fde-edge - 5.15.0.1059.67~20.04.1.38 linux-headers-azure-fde - 5.15.0.1059.67~20.04.1.38 linux-headers-azure-fde-edge - 5.15.0.1059.67~20.04.1.38 linux-image-azure-fde - 5.15.0.1059.67~20.04.1.38 linux-image-azure-fde-edge - 5.15.0.1059.67~20.04.1.38 linux-modules-extra-azure-fde - 5.15.0.1059.67~20.04.1.38 linux-modules-extra-azure-fde-edge - 5.15.0.1059.67~20.04.1.38 linux-tools-azure-fde - 5.15.0.1059.67~20.04.1.38 linux-tools-azure-fde-edge - 5.15.0.1059.67~20.04.1.38 No subscription required linux-azure - 5.15.0.1059.67~20.04.49 linux-azure-cvm - 5.15.0.1059.67~20.04.49 linux-azure-edge - 5.15.0.1059.67~20.04.49 linux-cloud-tools-azure - 5.15.0.1059.67~20.04.49 linux-cloud-tools-azure-cvm - 5.15.0.1059.67~20.04.49 linux-cloud-tools-azure-edge - 5.15.0.1059.67~20.04.49 linux-headers-azure - 5.15.0.1059.67~20.04.49 linux-headers-azure-cvm - 5.15.0.1059.67~20.04.49 linux-headers-azure-edge - 5.15.0.1059.67~20.04.49 linux-image-azure - 5.15.0.1059.67~20.04.49 linux-image-azure-cvm - 5.15.0.1059.67~20.04.49 linux-image-azure-edge - 5.15.0.1059.67~20.04.49 linux-modules-extra-azure - 5.15.0.1059.67~20.04.49 linux-modules-extra-azure-cvm - 5.15.0.1059.67~20.04.49 linux-modules-extra-azure-edge - 5.15.0.1059.67~20.04.49 linux-tools-azure - 5.15.0.1059.67~20.04.49 linux-tools-azure-cvm - 5.15.0.1059.67~20.04.49 linux-tools-azure-edge - 5.15.0.1059.67~20.04.49 No subscription required High CVE-2023-23000 CVE-2023-32247 CVE-2024-1085 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2023-32247) Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6704-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 linux-headers-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 linux-image-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 linux-image-unsigned-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 linux-modules-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 linux-modules-extra-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 linux-oracle-5.15-headers-5.15.0-1054 - 5.15.0-1054.60~20.04.1 linux-oracle-5.15-tools-5.15.0-1054 - 5.15.0-1054.60~20.04.1 linux-tools-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1054.60~20.04.1 linux-headers-oracle-edge - 5.15.0.1054.60~20.04.1 linux-image-oracle - 5.15.0.1054.60~20.04.1 linux-image-oracle-edge - 5.15.0.1054.60~20.04.1 linux-oracle - 5.15.0.1054.60~20.04.1 linux-oracle-edge - 5.15.0.1054.60~20.04.1 linux-tools-oracle - 5.15.0.1054.60~20.04.1 linux-tools-oracle-edge - 5.15.0.1054.60~20.04.1 No subscription required High CVE-2023-23000 CVE-2023-32247 CVE-2024-1085 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2023-32247) Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6704-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-cloud-tools-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-headers-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-image-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-image-unsigned-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1051 - 5.15.0-1051.57~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1051.57~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1051 - 5.15.0-1051.57~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1051 - 5.15.0-1051.57~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1051.57~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1051.57~20.04.1 linux-modules-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-modules-extra-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-modules-iwlwifi-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-tools-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1051.57~20.04.41 linux-headers-intel - 5.15.0.1051.57~20.04.41 linux-headers-intel-iotg - 5.15.0.1051.57~20.04.41 linux-headers-intel-iotg-edge - 5.15.0.1051.57~20.04.41 linux-image-intel - 5.15.0.1051.57~20.04.41 linux-image-intel-iotg - 5.15.0.1051.57~20.04.41 linux-image-intel-iotg-edge - 5.15.0.1051.57~20.04.41 linux-intel - 5.15.0.1051.57~20.04.41 linux-intel-iotg - 5.15.0.1051.57~20.04.41 linux-intel-iotg-edge - 5.15.0.1051.57~20.04.41 linux-tools-intel - 5.15.0.1051.57~20.04.41 linux-tools-intel-iotg - 5.15.0.1051.57~20.04.41 linux-tools-intel-iotg-edge - 5.15.0.1051.57~20.04.41 No subscription required High CVE-2023-23000 CVE-2023-32247 CVE-2024-1085 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2023-32247) It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4134) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46862) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6705-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-cloud-tools-5.15.0-1056 - 5.15.0-1056.61~20.04.1 linux-aws-5.15-headers-5.15.0-1056 - 5.15.0-1056.61~20.04.1 linux-aws-5.15-tools-5.15.0-1056 - 5.15.0-1056.61~20.04.1 linux-buildinfo-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-cloud-tools-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-headers-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-image-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-image-unsigned-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-modules-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-modules-extra-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-tools-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 No subscription required linux-aws - 5.15.0.1056.61~20.04.43 linux-aws-edge - 5.15.0.1056.61~20.04.43 linux-headers-aws - 5.15.0.1056.61~20.04.43 linux-headers-aws-edge - 5.15.0.1056.61~20.04.43 linux-image-aws - 5.15.0.1056.61~20.04.43 linux-image-aws-edge - 5.15.0.1056.61~20.04.43 linux-modules-extra-aws - 5.15.0.1056.61~20.04.43 linux-modules-extra-aws-edge - 5.15.0.1056.61~20.04.43 linux-tools-aws - 5.15.0.1056.61~20.04.43 linux-tools-aws-edge - 5.15.0.1056.61~20.04.43 No subscription required High CVE-2023-22995 CVE-2023-23000 CVE-2023-32247 CVE-2023-4134 CVE-2023-46343 CVE-2023-46862 CVE-2023-51779 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 CVE-2024-0607 CVE-2024-1085 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS It was discovered that Graphviz incorrectly handled certain config6a files. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6708-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: graphviz - 2.42.2-3ubuntu0.1~esm2 graphviz-doc - 2.42.2-3ubuntu0.1~esm2 libcdt5 - 2.42.2-3ubuntu0.1~esm2 libcgraph6 - 2.42.2-3ubuntu0.1~esm2 libgraphviz-dev - 2.42.2-3ubuntu0.1~esm2 libgv-guile - 2.42.2-3ubuntu0.1~esm2 libgv-lua - 2.42.2-3ubuntu0.1~esm2 libgv-perl - 2.42.2-3ubuntu0.1~esm2 libgv-php7 - 2.42.2-3ubuntu0.1~esm2 libgv-ruby - 2.42.2-3ubuntu0.1~esm2 libgv-tcl - 2.42.2-3ubuntu0.1~esm2 libgvc6 - 2.42.2-3ubuntu0.1~esm2 libgvc6-plugins-gtk - 2.42.2-3ubuntu0.1~esm2 libgvpr2 - 2.42.2-3ubuntu0.1~esm2 liblab-gamut1 - 2.42.2-3ubuntu0.1~esm2 libpathplan4 - 2.42.2-3ubuntu0.1~esm2 libxdot4 - 2.42.2-3ubuntu0.1~esm2 python3-gv - 2.42.2-3ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-46045 Ubuntu 20.04 LTS Manfred Paul discovered that Firefox did not properly perform bounds checking during range analysis, leading to an out-of-bounds write vulnerability. A attacker could use this to cause a denial of service, or execute arbitrary code. (CVE-2024-29943) Manfred Paul discovered that Firefox incorrectly handled MessageManager listeners under certain circumstances. An attacker who was able to inject an event handler into a privileged object may have been able to execute arbitrary code. (CVE-2024-29944) Update Instructions: Run `sudo pro fix USN-6710-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 124.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 124.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nl - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 124.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 124.0.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-29943 CVE-2024-29944 Ubuntu 20.04 LTS USN-6710-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Manfred Paul discovered that Firefox did not properly perform bounds checking during range analysis, leading to an out-of-bounds write vulnerability. A attacker could use this to cause a denial of service, or execute arbitrary code. (CVE-2024-29943) Manfred Paul discovered that Firefox incorrectly handled MessageManager listeners under certain circumstances. An attacker who was able to inject an event handler into a privileged object may have been able to execute arbitrary code. (CVE-2024-29944) Update Instructions: Run `sudo pro fix USN-6710-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 124.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 124.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nl - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tg - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 124.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 124.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2060171 Ubuntu 20.04 LTS Vincent Berg discovered that CRM shell incorrectly handled certain commands. An local attacker could possibly use this issue to execute arbitrary code via shell code injection to the crm history commandline. Update Instructions: Run `sudo pro fix USN-6711-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: crmsh - 4.2.0-2ubuntu1.1 crmsh-doc - 4.2.0-2ubuntu1.1 No subscription required Low CVE-2020-35459 Ubuntu 20.04 LTS It was discovered that Net::CIDR::Lite incorrectly handled extra zero characters at the beginning of IP address strings. A remote attacker could possibly use this issue to bypass access controls. Update Instructions: Run `sudo pro fix USN-6712-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnet-cidr-lite-perl - 0.21-2ubuntu0.1 No subscription required Medium CVE-2021-47154 Ubuntu 20.04 LTS It was discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands. Update Instructions: Run `sudo pro fix USN-6714-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: debian-goodies - 0.84ubuntu0.1 No subscription required Low CVE-2023-27635 Ubuntu 20.04 LTS It was discovered that unixODBC incorrectly handled certain bytes. An attacker could use this issue to execute arbitrary code or cause a crash. Update Instructions: Run `sudo pro fix USN-6715-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libodbc1 - 2.3.6-0.1ubuntu0.1 odbcinst - 2.3.6-0.1ubuntu0.1 odbcinst1debian2 - 2.3.6-0.1ubuntu0.1 unixodbc - 2.3.6-0.1ubuntu0.1 unixodbc-dev - 2.3.6-0.1ubuntu0.1 No subscription required Medium CVE-2024-1013 Ubuntu 20.04 LTS Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6716-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-5.4.0-1126 - 5.4.0-1126.133 linux-azure-headers-5.4.0-1126 - 5.4.0-1126.133 linux-azure-tools-5.4.0-1126 - 5.4.0-1126.133 linux-buildinfo-5.4.0-1126-azure - 5.4.0-1126.133 linux-cloud-tools-5.4.0-1126-azure - 5.4.0-1126.133 linux-headers-5.4.0-1126-azure - 5.4.0-1126.133 linux-image-5.4.0-1126-azure - 5.4.0-1126.133 linux-image-unsigned-5.4.0-1126-azure - 5.4.0-1126.133 linux-modules-5.4.0-1126-azure - 5.4.0-1126.133 linux-modules-extra-5.4.0-1126-azure - 5.4.0-1126.133 linux-tools-5.4.0-1126-azure - 5.4.0-1126.133 No subscription required linux-azure-lts-20.04 - 5.4.0.1126.119 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1126.119 linux-headers-azure-lts-20.04 - 5.4.0.1126.119 linux-image-azure-lts-20.04 - 5.4.0.1126.119 linux-modules-extra-azure-lts-20.04 - 5.4.0.1126.119 linux-tools-azure-lts-20.04 - 5.4.0.1126.119 No subscription required High CVE-2021-44879 CVE-2023-22995 CVE-2023-23000 CVE-2023-23004 CVE-2023-4244 CVE-2023-51779 CVE-2023-51780 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-0743, CVE-2024-2611, CVE-2024-2614) Hubert Kario discovered that Thunderbird had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2023-5388) Gary Kwong discovered that Thunderbird incorrectly updated return registers for JIT code on Armv7-A systems. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2024-2607) Ronald Crane discovered that Thunderbird did not properly manage memory during character encoding. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-2608) Georg Felber and Marco Squarcina discovered that Thunderbird incorrectly handled html and body tags. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able obtain sensitive information. (CVE-2024-2610) Ronald Crane discovered a use-after-free in Thunderbird when handling code in SafeRefPtr. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-2612) Ryan VanderMeulen and Dan Minor discovered that Thunderbird did not properly manage memory conditions in ICU. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-2616) Update Instructions: Run `sudo pro fix USN-6717-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.9.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.9.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.9.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.9.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-0743 CVE-2023-5388 CVE-2024-2607 CVE-2024-2608 CVE-2024-2610 CVE-2024-2611 CVE-2024-2612 CVE-2024-2614 CVE-2024-2616 Ubuntu 20.04 LTS Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols without adding any, contrary to expectations. This issue only affected Ubuntu 23.10. (CVE-2024-2004) It was discovered that curl incorrectly handled memory when limiting the amount of headers when HTTP/2 server push is allowed. A remote attacker could possibly use this issue to cause curl to consume resources, leading to a denial of service. (CVE-2024-2398) Update Instructions: Run `sudo pro fix USN-6718-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: curl - 7.68.0-1ubuntu2.22 libcurl3-gnutls - 7.68.0-1ubuntu2.22 libcurl3-nss - 7.68.0-1ubuntu2.22 libcurl4 - 7.68.0-1ubuntu2.22 libcurl4-doc - 7.68.0-1ubuntu2.22 libcurl4-gnutls-dev - 7.68.0-1ubuntu2.22 libcurl4-nss-dev - 7.68.0-1ubuntu2.22 libcurl4-openssl-dev - 7.68.0-1ubuntu2.22 No subscription required Medium CVE-2024-2004 CVE-2024-2398 Ubuntu 20.04 LTS Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6719-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bsdutils - 1:2.34-0.1ubuntu9.5 No subscription required fdisk - 2.34-0.1ubuntu9.5 libblkid-dev - 2.34-0.1ubuntu9.5 libblkid1 - 2.34-0.1ubuntu9.5 libfdisk-dev - 2.34-0.1ubuntu9.5 libfdisk1 - 2.34-0.1ubuntu9.5 libmount-dev - 2.34-0.1ubuntu9.5 libmount1 - 2.34-0.1ubuntu9.5 libsmartcols-dev - 2.34-0.1ubuntu9.5 libsmartcols1 - 2.34-0.1ubuntu9.5 libuuid1 - 2.34-0.1ubuntu9.5 mount - 2.34-0.1ubuntu9.5 rfkill - 2.34-0.1ubuntu9.5 util-linux - 2.34-0.1ubuntu9.5 util-linux-locales - 2.34-0.1ubuntu9.5 uuid-dev - 2.34-0.1ubuntu9.5 uuid-runtime - 2.34-0.1ubuntu9.5 No subscription required Medium CVE-2024-28085 Ubuntu 20.04 LTS USN-6719-1 fixed a vulnerability in util-linux. Unfortunately, it was discovered that the fix did not fully address the issue. This update removes the setgid permission bit from the wall and write utilities. Original advisory details: Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6719-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bsdutils - 1:2.34-0.1ubuntu9.6 No subscription required fdisk - 2.34-0.1ubuntu9.6 libblkid-dev - 2.34-0.1ubuntu9.6 libblkid1 - 2.34-0.1ubuntu9.6 libfdisk-dev - 2.34-0.1ubuntu9.6 libfdisk1 - 2.34-0.1ubuntu9.6 libmount-dev - 2.34-0.1ubuntu9.6 libmount1 - 2.34-0.1ubuntu9.6 libsmartcols-dev - 2.34-0.1ubuntu9.6 libsmartcols1 - 2.34-0.1ubuntu9.6 libuuid1 - 2.34-0.1ubuntu9.6 mount - 2.34-0.1ubuntu9.6 rfkill - 2.34-0.1ubuntu9.6 util-linux - 2.34-0.1ubuntu9.6 util-linux-locales - 2.34-0.1ubuntu9.6 uuid-dev - 2.34-0.1ubuntu9.6 uuid-runtime - 2.34-0.1ubuntu9.6 No subscription required Medium CVE-2024-28085 Ubuntu 20.04 LTS It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. (CVE-2024-31080, CVE-2024-31081, CVE-2024-31082) It was discovered that X.Org X Server incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a crash or expose sensitive information. (CVE-2024-31083) Update Instructions: Run `sudo pro fix USN-6721-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xdmx - 2:1.20.13-1ubuntu1~20.04.16 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.16 xnest - 2:1.20.13-1ubuntu1~20.04.16 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.16 xserver-common - 2:1.20.13-1ubuntu1~20.04.16 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.16 xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.16 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.16 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.16 xvfb - 2:1.20.13-1ubuntu1~20.04.16 xwayland - 2:1.20.13-1ubuntu1~20.04.16 No subscription required Medium CVE-2024-31080 CVE-2024-31081 CVE-2024-31082 CVE-2024-31083 Ubuntu 20.04 LTS USN-6721-1 fixed vulnerabilities in X.Org X Server. That fix was incomplete resulting in a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. (CVE-2024-31080, CVE-2024-31081, CVE-2024-31082) It was discovered that X.Org X Server incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a crash or expose sensitive information. (CVE-2024-31083) Update Instructions: Run `sudo pro fix USN-6721-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xdmx - 2:1.20.13-1ubuntu1~20.04.17 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.17 xnest - 2:1.20.13-1ubuntu1~20.04.17 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.17 xserver-common - 2:1.20.13-1ubuntu1~20.04.17 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.17 xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.17 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.17 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.17 xvfb - 2:1.20.13-1ubuntu1~20.04.17 xwayland - 2:1.20.13-1ubuntu1~20.04.17 No subscription required None https://launchpad.net/bugs/2060354 Ubuntu 20.04 LTS Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1194) Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32254) It was discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling session connections, leading to a use- after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32258) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an integer underflow and out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38427) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate SMB request protocol IDs, leading to a out-of- bounds read vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-38430) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate packet header sizes in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38431) It was discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information. (CVE-2023-3867) Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that the IPv6 implementation of the Linux kernel did not properly manage route cache memory usage. A remote attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-52340) It was discovered that the device mapper driver in the Linux kernel did not properly validate target size during certain memory allocations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-52429, CVE-2024-23851) Yang Chaoming discovered that the KSMBD implementation in the Linux kernel did not properly validate request buffer sizes, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-22705) Chenyuan Yang discovered that the btrfs file system in the Linux kernel did not properly handle read operations on newly created subvolumes in certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-23850) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-24860) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Architecture specifics; - Block layer; - Cryptographic API; - Android drivers; - EDAC drivers; - GPU drivers; - Media drivers; - Multifunction device drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - TTY drivers; - Userspace I/O drivers; - EFI Variable file system; - F2FS file system; - GFS2 file system; - SMB network file system; - BPF subsystem; - IPv6 Networking; - Network Traffic Control; - AppArmor security module; (CVE-2023-52463, CVE-2023-52445, CVE-2023-52462, CVE-2023-52609, CVE-2023-52448, CVE-2023-52457, CVE-2023-52464, CVE-2023-52456, CVE-2023-52454, CVE-2023-52438, CVE-2023-52480, CVE-2023-52443, CVE-2023-52442, CVE-2024-26631, CVE-2023-52439, CVE-2023-52612, CVE-2024-26598, CVE-2024-26586, CVE-2024-26589, CVE-2023-52444, CVE-2023-52436, CVE-2024-26633, CVE-2024-26597, CVE-2023-52458, CVE-2024-26591, CVE-2023-52449, CVE-2023-52467, CVE-2023-52441, CVE-2023-52610, CVE-2023-52451, CVE-2023-52469, CVE-2023-52470) Update Instructions: Run `sudo pro fix USN-6725-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-buildinfo-5.15.0-102-generic-64k - 5.15.0-102.112~20.04.1 linux-buildinfo-5.15.0-102-generic-lpae - 5.15.0-102.112~20.04.1 linux-buildinfo-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-buildinfo-5.15.0-102-lowlatency-64k - 5.15.0-102.112~20.04.1 linux-cloud-tools-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-cloud-tools-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-headers-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-headers-5.15.0-102-generic-64k - 5.15.0-102.112~20.04.1 linux-headers-5.15.0-102-generic-lpae - 5.15.0-102.112~20.04.1 linux-headers-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-headers-5.15.0-102-lowlatency-64k - 5.15.0-102.112~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-102 - 5.15.0-102.112~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-102.112~20.04.1 linux-hwe-5.15-headers-5.15.0-102 - 5.15.0-102.112~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-102.112~20.04.1 linux-hwe-5.15-tools-5.15.0-102 - 5.15.0-102.112~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-102.112~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-102.112~20.04.1 linux-image-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-image-5.15.0-102-generic-64k - 5.15.0-102.112~20.04.1 linux-image-5.15.0-102-generic-lpae - 5.15.0-102.112~20.04.1 linux-image-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-image-5.15.0-102-lowlatency-64k - 5.15.0-102.112~20.04.1 linux-image-unsigned-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-image-unsigned-5.15.0-102-generic-64k - 5.15.0-102.112~20.04.1 linux-image-unsigned-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-image-unsigned-5.15.0-102-lowlatency-64k - 5.15.0-102.112~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-102 - 5.15.0-102.112~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-102.112~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-102 - 5.15.0-102.112~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-102 - 5.15.0-102.112~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-102.112~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-102.112~20.04.1 linux-modules-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-modules-5.15.0-102-generic-64k - 5.15.0-102.112~20.04.1 linux-modules-5.15.0-102-generic-lpae - 5.15.0-102.112~20.04.1 linux-modules-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-modules-5.15.0-102-lowlatency-64k - 5.15.0-102.112~20.04.1 linux-modules-extra-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-modules-iwlwifi-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-modules-iwlwifi-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-tools-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-tools-5.15.0-102-generic-64k - 5.15.0-102.112~20.04.1 linux-tools-5.15.0-102-generic-lpae - 5.15.0-102.112~20.04.1 linux-tools-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-tools-5.15.0-102-lowlatency-64k - 5.15.0-102.112~20.04.1 No subscription required linux-buildinfo-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-cloud-tools-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-gkeop-5.15-headers-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-gkeop-5.15-tools-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-headers-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-image-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-image-unsigned-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-modules-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-modules-extra-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-tools-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 No subscription required linux-buildinfo-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 linux-headers-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 linux-ibm-5.15-headers-5.15.0-1050 - 5.15.0-1050.53~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1050.53~20.04.1 linux-ibm-5.15-tools-5.15.0-1050 - 5.15.0-1050.53~20.04.1 linux-image-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 linux-image-unsigned-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 linux-modules-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 linux-modules-extra-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 linux-tools-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 No subscription required linux-buildinfo-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-cloud-tools-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-headers-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-image-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-image-unsigned-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1052 - 5.15.0-1052.58~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1052.58~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1052 - 5.15.0-1052.58~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1052 - 5.15.0-1052.58~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1052.58~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1052.58~20.04.1 linux-modules-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-modules-extra-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-modules-iwlwifi-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-tools-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 No subscription required linux-buildinfo-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 linux-headers-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 linux-image-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 linux-image-unsigned-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 linux-modules-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 linux-modules-extra-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 linux-oracle-5.15-headers-5.15.0-1055 - 5.15.0-1055.61~20.04.1 linux-oracle-5.15-tools-5.15.0-1055 - 5.15.0-1055.61~20.04.1 linux-tools-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 No subscription required linux-buildinfo-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-gcp-5.15-headers-5.15.0-1055 - 5.15.0-1055.63~20.04.1 linux-gcp-5.15-tools-5.15.0-1055 - 5.15.0-1055.63~20.04.1 linux-headers-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-image-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-image-unsigned-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-modules-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-modules-extra-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-modules-iwlwifi-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-tools-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1060 - 5.15.0-1060.69~20.04.1 linux-azure-5.15-headers-5.15.0-1060 - 5.15.0-1060.69~20.04.1 linux-azure-5.15-tools-5.15.0-1060 - 5.15.0-1060.69~20.04.1 linux-buildinfo-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-cloud-tools-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-headers-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-image-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-image-unsigned-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-modules-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-modules-extra-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-tools-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 No subscription required linux-image-5.15.0-1060-azure-fde - 5.15.0-1060.69~20.04.1.1 linux-image-unsigned-5.15.0-1060-azure-fde - 5.15.0-1060.69~20.04.1.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-generic-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-headers-oem-20.04 - 5.15.0.102.112~20.04.1 linux-headers-oem-20.04b - 5.15.0.102.112~20.04.1 linux-headers-oem-20.04c - 5.15.0.102.112~20.04.1 linux-headers-oem-20.04d - 5.15.0.102.112~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-oem-20.04 - 5.15.0.102.112~20.04.1 linux-image-oem-20.04b - 5.15.0.102.112~20.04.1 linux-image-oem-20.04c - 5.15.0.102.112~20.04.1 linux-image-oem-20.04d - 5.15.0.102.112~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.102.112~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.102.112~20.04.1 linux-oem-20.04 - 5.15.0.102.112~20.04.1 linux-oem-20.04b - 5.15.0.102.112~20.04.1 linux-oem-20.04c - 5.15.0.102.112~20.04.1 linux-oem-20.04d - 5.15.0.102.112~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-tools-oem-20.04 - 5.15.0.102.112~20.04.1 linux-tools-oem-20.04b - 5.15.0.102.112~20.04.1 linux-tools-oem-20.04c - 5.15.0.102.112~20.04.1 linux-tools-oem-20.04d - 5.15.0.102.112~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.102.112~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1040.46~20.04.36 linux-cloud-tools-gkeop-edge - 5.15.0.1040.46~20.04.36 linux-gkeop-5.15 - 5.15.0.1040.46~20.04.36 linux-gkeop-edge - 5.15.0.1040.46~20.04.36 linux-headers-gkeop-5.15 - 5.15.0.1040.46~20.04.36 linux-headers-gkeop-edge - 5.15.0.1040.46~20.04.36 linux-image-gkeop-5.15 - 5.15.0.1040.46~20.04.36 linux-image-gkeop-edge - 5.15.0.1040.46~20.04.36 linux-modules-extra-gkeop-5.15 - 5.15.0.1040.46~20.04.36 linux-modules-extra-gkeop-edge - 5.15.0.1040.46~20.04.36 linux-tools-gkeop-5.15 - 5.15.0.1040.46~20.04.36 linux-tools-gkeop-edge - 5.15.0.1040.46~20.04.36 No subscription required linux-headers-ibm - 5.15.0.1050.53~20.04.1 linux-headers-ibm-edge - 5.15.0.1050.53~20.04.1 linux-ibm - 5.15.0.1050.53~20.04.1 linux-ibm-edge - 5.15.0.1050.53~20.04.1 linux-image-ibm - 5.15.0.1050.53~20.04.1 linux-image-ibm-edge - 5.15.0.1050.53~20.04.1 linux-tools-ibm - 5.15.0.1050.53~20.04.1 linux-tools-ibm-edge - 5.15.0.1050.53~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1052.58~20.04.1 linux-headers-intel - 5.15.0.1052.58~20.04.1 linux-headers-intel-iotg - 5.15.0.1052.58~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1052.58~20.04.1 linux-image-intel - 5.15.0.1052.58~20.04.1 linux-image-intel-iotg - 5.15.0.1052.58~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1052.58~20.04.1 linux-intel - 5.15.0.1052.58~20.04.1 linux-intel-iotg - 5.15.0.1052.58~20.04.1 linux-intel-iotg-edge - 5.15.0.1052.58~20.04.1 linux-tools-intel - 5.15.0.1052.58~20.04.1 linux-tools-intel-iotg - 5.15.0.1052.58~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1052.58~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1055.61~20.04.1 linux-headers-oracle-edge - 5.15.0.1055.61~20.04.1 linux-image-oracle - 5.15.0.1055.61~20.04.1 linux-image-oracle-edge - 5.15.0.1055.61~20.04.1 linux-oracle - 5.15.0.1055.61~20.04.1 linux-oracle-edge - 5.15.0.1055.61~20.04.1 linux-tools-oracle - 5.15.0.1055.61~20.04.1 linux-tools-oracle-edge - 5.15.0.1055.61~20.04.1 No subscription required linux-gcp - 5.15.0.1055.63~20.04.1 linux-gcp-edge - 5.15.0.1055.63~20.04.1 linux-headers-gcp - 5.15.0.1055.63~20.04.1 linux-headers-gcp-edge - 5.15.0.1055.63~20.04.1 linux-image-gcp - 5.15.0.1055.63~20.04.1 linux-image-gcp-edge - 5.15.0.1055.63~20.04.1 linux-modules-extra-gcp - 5.15.0.1055.63~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1055.63~20.04.1 linux-tools-gcp - 5.15.0.1055.63~20.04.1 linux-tools-gcp-edge - 5.15.0.1055.63~20.04.1 No subscription required linux-azure - 5.15.0.1060.69~20.04.1 linux-azure-cvm - 5.15.0.1060.69~20.04.1 linux-azure-edge - 5.15.0.1060.69~20.04.1 linux-cloud-tools-azure - 5.15.0.1060.69~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1060.69~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1060.69~20.04.1 linux-headers-azure - 5.15.0.1060.69~20.04.1 linux-headers-azure-cvm - 5.15.0.1060.69~20.04.1 linux-headers-azure-edge - 5.15.0.1060.69~20.04.1 linux-image-azure - 5.15.0.1060.69~20.04.1 linux-image-azure-cvm - 5.15.0.1060.69~20.04.1 linux-image-azure-edge - 5.15.0.1060.69~20.04.1 linux-modules-extra-azure - 5.15.0.1060.69~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1060.69~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1060.69~20.04.1 linux-tools-azure - 5.15.0.1060.69~20.04.1 linux-tools-azure-cvm - 5.15.0.1060.69~20.04.1 linux-tools-azure-edge - 5.15.0.1060.69~20.04.1 No subscription required linux-azure-fde - 5.15.0.1060.69~20.04.1.39 linux-azure-fde-edge - 5.15.0.1060.69~20.04.1.39 linux-cloud-tools-azure-fde - 5.15.0.1060.69~20.04.1.39 linux-cloud-tools-azure-fde-edge - 5.15.0.1060.69~20.04.1.39 linux-headers-azure-fde - 5.15.0.1060.69~20.04.1.39 linux-headers-azure-fde-edge - 5.15.0.1060.69~20.04.1.39 linux-image-azure-fde - 5.15.0.1060.69~20.04.1.39 linux-image-azure-fde-edge - 5.15.0.1060.69~20.04.1.39 linux-modules-extra-azure-fde - 5.15.0.1060.69~20.04.1.39 linux-modules-extra-azure-fde-edge - 5.15.0.1060.69~20.04.1.39 linux-tools-azure-fde - 5.15.0.1060.69~20.04.1.39 linux-tools-azure-fde-edge - 5.15.0.1060.69~20.04.1.39 No subscription required High CVE-2023-1194 CVE-2023-32254 CVE-2023-32258 CVE-2023-38427 CVE-2023-38430 CVE-2023-38431 CVE-2023-3867 CVE-2023-46838 CVE-2023-52340 CVE-2023-52429 CVE-2023-52436 CVE-2023-52438 CVE-2023-52439 CVE-2023-52441 CVE-2023-52442 CVE-2023-52443 CVE-2023-52444 CVE-2023-52445 CVE-2023-52448 CVE-2023-52449 CVE-2023-52451 CVE-2023-52454 CVE-2023-52456 CVE-2023-52457 CVE-2023-52458 CVE-2023-52462 CVE-2023-52463 CVE-2023-52464 CVE-2023-52467 CVE-2023-52469 CVE-2023-52470 CVE-2023-52480 CVE-2023-52609 CVE-2023-52610 CVE-2023-52612 CVE-2024-22705 CVE-2024-23850 CVE-2024-23851 CVE-2024-24860 CVE-2024-26586 CVE-2024-26589 CVE-2024-26591 CVE-2024-26597 CVE-2024-26598 CVE-2024-26631 CVE-2024-26633 Ubuntu 20.04 LTS Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1194) Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32254) It was discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling session connections, leading to a use- after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32258) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an integer underflow and out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38427) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate SMB request protocol IDs, leading to a out-of- bounds read vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-38430) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate packet header sizes in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38431) It was discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information. (CVE-2023-3867) Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that the IPv6 implementation of the Linux kernel did not properly manage route cache memory usage. A remote attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-52340) It was discovered that the device mapper driver in the Linux kernel did not properly validate target size during certain memory allocations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-52429, CVE-2024-23851) Yang Chaoming discovered that the KSMBD implementation in the Linux kernel did not properly validate request buffer sizes, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-22705) Chenyuan Yang discovered that the btrfs file system in the Linux kernel did not properly handle read operations on newly created subvolumes in certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-23850) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-24860) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Architecture specifics; - Block layer; - Cryptographic API; - Android drivers; - EDAC drivers; - GPU drivers; - Media drivers; - Multifunction device drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - TTY drivers; - Userspace I/O drivers; - EFI Variable file system; - F2FS file system; - GFS2 file system; - SMB network file system; - BPF subsystem; - IPv6 Networking; - Network Traffic Control; - AppArmor security module; (CVE-2023-52463, CVE-2023-52445, CVE-2023-52462, CVE-2023-52609, CVE-2023-52448, CVE-2023-52457, CVE-2023-52464, CVE-2023-52456, CVE-2023-52454, CVE-2023-52438, CVE-2023-52480, CVE-2023-52443, CVE-2023-52442, CVE-2024-26631, CVE-2023-52439, CVE-2023-52612, CVE-2024-26598, CVE-2024-26586, CVE-2024-26589, CVE-2023-52444, CVE-2023-52436, CVE-2024-26633, CVE-2024-26597, CVE-2023-52458, CVE-2024-26591, CVE-2023-52449, CVE-2023-52467, CVE-2023-52441, CVE-2023-52610, CVE-2023-52451, CVE-2023-52469, CVE-2023-52470) Update Instructions: Run `sudo pro fix USN-6725-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-cloud-tools-5.15.0-1057 - 5.15.0-1057.63~20.04.1 linux-aws-5.15-headers-5.15.0-1057 - 5.15.0-1057.63~20.04.1 linux-aws-5.15-tools-5.15.0-1057 - 5.15.0-1057.63~20.04.1 linux-buildinfo-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-cloud-tools-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-headers-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-image-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-image-unsigned-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-modules-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-modules-extra-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-tools-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 No subscription required linux-aws - 5.15.0.1057.63~20.04.1 linux-aws-edge - 5.15.0.1057.63~20.04.1 linux-headers-aws - 5.15.0.1057.63~20.04.1 linux-headers-aws-edge - 5.15.0.1057.63~20.04.1 linux-image-aws - 5.15.0.1057.63~20.04.1 linux-image-aws-edge - 5.15.0.1057.63~20.04.1 linux-modules-extra-aws - 5.15.0.1057.63~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1057.63~20.04.1 linux-tools-aws - 5.15.0.1057.63~20.04.1 linux-tools-aws-edge - 5.15.0.1057.63~20.04.1 No subscription required High CVE-2023-1194 CVE-2023-32254 CVE-2023-32258 CVE-2023-38427 CVE-2023-38430 CVE-2023-38431 CVE-2023-3867 CVE-2023-46838 CVE-2023-52340 CVE-2023-52429 CVE-2023-52436 CVE-2023-52438 CVE-2023-52439 CVE-2023-52441 CVE-2023-52442 CVE-2023-52443 CVE-2023-52444 CVE-2023-52445 CVE-2023-52448 CVE-2023-52449 CVE-2023-52451 CVE-2023-52454 CVE-2023-52456 CVE-2023-52457 CVE-2023-52458 CVE-2023-52462 CVE-2023-52463 CVE-2023-52464 CVE-2023-52467 CVE-2023-52469 CVE-2023-52470 CVE-2023-52480 CVE-2023-52609 CVE-2023-52610 CVE-2023-52612 CVE-2024-22705 CVE-2024-23850 CVE-2024-23851 CVE-2024-24860 CVE-2024-26586 CVE-2024-26589 CVE-2024-26591 CVE-2024-26597 CVE-2024-26598 CVE-2024-26631 CVE-2024-26633 Ubuntu 20.04 LTS Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that the IPv6 implementation of the Linux kernel did not properly manage route cache memory usage. A remote attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-52340) It was discovered that the device mapper driver in the Linux kernel did not properly validate target size during certain memory allocations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-52429, CVE-2024-23851) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Architecture specifics; - Cryptographic API; - Android drivers; - EDAC drivers; - GPU drivers; - Media drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - TTY drivers; - Userspace I/O drivers; - F2FS file system; - GFS2 file system; - IPv6 Networking; - AppArmor security module; (CVE-2023-52464, CVE-2023-52448, CVE-2023-52457, CVE-2023-52443, CVE-2023-52439, CVE-2023-52612, CVE-2024-26633, CVE-2024-26597, CVE-2023-52449, CVE-2023-52444, CVE-2023-52609, CVE-2023-52469, CVE-2023-52445, CVE-2023-52451, CVE-2023-52470, CVE-2023-52454, CVE-2023-52436, CVE-2023-52438) Update Instructions: Run `sudo pro fix USN-6726-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1069-ibm - 5.4.0-1069.74 linux-headers-5.4.0-1069-ibm - 5.4.0-1069.74 linux-ibm-cloud-tools-common - 5.4.0-1069.74 linux-ibm-headers-5.4.0-1069 - 5.4.0-1069.74 linux-ibm-source-5.4.0 - 5.4.0-1069.74 linux-ibm-tools-5.4.0-1069 - 5.4.0-1069.74 linux-ibm-tools-common - 5.4.0-1069.74 linux-image-5.4.0-1069-ibm - 5.4.0-1069.74 linux-image-unsigned-5.4.0-1069-ibm - 5.4.0-1069.74 linux-modules-5.4.0-1069-ibm - 5.4.0-1069.74 linux-modules-extra-5.4.0-1069-ibm - 5.4.0-1069.74 linux-tools-5.4.0-1069-ibm - 5.4.0-1069.74 No subscription required linux-bluefield-headers-5.4.0-1082 - 5.4.0-1082.89 linux-bluefield-tools-5.4.0-1082 - 5.4.0-1082.89 linux-buildinfo-5.4.0-1082-bluefield - 5.4.0-1082.89 linux-headers-5.4.0-1082-bluefield - 5.4.0-1082.89 linux-image-5.4.0-1082-bluefield - 5.4.0-1082.89 linux-image-unsigned-5.4.0-1082-bluefield - 5.4.0-1082.89 linux-modules-5.4.0-1082-bluefield - 5.4.0-1082.89 linux-tools-5.4.0-1082-bluefield - 5.4.0-1082.89 No subscription required linux-buildinfo-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-cloud-tools-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-gkeop-cloud-tools-5.4.0-1089 - 5.4.0-1089.93 linux-gkeop-headers-5.4.0-1089 - 5.4.0-1089.93 linux-gkeop-source-5.4.0 - 5.4.0-1089.93 linux-gkeop-tools-5.4.0-1089 - 5.4.0-1089.93 linux-headers-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-image-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-image-unsigned-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-modules-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-modules-extra-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-tools-5.4.0-1089-gkeop - 5.4.0-1089.93 No subscription required linux-buildinfo-5.4.0-1106-raspi - 5.4.0-1106.118 linux-headers-5.4.0-1106-raspi - 5.4.0-1106.118 linux-image-5.4.0-1106-raspi - 5.4.0-1106.118 linux-modules-5.4.0-1106-raspi - 5.4.0-1106.118 linux-raspi-headers-5.4.0-1106 - 5.4.0-1106.118 linux-raspi-tools-5.4.0-1106 - 5.4.0-1106.118 linux-tools-5.4.0-1106-raspi - 5.4.0-1106.118 No subscription required linux-buildinfo-5.4.0-1110-kvm - 5.4.0-1110.117 linux-headers-5.4.0-1110-kvm - 5.4.0-1110.117 linux-image-5.4.0-1110-kvm - 5.4.0-1110.117 linux-image-unsigned-5.4.0-1110-kvm - 5.4.0-1110.117 linux-kvm-headers-5.4.0-1110 - 5.4.0-1110.117 linux-kvm-tools-5.4.0-1110 - 5.4.0-1110.117 linux-modules-5.4.0-1110-kvm - 5.4.0-1110.117 linux-tools-5.4.0-1110-kvm - 5.4.0-1110.117 No subscription required linux-buildinfo-5.4.0-1121-oracle - 5.4.0-1121.130 linux-headers-5.4.0-1121-oracle - 5.4.0-1121.130 linux-image-5.4.0-1121-oracle - 5.4.0-1121.130 linux-image-unsigned-5.4.0-1121-oracle - 5.4.0-1121.130 linux-modules-5.4.0-1121-oracle - 5.4.0-1121.130 linux-modules-extra-5.4.0-1121-oracle - 5.4.0-1121.130 linux-oracle-headers-5.4.0-1121 - 5.4.0-1121.130 linux-oracle-tools-5.4.0-1121 - 5.4.0-1121.130 linux-tools-5.4.0-1121-oracle - 5.4.0-1121.130 No subscription required linux-aws-cloud-tools-5.4.0-1122 - 5.4.0-1122.132 linux-aws-headers-5.4.0-1122 - 5.4.0-1122.132 linux-aws-tools-5.4.0-1122 - 5.4.0-1122.132 linux-buildinfo-5.4.0-1122-aws - 5.4.0-1122.132 linux-cloud-tools-5.4.0-1122-aws - 5.4.0-1122.132 linux-headers-5.4.0-1122-aws - 5.4.0-1122.132 linux-image-5.4.0-1122-aws - 5.4.0-1122.132 linux-image-unsigned-5.4.0-1122-aws - 5.4.0-1122.132 linux-modules-5.4.0-1122-aws - 5.4.0-1122.132 linux-modules-extra-5.4.0-1122-aws - 5.4.0-1122.132 linux-tools-5.4.0-1122-aws - 5.4.0-1122.132 No subscription required linux-buildinfo-5.4.0-1126-gcp - 5.4.0-1126.135 linux-gcp-headers-5.4.0-1126 - 5.4.0-1126.135 linux-gcp-tools-5.4.0-1126 - 5.4.0-1126.135 linux-headers-5.4.0-1126-gcp - 5.4.0-1126.135 linux-image-5.4.0-1126-gcp - 5.4.0-1126.135 linux-image-unsigned-5.4.0-1126-gcp - 5.4.0-1126.135 linux-modules-5.4.0-1126-gcp - 5.4.0-1126.135 linux-modules-extra-5.4.0-1126-gcp - 5.4.0-1126.135 linux-tools-5.4.0-1126-gcp - 5.4.0-1126.135 No subscription required linux-azure-cloud-tools-5.4.0-1127 - 5.4.0-1127.134 linux-azure-headers-5.4.0-1127 - 5.4.0-1127.134 linux-azure-tools-5.4.0-1127 - 5.4.0-1127.134 linux-buildinfo-5.4.0-1127-azure - 5.4.0-1127.134 linux-cloud-tools-5.4.0-1127-azure - 5.4.0-1127.134 linux-headers-5.4.0-1127-azure - 5.4.0-1127.134 linux-image-5.4.0-1127-azure - 5.4.0-1127.134 linux-image-unsigned-5.4.0-1127-azure - 5.4.0-1127.134 linux-modules-5.4.0-1127-azure - 5.4.0-1127.134 linux-modules-extra-5.4.0-1127-azure - 5.4.0-1127.134 linux-tools-5.4.0-1127-azure - 5.4.0-1127.134 No subscription required linux-buildinfo-5.4.0-176-generic - 5.4.0-176.196 linux-buildinfo-5.4.0-176-generic-lpae - 5.4.0-176.196 linux-buildinfo-5.4.0-176-lowlatency - 5.4.0-176.196 linux-cloud-tools-5.4.0-176 - 5.4.0-176.196 linux-cloud-tools-5.4.0-176-generic - 5.4.0-176.196 linux-cloud-tools-5.4.0-176-lowlatency - 5.4.0-176.196 linux-cloud-tools-common - 5.4.0-176.196 linux-doc - 5.4.0-176.196 linux-headers-5.4.0-176 - 5.4.0-176.196 linux-headers-5.4.0-176-generic - 5.4.0-176.196 linux-headers-5.4.0-176-generic-lpae - 5.4.0-176.196 linux-headers-5.4.0-176-lowlatency - 5.4.0-176.196 linux-image-5.4.0-176-generic - 5.4.0-176.196 linux-image-5.4.0-176-generic-lpae - 5.4.0-176.196 linux-image-5.4.0-176-lowlatency - 5.4.0-176.196 linux-image-unsigned-5.4.0-176-generic - 5.4.0-176.196 linux-image-unsigned-5.4.0-176-lowlatency - 5.4.0-176.196 linux-libc-dev - 5.4.0-176.196 linux-modules-5.4.0-176-generic - 5.4.0-176.196 linux-modules-5.4.0-176-generic-lpae - 5.4.0-176.196 linux-modules-5.4.0-176-lowlatency - 5.4.0-176.196 linux-modules-extra-5.4.0-176-generic - 5.4.0-176.196 linux-source-5.4.0 - 5.4.0-176.196 linux-tools-5.4.0-176 - 5.4.0-176.196 linux-tools-5.4.0-176-generic - 5.4.0-176.196 linux-tools-5.4.0-176-generic-lpae - 5.4.0-176.196 linux-tools-5.4.0-176-lowlatency - 5.4.0-176.196 linux-tools-common - 5.4.0-176.196 linux-tools-host - 5.4.0-176.196 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1069.98 linux-ibm-lts-20.04 - 5.4.0.1069.98 linux-image-ibm-lts-20.04 - 5.4.0.1069.98 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1069.98 linux-tools-ibm-lts-20.04 - 5.4.0.1069.98 No subscription required linux-bluefield - 5.4.0.1082.78 linux-headers-bluefield - 5.4.0.1082.78 linux-image-bluefield - 5.4.0.1082.78 linux-tools-bluefield - 5.4.0.1082.78 No subscription required linux-cloud-tools-gkeop - 5.4.0.1089.87 linux-cloud-tools-gkeop-5.4 - 5.4.0.1089.87 linux-gkeop - 5.4.0.1089.87 linux-gkeop-5.4 - 5.4.0.1089.87 linux-headers-gkeop - 5.4.0.1089.87 linux-headers-gkeop-5.4 - 5.4.0.1089.87 linux-image-gkeop - 5.4.0.1089.87 linux-image-gkeop-5.4 - 5.4.0.1089.87 linux-modules-extra-gkeop - 5.4.0.1089.87 linux-modules-extra-gkeop-5.4 - 5.4.0.1089.87 linux-tools-gkeop - 5.4.0.1089.87 linux-tools-gkeop-5.4 - 5.4.0.1089.87 No subscription required linux-headers-raspi - 5.4.0.1106.136 linux-headers-raspi-hwe-18.04 - 5.4.0.1106.136 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1106.136 linux-headers-raspi2 - 5.4.0.1106.136 linux-headers-raspi2-hwe-18.04 - 5.4.0.1106.136 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1106.136 linux-image-raspi - 5.4.0.1106.136 linux-image-raspi-hwe-18.04 - 5.4.0.1106.136 linux-image-raspi-hwe-18.04-edge - 5.4.0.1106.136 linux-image-raspi2 - 5.4.0.1106.136 linux-image-raspi2-hwe-18.04 - 5.4.0.1106.136 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1106.136 linux-raspi - 5.4.0.1106.136 linux-raspi-hwe-18.04 - 5.4.0.1106.136 linux-raspi-hwe-18.04-edge - 5.4.0.1106.136 linux-raspi2 - 5.4.0.1106.136 linux-raspi2-hwe-18.04 - 5.4.0.1106.136 linux-raspi2-hwe-18.04-edge - 5.4.0.1106.136 linux-tools-raspi - 5.4.0.1106.136 linux-tools-raspi-hwe-18.04 - 5.4.0.1106.136 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1106.136 linux-tools-raspi2 - 5.4.0.1106.136 linux-tools-raspi2-hwe-18.04 - 5.4.0.1106.136 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1106.136 No subscription required linux-headers-kvm - 5.4.0.1110.106 linux-image-kvm - 5.4.0.1110.106 linux-kvm - 5.4.0.1110.106 linux-tools-kvm - 5.4.0.1110.106 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1121.114 linux-image-oracle-lts-20.04 - 5.4.0.1121.114 linux-oracle-lts-20.04 - 5.4.0.1121.114 linux-tools-oracle-lts-20.04 - 5.4.0.1121.114 No subscription required linux-aws-lts-20.04 - 5.4.0.1122.119 linux-headers-aws-lts-20.04 - 5.4.0.1122.119 linux-image-aws-lts-20.04 - 5.4.0.1122.119 linux-modules-extra-aws-lts-20.04 - 5.4.0.1122.119 linux-tools-aws-lts-20.04 - 5.4.0.1122.119 No subscription required linux-gcp-lts-20.04 - 5.4.0.1126.128 linux-headers-gcp-lts-20.04 - 5.4.0.1126.128 linux-image-gcp-lts-20.04 - 5.4.0.1126.128 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1126.128 linux-tools-gcp-lts-20.04 - 5.4.0.1126.128 No subscription required linux-azure-lts-20.04 - 5.4.0.1127.121 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1127.121 linux-headers-azure-lts-20.04 - 5.4.0.1127.121 linux-image-azure-lts-20.04 - 5.4.0.1127.121 linux-modules-extra-azure-lts-20.04 - 5.4.0.1127.121 linux-tools-azure-lts-20.04 - 5.4.0.1127.121 No subscription required linux-cloud-tools-generic - 5.4.0.176.174 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.176.174 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.176.174 linux-cloud-tools-lowlatency - 5.4.0.176.174 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.176.174 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.176.174 linux-cloud-tools-virtual - 5.4.0.176.174 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.176.174 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.176.174 linux-crashdump - 5.4.0.176.174 linux-generic - 5.4.0.176.174 linux-generic-hwe-18.04 - 5.4.0.176.174 linux-generic-hwe-18.04-edge - 5.4.0.176.174 linux-generic-lpae - 5.4.0.176.174 linux-generic-lpae-hwe-18.04 - 5.4.0.176.174 linux-generic-lpae-hwe-18.04-edge - 5.4.0.176.174 linux-headers-generic - 5.4.0.176.174 linux-headers-generic-hwe-18.04 - 5.4.0.176.174 linux-headers-generic-hwe-18.04-edge - 5.4.0.176.174 linux-headers-generic-lpae - 5.4.0.176.174 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.176.174 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.176.174 linux-headers-lowlatency - 5.4.0.176.174 linux-headers-lowlatency-hwe-18.04 - 5.4.0.176.174 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.176.174 linux-headers-oem - 5.4.0.176.174 linux-headers-oem-osp1 - 5.4.0.176.174 linux-headers-virtual - 5.4.0.176.174 linux-headers-virtual-hwe-18.04 - 5.4.0.176.174 linux-headers-virtual-hwe-18.04-edge - 5.4.0.176.174 linux-image-extra-virtual - 5.4.0.176.174 linux-image-extra-virtual-hwe-18.04 - 5.4.0.176.174 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.176.174 linux-image-generic - 5.4.0.176.174 linux-image-generic-hwe-18.04 - 5.4.0.176.174 linux-image-generic-hwe-18.04-edge - 5.4.0.176.174 linux-image-generic-lpae - 5.4.0.176.174 linux-image-generic-lpae-hwe-18.04 - 5.4.0.176.174 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.176.174 linux-image-lowlatency - 5.4.0.176.174 linux-image-lowlatency-hwe-18.04 - 5.4.0.176.174 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.176.174 linux-image-oem - 5.4.0.176.174 linux-image-oem-osp1 - 5.4.0.176.174 linux-image-virtual - 5.4.0.176.174 linux-image-virtual-hwe-18.04 - 5.4.0.176.174 linux-image-virtual-hwe-18.04-edge - 5.4.0.176.174 linux-lowlatency - 5.4.0.176.174 linux-lowlatency-hwe-18.04 - 5.4.0.176.174 linux-lowlatency-hwe-18.04-edge - 5.4.0.176.174 linux-oem - 5.4.0.176.174 linux-oem-osp1 - 5.4.0.176.174 linux-oem-osp1-tools-host - 5.4.0.176.174 linux-oem-tools-host - 5.4.0.176.174 linux-source - 5.4.0.176.174 linux-tools-generic - 5.4.0.176.174 linux-tools-generic-hwe-18.04 - 5.4.0.176.174 linux-tools-generic-hwe-18.04-edge - 5.4.0.176.174 linux-tools-generic-lpae - 5.4.0.176.174 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.176.174 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.176.174 linux-tools-lowlatency - 5.4.0.176.174 linux-tools-lowlatency-hwe-18.04 - 5.4.0.176.174 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.176.174 linux-tools-oem - 5.4.0.176.174 linux-tools-oem-osp1 - 5.4.0.176.174 linux-tools-virtual - 5.4.0.176.174 linux-tools-virtual-hwe-18.04 - 5.4.0.176.174 linux-tools-virtual-hwe-18.04-edge - 5.4.0.176.174 linux-virtual - 5.4.0.176.174 linux-virtual-hwe-18.04 - 5.4.0.176.174 linux-virtual-hwe-18.04-edge - 5.4.0.176.174 No subscription required High CVE-2023-46838 CVE-2023-52340 CVE-2023-52429 CVE-2023-52436 CVE-2023-52438 CVE-2023-52439 CVE-2023-52443 CVE-2023-52444 CVE-2023-52445 CVE-2023-52448 CVE-2023-52449 CVE-2023-52451 CVE-2023-52454 CVE-2023-52457 CVE-2023-52464 CVE-2023-52469 CVE-2023-52470 CVE-2023-52609 CVE-2023-52612 CVE-2024-0607 CVE-2024-23851 CVE-2024-26597 CVE-2024-26633 Ubuntu 20.04 LTS Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that the IPv6 implementation of the Linux kernel did not properly manage route cache memory usage. A remote attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-52340) It was discovered that the device mapper driver in the Linux kernel did not properly validate target size during certain memory allocations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-52429, CVE-2024-23851) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Architecture specifics; - Cryptographic API; - Android drivers; - EDAC drivers; - GPU drivers; - Media drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - TTY drivers; - Userspace I/O drivers; - F2FS file system; - GFS2 file system; - IPv6 Networking; - AppArmor security module; (CVE-2023-52464, CVE-2023-52448, CVE-2023-52457, CVE-2023-52443, CVE-2023-52439, CVE-2023-52612, CVE-2024-26633, CVE-2024-26597, CVE-2023-52449, CVE-2023-52444, CVE-2023-52609, CVE-2023-52469, CVE-2023-52445, CVE-2023-52451, CVE-2023-52470, CVE-2023-52454, CVE-2023-52436, CVE-2023-52438) Update Instructions: Run `sudo pro fix USN-6726-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1034-iot - 5.4.0-1034.35 linux-headers-5.4.0-1034-iot - 5.4.0-1034.35 linux-image-5.4.0-1034-iot - 5.4.0-1034.35 linux-image-unsigned-5.4.0-1034-iot - 5.4.0-1034.35 linux-iot-headers-5.4.0-1034 - 5.4.0-1034.35 linux-iot-tools-5.4.0-1034 - 5.4.0-1034.35 linux-iot-tools-common - 5.4.0-1034.35 linux-modules-5.4.0-1034-iot - 5.4.0-1034.35 linux-tools-5.4.0-1034-iot - 5.4.0-1034.35 No subscription required linux-headers-iot - 5.4.0.1034.32 linux-image-iot - 5.4.0.1034.32 linux-iot - 5.4.0.1034.32 linux-tools-iot - 5.4.0.1034.32 No subscription required High CVE-2023-46838 CVE-2023-52340 CVE-2023-52429 CVE-2023-52436 CVE-2023-52438 CVE-2023-52439 CVE-2023-52443 CVE-2023-52444 CVE-2023-52445 CVE-2023-52448 CVE-2023-52449 CVE-2023-52451 CVE-2023-52454 CVE-2023-52457 CVE-2023-52464 CVE-2023-52469 CVE-2023-52470 CVE-2023-52609 CVE-2023-52612 CVE-2024-0607 CVE-2024-23851 CVE-2024-26597 CVE-2024-26633 Ubuntu 20.04 LTS Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that the IPv6 implementation of the Linux kernel did not properly manage route cache memory usage. A remote attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-52340) It was discovered that the device mapper driver in the Linux kernel did not properly validate target size during certain memory allocations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-52429, CVE-2024-23851) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Architecture specifics; - Cryptographic API; - Android drivers; - EDAC drivers; - GPU drivers; - Media drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - TTY drivers; - Userspace I/O drivers; - F2FS file system; - GFS2 file system; - IPv6 Networking; - AppArmor security module; (CVE-2023-52464, CVE-2023-52448, CVE-2023-52457, CVE-2023-52443, CVE-2023-52439, CVE-2023-52612, CVE-2024-26633, CVE-2024-26597, CVE-2023-52449, CVE-2023-52444, CVE-2023-52609, CVE-2023-52469, CVE-2023-52445, CVE-2023-52451, CVE-2023-52470, CVE-2023-52454, CVE-2023-52436, CVE-2023-52438) Update Instructions: Run `sudo pro fix USN-6726-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1041-xilinx-zynqmp - 5.4.0-1041.45 linux-headers-5.4.0-1041-xilinx-zynqmp - 5.4.0-1041.45 linux-image-5.4.0-1041-xilinx-zynqmp - 5.4.0-1041.45 linux-modules-5.4.0-1041-xilinx-zynqmp - 5.4.0-1041.45 linux-tools-5.4.0-1041-xilinx-zynqmp - 5.4.0-1041.45 linux-xilinx-zynqmp-headers-5.4.0-1041 - 5.4.0-1041.45 linux-xilinx-zynqmp-tools-5.4.0-1041 - 5.4.0-1041.45 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1041.41 linux-image-xilinx-zynqmp - 5.4.0.1041.41 linux-tools-xilinx-zynqmp - 5.4.0.1041.41 linux-xilinx-zynqmp - 5.4.0.1041.41 No subscription required High CVE-2023-46838 CVE-2023-52340 CVE-2023-52429 CVE-2023-52436 CVE-2023-52438 CVE-2023-52439 CVE-2023-52443 CVE-2023-52444 CVE-2023-52445 CVE-2023-52448 CVE-2023-52449 CVE-2023-52451 CVE-2023-52454 CVE-2023-52457 CVE-2023-52464 CVE-2023-52469 CVE-2023-52470 CVE-2023-52609 CVE-2023-52612 CVE-2024-0607 CVE-2024-23851 CVE-2024-26597 CVE-2024-26633 Ubuntu 20.04 LTS It was discovered that NSS incorrectly handled padding when checking PKCS#1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. (CVE-2023-4421) It was discovered that NSS had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover private data. (CVE-2023-5388) It was discovered that NSS had a timing side-channel when using certain NIST curves. A remote attacker could possibly use this issue to recover private data. (CVE-2023-6135) The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.98 which includes the latest CA certificate bundle and other security improvements. Update Instructions: Run `sudo pro fix USN-6727-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3 - 2:3.98-0ubuntu0.20.04.1 libnss3-dev - 2:3.98-0ubuntu0.20.04.1 libnss3-tools - 2:3.98-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-4421 CVE-2023-5388 CVE-2023-6135 Ubuntu 20.04 LTS USN-6727-1 fixed vulnerabilities in NSS. The update introduced a regression when trying to load security modules on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that NSS incorrectly handled padding when checking PKCS#1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. (CVE-2023-4421) It was discovered that NSS had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover private data. (CVE-2023-5388) It was discovered that NSS had a timing side-channel when using certain NIST curves. A remote attacker could possibly use this issue to recover private data. (CVE-2023-6135) The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.98 which includes the latest CA certificate bundle and other security improvements. Update Instructions: Run `sudo pro fix USN-6727-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3 - 2:3.98-0ubuntu0.20.04.2 libnss3-dev - 2:3.98-0ubuntu0.20.04.2 libnss3-tools - 2:3.98-0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/2060906 Ubuntu 20.04 LTS Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-49288) Joshua Rogers discovered that Squid incorrectly handled certain structural elements. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-5824) Joshua Rogers discovered that Squid incorrectly handled Cache Manager error responses. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-23638) Joshua Rogers discovered that Squid incorrectly handled the HTTP Chunked decoder. A remote attacker could possibly use this issue to cause Squid to stop responding, resulting in a denial of service. (CVE-2024-25111) Joshua Rogers discovered that Squid incorrectly handled HTTP header parsing. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-25617) Update Instructions: Run `sudo pro fix USN-6728-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid - 4.10-1ubuntu1.10 squid-cgi - 4.10-1ubuntu1.10 squid-common - 4.10-1ubuntu1.10 squid-purge - 4.10-1ubuntu1.10 squidclient - 4.10-1ubuntu1.10 No subscription required Medium CVE-2023-49288 CVE-2023-5824 CVE-2024-23638 CVE-2024-25111 CVE-2024-25617 Ubuntu 20.04 LTS USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS. The problematic fix has been reverted pending further investigation. We apologize for the inconvenience. Original advisory details: Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-49288) Joshua Rogers discovered that Squid incorrectly handled certain structural elements. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-5824) Joshua Rogers discovered that Squid incorrectly handled Cache Manager error responses. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-23638) Joshua Rogers discovered that Squid incorrectly handled the HTTP Chunked decoder. A remote attacker could possibly use this issue to cause Squid to stop responding, resulting in a denial of service. (CVE-2024-25111) Joshua Rogers discovered that Squid incorrectly handled HTTP header parsing. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-25617) Update Instructions: Run `sudo pro fix USN-6728-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid - 4.10-1ubuntu1.11 squid-cgi - 4.10-1ubuntu1.11 squid-common - 4.10-1ubuntu1.11 squid-purge - 4.10-1ubuntu1.11 squidclient - 4.10-1ubuntu1.11 No subscription required None https://launchpad.net/bugs/2060880 Ubuntu 20.04 LTS USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS and was disabled in USN-6728-2. The problematic fix for CVE-2023-5824 has now been corrected and reinstated in this update. We apologize for the inconvenience. Original advisory details: Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-49288) Joshua Rogers discovered that Squid incorrectly handled certain structural elements. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-5824) Joshua Rogers discovered that Squid incorrectly handled Cache Manager error responses. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-23638) Joshua Rogers discovered that Squid incorrectly handled the HTTP Chunked decoder. A remote attacker could possibly use this issue to cause Squid to stop responding, resulting in a denial of service. (CVE-2024-25111) Joshua Rogers discovered that Squid incorrectly handled HTTP header parsing. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-25617) Update Instructions: Run `sudo pro fix USN-6728-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid - 4.10-1ubuntu1.12 squid-cgi - 4.10-1ubuntu1.12 squid-common - 4.10-1ubuntu1.12 squid-purge - 4.10-1ubuntu1.12 squidclient - 4.10-1ubuntu1.12 No subscription required Medium CVE-2023-5824 CVE-2023-49288 https://launchpad.net/bugs/2060880 Ubuntu 20.04 LTS Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2023-38709) Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2024-24795) Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module incorrectly handled endless continuation frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. (CVE-2024-27316) Update Instructions: Run `sudo pro fix USN-6729-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2 - 2.4.41-4ubuntu3.17 apache2-bin - 2.4.41-4ubuntu3.17 apache2-data - 2.4.41-4ubuntu3.17 apache2-dev - 2.4.41-4ubuntu3.17 apache2-doc - 2.4.41-4ubuntu3.17 apache2-ssl-dev - 2.4.41-4ubuntu3.17 apache2-suexec-custom - 2.4.41-4ubuntu3.17 apache2-suexec-pristine - 2.4.41-4ubuntu3.17 apache2-utils - 2.4.41-4ubuntu3.17 libapache2-mod-md - 2.4.41-4ubuntu3.17 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.17 No subscription required Medium CVE-2023-38709 CVE-2024-24795 CVE-2024-27316 Ubuntu 20.04 LTS It was discovered that Apache Maven Shared Utils did not handle double-quoted strings properly, allowing shell injection attacks. This could allow an attacker to run arbitrary code. Update Instructions: Run `sudo pro fix USN-6730-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmaven-shared-utils-java - 3.3.0-1ubuntu0.20.04.1 libmaven-shared-utils-java-doc - 3.3.0-1ubuntu0.20.04.1 No subscription required Medium CVE-2022-29599 Ubuntu 20.04 LTS It was discovered that YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-17042) It was discovered that yard before 0.9.20 is affected by a path traversal vulnerability, allowing HTTP requests to access arbitrary files under certain conditions. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-1020001) Aviv Keller discovered that the "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. (CVE-2024-27285) Update Instructions: Run `sudo pro fix USN-6731-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: yard - 0.9.24-1+deb11u1build0.20.04.1 yard-doc - 0.9.24-1+deb11u1build0.20.04.1 No subscription required Medium CVE-2017-17042 CVE-2019-1020001 CVE-2024-27285 Ubuntu 20.04 LTS It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-28834) It was discovered that GnuTLS incorrectly handled verifying certain PEM bundles. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2024-28835) Update Instructions: Run `sudo pro fix USN-6733-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-bin - 3.6.13-2ubuntu1.11 gnutls-doc - 3.6.13-2ubuntu1.11 guile-gnutls - 3.6.13-2ubuntu1.11 libgnutls-dane0 - 3.6.13-2ubuntu1.11 libgnutls-openssl27 - 3.6.13-2ubuntu1.11 libgnutls28-dev - 3.6.13-2ubuntu1.11 libgnutls30 - 3.6.13-2ubuntu1.11 libgnutlsxx28 - 3.6.13-2ubuntu1.11 No subscription required Medium CVE-2024-28834 CVE-2024-28835 Ubuntu 20.04 LTS Alexander Kuznetsov discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2024-1441) It was discovered that libvirt incorrectly handled certain RPC library API calls. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2024-2494) It was discovered that libvirt incorrectly handled detaching certain host interfaces. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2024-2496) Update Instructions: Run `sudo pro fix USN-6734-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss-libvirt - 6.0.0-0ubuntu8.19 libvirt-clients - 6.0.0-0ubuntu8.19 libvirt-daemon - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-lxc - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-qemu - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-storage-gluster - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-storage-rbd - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-storage-zfs - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-vbox - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-xen - 6.0.0-0ubuntu8.19 libvirt-daemon-system - 6.0.0-0ubuntu8.19 libvirt-daemon-system-systemd - 6.0.0-0ubuntu8.19 libvirt-daemon-system-sysv - 6.0.0-0ubuntu8.19 libvirt-dev - 6.0.0-0ubuntu8.19 libvirt-doc - 6.0.0-0ubuntu8.19 libvirt-sanlock - 6.0.0-0ubuntu8.19 libvirt-wireshark - 6.0.0-0ubuntu8.19 libvirt0 - 6.0.0-0ubuntu8.19 No subscription required Medium CVE-2024-1441 CVE-2024-2494 CVE-2024-2496 Ubuntu 20.04 LTS It was discovered that Node.js incorrectly handled the use of invalid public keys while creating an x509 certificate. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.10. (CVE-2023-30588) It was discovered that Node.js incorrectly handled the use of CRLF sequences to delimit HTTP requests. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain unauthorised access. This issue only affected Ubuntu 23.10. (CVE-2023-30589) It was discovered that Node.js incorrectly described the generateKeys() function in the documentation. This inconsistency could possibly lead to security issues in applications that use these APIs. (CVE-2023-30590) Update Instructions: Run `sudo pro fix USN-6735-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnode-dev - 10.19.0~dfsg-3ubuntu1.6 libnode64 - 10.19.0~dfsg-3ubuntu1.6 nodejs - 10.19.0~dfsg-3ubuntu1.6 nodejs-doc - 10.19.0~dfsg-3ubuntu1.6 No subscription required Medium CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 Ubuntu 20.04 LTS It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2016-9840, CVE-2016-9841) Danilo Ramos discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2018-25032) Evgeny Legerov discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2022-37434) Update Instructions: Run `sudo pro fix USN-6736-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: klibc-utils - 2.0.7-1ubuntu5.2 libklibc - 2.0.7-1ubuntu5.2 libklibc-dev - 2.0.7-1ubuntu5.2 No subscription required Medium CVE-2016-9840 CVE-2016-9841 CVE-2018-25032 CVE-2022-37434 Ubuntu 20.04 LTS Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6737-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: glibc-doc - 2.31-0ubuntu9.15 glibc-source - 2.31-0ubuntu9.15 libc-bin - 2.31-0ubuntu9.15 libc-dev-bin - 2.31-0ubuntu9.15 libc6 - 2.31-0ubuntu9.15 libc6-amd64 - 2.31-0ubuntu9.15 libc6-armel - 2.31-0ubuntu9.15 libc6-dev - 2.31-0ubuntu9.15 libc6-dev-amd64 - 2.31-0ubuntu9.15 libc6-dev-armel - 2.31-0ubuntu9.15 libc6-dev-i386 - 2.31-0ubuntu9.15 libc6-dev-s390 - 2.31-0ubuntu9.15 libc6-dev-x32 - 2.31-0ubuntu9.15 libc6-i386 - 2.31-0ubuntu9.15 libc6-lse - 2.31-0ubuntu9.15 libc6-pic - 2.31-0ubuntu9.15 libc6-prof - 2.31-0ubuntu9.15 libc6-s390 - 2.31-0ubuntu9.15 libc6-x32 - 2.31-0ubuntu9.15 locales - 2.31-0ubuntu9.15 locales-all - 2.31-0ubuntu9.15 nscd - 2.31-0ubuntu9.15 No subscription required Medium CVE-2024-2961 Ubuntu 20.04 LTS Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. (CVE-2023-24023) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - JFS file system; - BPF subsystem; - Netfilter; (CVE-2023-52603, CVE-2023-52600, CVE-2024-26581, CVE-2024-26589) Update Instructions: Run `sudo pro fix USN-6741-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1035-iot - 5.4.0-1035.36 linux-headers-5.4.0-1035-iot - 5.4.0-1035.36 linux-image-5.4.0-1035-iot - 5.4.0-1035.36 linux-image-unsigned-5.4.0-1035-iot - 5.4.0-1035.36 linux-iot-headers-5.4.0-1035 - 5.4.0-1035.36 linux-iot-tools-5.4.0-1035 - 5.4.0-1035.36 linux-iot-tools-common - 5.4.0-1035.36 linux-modules-5.4.0-1035-iot - 5.4.0-1035.36 linux-tools-5.4.0-1035-iot - 5.4.0-1035.36 No subscription required linux-buildinfo-5.4.0-1042-xilinx-zynqmp - 5.4.0-1042.46 linux-headers-5.4.0-1042-xilinx-zynqmp - 5.4.0-1042.46 linux-image-5.4.0-1042-xilinx-zynqmp - 5.4.0-1042.46 linux-modules-5.4.0-1042-xilinx-zynqmp - 5.4.0-1042.46 linux-tools-5.4.0-1042-xilinx-zynqmp - 5.4.0-1042.46 linux-xilinx-zynqmp-headers-5.4.0-1042 - 5.4.0-1042.46 linux-xilinx-zynqmp-tools-5.4.0-1042 - 5.4.0-1042.46 No subscription required linux-buildinfo-5.4.0-1070-ibm - 5.4.0-1070.75 linux-headers-5.4.0-1070-ibm - 5.4.0-1070.75 linux-ibm-cloud-tools-common - 5.4.0-1070.75 linux-ibm-headers-5.4.0-1070 - 5.4.0-1070.75 linux-ibm-source-5.4.0 - 5.4.0-1070.75 linux-ibm-tools-5.4.0-1070 - 5.4.0-1070.75 linux-ibm-tools-common - 5.4.0-1070.75 linux-image-5.4.0-1070-ibm - 5.4.0-1070.75 linux-image-unsigned-5.4.0-1070-ibm - 5.4.0-1070.75 linux-modules-5.4.0-1070-ibm - 5.4.0-1070.75 linux-modules-extra-5.4.0-1070-ibm - 5.4.0-1070.75 linux-tools-5.4.0-1070-ibm - 5.4.0-1070.75 No subscription required linux-bluefield-headers-5.4.0-1083 - 5.4.0-1083.90 linux-bluefield-tools-5.4.0-1083 - 5.4.0-1083.90 linux-buildinfo-5.4.0-1083-bluefield - 5.4.0-1083.90 linux-headers-5.4.0-1083-bluefield - 5.4.0-1083.90 linux-image-5.4.0-1083-bluefield - 5.4.0-1083.90 linux-image-unsigned-5.4.0-1083-bluefield - 5.4.0-1083.90 linux-modules-5.4.0-1083-bluefield - 5.4.0-1083.90 linux-tools-5.4.0-1083-bluefield - 5.4.0-1083.90 No subscription required linux-buildinfo-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-cloud-tools-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-gkeop-cloud-tools-5.4.0-1090 - 5.4.0-1090.94 linux-gkeop-headers-5.4.0-1090 - 5.4.0-1090.94 linux-gkeop-source-5.4.0 - 5.4.0-1090.94 linux-gkeop-tools-5.4.0-1090 - 5.4.0-1090.94 linux-headers-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-image-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-image-unsigned-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-modules-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-modules-extra-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-tools-5.4.0-1090-gkeop - 5.4.0-1090.94 No subscription required linux-buildinfo-5.4.0-1107-raspi - 5.4.0-1107.119 linux-headers-5.4.0-1107-raspi - 5.4.0-1107.119 linux-image-5.4.0-1107-raspi - 5.4.0-1107.119 linux-modules-5.4.0-1107-raspi - 5.4.0-1107.119 linux-raspi-headers-5.4.0-1107 - 5.4.0-1107.119 linux-raspi-tools-5.4.0-1107 - 5.4.0-1107.119 linux-tools-5.4.0-1107-raspi - 5.4.0-1107.119 No subscription required linux-buildinfo-5.4.0-1111-kvm - 5.4.0-1111.118 linux-headers-5.4.0-1111-kvm - 5.4.0-1111.118 linux-image-5.4.0-1111-kvm - 5.4.0-1111.118 linux-image-unsigned-5.4.0-1111-kvm - 5.4.0-1111.118 linux-kvm-headers-5.4.0-1111 - 5.4.0-1111.118 linux-kvm-tools-5.4.0-1111 - 5.4.0-1111.118 linux-modules-5.4.0-1111-kvm - 5.4.0-1111.118 linux-tools-5.4.0-1111-kvm - 5.4.0-1111.118 No subscription required linux-buildinfo-5.4.0-1122-oracle - 5.4.0-1122.131 linux-headers-5.4.0-1122-oracle - 5.4.0-1122.131 linux-image-5.4.0-1122-oracle - 5.4.0-1122.131 linux-image-unsigned-5.4.0-1122-oracle - 5.4.0-1122.131 linux-modules-5.4.0-1122-oracle - 5.4.0-1122.131 linux-modules-extra-5.4.0-1122-oracle - 5.4.0-1122.131 linux-oracle-headers-5.4.0-1122 - 5.4.0-1122.131 linux-oracle-tools-5.4.0-1122 - 5.4.0-1122.131 linux-tools-5.4.0-1122-oracle - 5.4.0-1122.131 No subscription required linux-aws-cloud-tools-5.4.0-1123 - 5.4.0-1123.133 linux-aws-headers-5.4.0-1123 - 5.4.0-1123.133 linux-aws-tools-5.4.0-1123 - 5.4.0-1123.133 linux-buildinfo-5.4.0-1123-aws - 5.4.0-1123.133 linux-cloud-tools-5.4.0-1123-aws - 5.4.0-1123.133 linux-headers-5.4.0-1123-aws - 5.4.0-1123.133 linux-image-5.4.0-1123-aws - 5.4.0-1123.133 linux-image-unsigned-5.4.0-1123-aws - 5.4.0-1123.133 linux-modules-5.4.0-1123-aws - 5.4.0-1123.133 linux-modules-extra-5.4.0-1123-aws - 5.4.0-1123.133 linux-tools-5.4.0-1123-aws - 5.4.0-1123.133 No subscription required linux-buildinfo-5.4.0-1127-gcp - 5.4.0-1127.136 linux-gcp-headers-5.4.0-1127 - 5.4.0-1127.136 linux-gcp-tools-5.4.0-1127 - 5.4.0-1127.136 linux-headers-5.4.0-1127-gcp - 5.4.0-1127.136 linux-image-5.4.0-1127-gcp - 5.4.0-1127.136 linux-image-unsigned-5.4.0-1127-gcp - 5.4.0-1127.136 linux-modules-5.4.0-1127-gcp - 5.4.0-1127.136 linux-modules-extra-5.4.0-1127-gcp - 5.4.0-1127.136 linux-tools-5.4.0-1127-gcp - 5.4.0-1127.136 No subscription required linux-azure-cloud-tools-5.4.0-1128 - 5.4.0-1128.135 linux-azure-headers-5.4.0-1128 - 5.4.0-1128.135 linux-azure-tools-5.4.0-1128 - 5.4.0-1128.135 linux-buildinfo-5.4.0-1128-azure - 5.4.0-1128.135 linux-cloud-tools-5.4.0-1128-azure - 5.4.0-1128.135 linux-headers-5.4.0-1128-azure - 5.4.0-1128.135 linux-image-5.4.0-1128-azure - 5.4.0-1128.135 linux-image-unsigned-5.4.0-1128-azure - 5.4.0-1128.135 linux-modules-5.4.0-1128-azure - 5.4.0-1128.135 linux-modules-extra-5.4.0-1128-azure - 5.4.0-1128.135 linux-tools-5.4.0-1128-azure - 5.4.0-1128.135 No subscription required linux-buildinfo-5.4.0-177-generic - 5.4.0-177.197 linux-buildinfo-5.4.0-177-generic-lpae - 5.4.0-177.197 linux-buildinfo-5.4.0-177-lowlatency - 5.4.0-177.197 linux-cloud-tools-5.4.0-177 - 5.4.0-177.197 linux-cloud-tools-5.4.0-177-generic - 5.4.0-177.197 linux-cloud-tools-5.4.0-177-lowlatency - 5.4.0-177.197 linux-cloud-tools-common - 5.4.0-177.197 linux-doc - 5.4.0-177.197 linux-headers-5.4.0-177 - 5.4.0-177.197 linux-headers-5.4.0-177-generic - 5.4.0-177.197 linux-headers-5.4.0-177-generic-lpae - 5.4.0-177.197 linux-headers-5.4.0-177-lowlatency - 5.4.0-177.197 linux-image-5.4.0-177-generic - 5.4.0-177.197 linux-image-5.4.0-177-generic-lpae - 5.4.0-177.197 linux-image-5.4.0-177-lowlatency - 5.4.0-177.197 linux-image-unsigned-5.4.0-177-generic - 5.4.0-177.197 linux-image-unsigned-5.4.0-177-lowlatency - 5.4.0-177.197 linux-libc-dev - 5.4.0-177.197 linux-modules-5.4.0-177-generic - 5.4.0-177.197 linux-modules-5.4.0-177-generic-lpae - 5.4.0-177.197 linux-modules-5.4.0-177-lowlatency - 5.4.0-177.197 linux-modules-extra-5.4.0-177-generic - 5.4.0-177.197 linux-source-5.4.0 - 5.4.0-177.197 linux-tools-5.4.0-177 - 5.4.0-177.197 linux-tools-5.4.0-177-generic - 5.4.0-177.197 linux-tools-5.4.0-177-generic-lpae - 5.4.0-177.197 linux-tools-5.4.0-177-lowlatency - 5.4.0-177.197 linux-tools-common - 5.4.0-177.197 linux-tools-host - 5.4.0-177.197 No subscription required linux-headers-iot - 5.4.0.1035.33 linux-image-iot - 5.4.0.1035.33 linux-iot - 5.4.0.1035.33 linux-tools-iot - 5.4.0.1035.33 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1042.42 linux-image-xilinx-zynqmp - 5.4.0.1042.42 linux-tools-xilinx-zynqmp - 5.4.0.1042.42 linux-xilinx-zynqmp - 5.4.0.1042.42 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1070.99 linux-ibm-lts-20.04 - 5.4.0.1070.99 linux-image-ibm-lts-20.04 - 5.4.0.1070.99 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1070.99 linux-tools-ibm-lts-20.04 - 5.4.0.1070.99 No subscription required linux-bluefield - 5.4.0.1083.79 linux-headers-bluefield - 5.4.0.1083.79 linux-image-bluefield - 5.4.0.1083.79 linux-tools-bluefield - 5.4.0.1083.79 No subscription required linux-cloud-tools-gkeop - 5.4.0.1090.88 linux-cloud-tools-gkeop-5.4 - 5.4.0.1090.88 linux-gkeop - 5.4.0.1090.88 linux-gkeop-5.4 - 5.4.0.1090.88 linux-headers-gkeop - 5.4.0.1090.88 linux-headers-gkeop-5.4 - 5.4.0.1090.88 linux-image-gkeop - 5.4.0.1090.88 linux-image-gkeop-5.4 - 5.4.0.1090.88 linux-modules-extra-gkeop - 5.4.0.1090.88 linux-modules-extra-gkeop-5.4 - 5.4.0.1090.88 linux-tools-gkeop - 5.4.0.1090.88 linux-tools-gkeop-5.4 - 5.4.0.1090.88 No subscription required linux-headers-raspi - 5.4.0.1107.137 linux-headers-raspi-hwe-18.04 - 5.4.0.1107.137 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1107.137 linux-headers-raspi2 - 5.4.0.1107.137 linux-headers-raspi2-hwe-18.04 - 5.4.0.1107.137 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1107.137 linux-image-raspi - 5.4.0.1107.137 linux-image-raspi-hwe-18.04 - 5.4.0.1107.137 linux-image-raspi-hwe-18.04-edge - 5.4.0.1107.137 linux-image-raspi2 - 5.4.0.1107.137 linux-image-raspi2-hwe-18.04 - 5.4.0.1107.137 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1107.137 linux-raspi - 5.4.0.1107.137 linux-raspi-hwe-18.04 - 5.4.0.1107.137 linux-raspi-hwe-18.04-edge - 5.4.0.1107.137 linux-raspi2 - 5.4.0.1107.137 linux-raspi2-hwe-18.04 - 5.4.0.1107.137 linux-raspi2-hwe-18.04-edge - 5.4.0.1107.137 linux-tools-raspi - 5.4.0.1107.137 linux-tools-raspi-hwe-18.04 - 5.4.0.1107.137 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1107.137 linux-tools-raspi2 - 5.4.0.1107.137 linux-tools-raspi2-hwe-18.04 - 5.4.0.1107.137 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1107.137 No subscription required linux-headers-kvm - 5.4.0.1111.107 linux-image-kvm - 5.4.0.1111.107 linux-kvm - 5.4.0.1111.107 linux-tools-kvm - 5.4.0.1111.107 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1122.115 linux-image-oracle-lts-20.04 - 5.4.0.1122.115 linux-oracle-lts-20.04 - 5.4.0.1122.115 linux-tools-oracle-lts-20.04 - 5.4.0.1122.115 No subscription required linux-aws-lts-20.04 - 5.4.0.1123.120 linux-headers-aws-lts-20.04 - 5.4.0.1123.120 linux-image-aws-lts-20.04 - 5.4.0.1123.120 linux-modules-extra-aws-lts-20.04 - 5.4.0.1123.120 linux-tools-aws-lts-20.04 - 5.4.0.1123.120 No subscription required linux-gcp-lts-20.04 - 5.4.0.1127.129 linux-headers-gcp-lts-20.04 - 5.4.0.1127.129 linux-image-gcp-lts-20.04 - 5.4.0.1127.129 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1127.129 linux-tools-gcp-lts-20.04 - 5.4.0.1127.129 No subscription required linux-azure-lts-20.04 - 5.4.0.1128.122 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1128.122 linux-headers-azure-lts-20.04 - 5.4.0.1128.122 linux-image-azure-lts-20.04 - 5.4.0.1128.122 linux-modules-extra-azure-lts-20.04 - 5.4.0.1128.122 linux-tools-azure-lts-20.04 - 5.4.0.1128.122 No subscription required linux-cloud-tools-generic - 5.4.0.177.175 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.177.175 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.177.175 linux-cloud-tools-lowlatency - 5.4.0.177.175 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.177.175 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.177.175 linux-cloud-tools-virtual - 5.4.0.177.175 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.177.175 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.177.175 linux-crashdump - 5.4.0.177.175 linux-generic - 5.4.0.177.175 linux-generic-hwe-18.04 - 5.4.0.177.175 linux-generic-hwe-18.04-edge - 5.4.0.177.175 linux-generic-lpae - 5.4.0.177.175 linux-generic-lpae-hwe-18.04 - 5.4.0.177.175 linux-generic-lpae-hwe-18.04-edge - 5.4.0.177.175 linux-headers-generic - 5.4.0.177.175 linux-headers-generic-hwe-18.04 - 5.4.0.177.175 linux-headers-generic-hwe-18.04-edge - 5.4.0.177.175 linux-headers-generic-lpae - 5.4.0.177.175 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.177.175 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.177.175 linux-headers-lowlatency - 5.4.0.177.175 linux-headers-lowlatency-hwe-18.04 - 5.4.0.177.175 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.177.175 linux-headers-oem - 5.4.0.177.175 linux-headers-oem-osp1 - 5.4.0.177.175 linux-headers-virtual - 5.4.0.177.175 linux-headers-virtual-hwe-18.04 - 5.4.0.177.175 linux-headers-virtual-hwe-18.04-edge - 5.4.0.177.175 linux-image-extra-virtual - 5.4.0.177.175 linux-image-extra-virtual-hwe-18.04 - 5.4.0.177.175 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.177.175 linux-image-generic - 5.4.0.177.175 linux-image-generic-hwe-18.04 - 5.4.0.177.175 linux-image-generic-hwe-18.04-edge - 5.4.0.177.175 linux-image-generic-lpae - 5.4.0.177.175 linux-image-generic-lpae-hwe-18.04 - 5.4.0.177.175 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.177.175 linux-image-lowlatency - 5.4.0.177.175 linux-image-lowlatency-hwe-18.04 - 5.4.0.177.175 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.177.175 linux-image-oem - 5.4.0.177.175 linux-image-oem-osp1 - 5.4.0.177.175 linux-image-virtual - 5.4.0.177.175 linux-image-virtual-hwe-18.04 - 5.4.0.177.175 linux-image-virtual-hwe-18.04-edge - 5.4.0.177.175 linux-lowlatency - 5.4.0.177.175 linux-lowlatency-hwe-18.04 - 5.4.0.177.175 linux-lowlatency-hwe-18.04-edge - 5.4.0.177.175 linux-oem - 5.4.0.177.175 linux-oem-osp1 - 5.4.0.177.175 linux-oem-osp1-tools-host - 5.4.0.177.175 linux-oem-tools-host - 5.4.0.177.175 linux-source - 5.4.0.177.175 linux-tools-generic - 5.4.0.177.175 linux-tools-generic-hwe-18.04 - 5.4.0.177.175 linux-tools-generic-hwe-18.04-edge - 5.4.0.177.175 linux-tools-generic-lpae - 5.4.0.177.175 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.177.175 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.177.175 linux-tools-lowlatency - 5.4.0.177.175 linux-tools-lowlatency-hwe-18.04 - 5.4.0.177.175 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.177.175 linux-tools-oem - 5.4.0.177.175 linux-tools-oem-osp1 - 5.4.0.177.175 linux-tools-virtual - 5.4.0.177.175 linux-tools-virtual-hwe-18.04 - 5.4.0.177.175 linux-tools-virtual-hwe-18.04-edge - 5.4.0.177.175 linux-virtual - 5.4.0.177.175 linux-virtual-hwe-18.04 - 5.4.0.177.175 linux-virtual-hwe-18.04-edge - 5.4.0.177.175 No subscription required Medium CVE-2023-24023 CVE-2023-52600 CVE-2023-52603 CVE-2024-26581 CVE-2024-26589 Ubuntu 20.04 LTS Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. (CVE-2023-24023) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - JFS file system; - Netfilter; (CVE-2024-26581, CVE-2023-52600, CVE-2023-52603) Update Instructions: Run `sudo pro fix USN-6742-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-cloud-tools-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1043 - 5.15.0-1043.50~20.04.1 linux-gkeop-5.15-headers-5.15.0-1043 - 5.15.0-1043.50~20.04.1 linux-gkeop-5.15-tools-5.15.0-1043 - 5.15.0-1043.50~20.04.1 linux-headers-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-image-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-image-unsigned-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-modules-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-modules-extra-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-tools-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 No subscription required linux-buildinfo-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-buildinfo-5.15.0-105-generic-64k - 5.15.0-105.115~20.04.1 linux-buildinfo-5.15.0-105-generic-lpae - 5.15.0-105.115~20.04.1 linux-buildinfo-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-buildinfo-5.15.0-105-lowlatency-64k - 5.15.0-105.115~20.04.1 linux-cloud-tools-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-cloud-tools-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-headers-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-headers-5.15.0-105-generic-64k - 5.15.0-105.115~20.04.1 linux-headers-5.15.0-105-generic-lpae - 5.15.0-105.115~20.04.1 linux-headers-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-headers-5.15.0-105-lowlatency-64k - 5.15.0-105.115~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-105 - 5.15.0-105.115~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-105.115~20.04.1 linux-hwe-5.15-headers-5.15.0-105 - 5.15.0-105.115~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-105.115~20.04.1 linux-hwe-5.15-tools-5.15.0-105 - 5.15.0-105.115~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-105.115~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-105.115~20.04.1 linux-image-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-image-5.15.0-105-generic-64k - 5.15.0-105.115~20.04.1 linux-image-5.15.0-105-generic-lpae - 5.15.0-105.115~20.04.1 linux-image-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-image-5.15.0-105-lowlatency-64k - 5.15.0-105.115~20.04.1 linux-image-unsigned-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-image-unsigned-5.15.0-105-generic-64k - 5.15.0-105.115~20.04.1 linux-image-unsigned-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-image-unsigned-5.15.0-105-lowlatency-64k - 5.15.0-105.115~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-105 - 5.15.0-105.115~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-105.115~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-105 - 5.15.0-105.115~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-105 - 5.15.0-105.115~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-105.115~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-105.115~20.04.1 linux-modules-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-modules-5.15.0-105-generic-64k - 5.15.0-105.115~20.04.1 linux-modules-5.15.0-105-generic-lpae - 5.15.0-105.115~20.04.1 linux-modules-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-modules-5.15.0-105-lowlatency-64k - 5.15.0-105.115~20.04.1 linux-modules-extra-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-modules-iwlwifi-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-modules-iwlwifi-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-tools-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-tools-5.15.0-105-generic-64k - 5.15.0-105.115~20.04.1 linux-tools-5.15.0-105-generic-lpae - 5.15.0-105.115~20.04.1 linux-tools-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-tools-5.15.0-105-lowlatency-64k - 5.15.0-105.115~20.04.1 No subscription required linux-buildinfo-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 linux-headers-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 linux-ibm-5.15-headers-5.15.0-1053 - 5.15.0-1053.56~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1053.56~20.04.1 linux-ibm-5.15-tools-5.15.0-1053 - 5.15.0-1053.56~20.04.1 linux-image-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 linux-image-unsigned-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 linux-modules-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 linux-modules-extra-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 linux-tools-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 No subscription required linux-buildinfo-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-cloud-tools-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-headers-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-image-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-image-unsigned-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1055 - 5.15.0-1055.61~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1055.61~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1055 - 5.15.0-1055.61~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1055 - 5.15.0-1055.61~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1055.61~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1055.61~20.04.1 linux-modules-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-modules-extra-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-modules-iwlwifi-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-tools-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1058 - 5.15.0-1058.64~20.04.1 linux-aws-5.15-headers-5.15.0-1058 - 5.15.0-1058.64~20.04.1 linux-aws-5.15-tools-5.15.0-1058 - 5.15.0-1058.64~20.04.1 linux-buildinfo-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-buildinfo-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 linux-cloud-tools-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-headers-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-headers-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 linux-image-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-image-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 linux-image-unsigned-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-image-unsigned-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 linux-modules-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-modules-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 linux-modules-extra-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-modules-extra-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 linux-oracle-5.15-headers-5.15.0-1058 - 5.15.0-1058.64~20.04.1 linux-oracle-5.15-tools-5.15.0-1058 - 5.15.0-1058.64~20.04.1 linux-tools-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-tools-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 No subscription required linux-buildinfo-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-gcp-5.15-headers-5.15.0-1058 - 5.15.0-1058.66~20.04.1 linux-gcp-5.15-tools-5.15.0-1058 - 5.15.0-1058.66~20.04.1 linux-headers-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-image-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-image-unsigned-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-modules-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-modules-extra-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-modules-iwlwifi-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-tools-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1061 - 5.15.0-1061.70~20.04.1 linux-azure-5.15-headers-5.15.0-1061 - 5.15.0-1061.70~20.04.1 linux-azure-5.15-tools-5.15.0-1061 - 5.15.0-1061.70~20.04.1 linux-buildinfo-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-cloud-tools-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-headers-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-image-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-image-unsigned-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-modules-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-modules-extra-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-tools-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 No subscription required linux-image-5.15.0-1061-azure-fde - 5.15.0-1061.70~20.04.1.1 linux-image-unsigned-5.15.0-1061-azure-fde - 5.15.0-1061.70~20.04.1.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1043.50~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1043.50~20.04.1 linux-gkeop-5.15 - 5.15.0.1043.50~20.04.1 linux-gkeop-edge - 5.15.0.1043.50~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1043.50~20.04.1 linux-headers-gkeop-edge - 5.15.0.1043.50~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1043.50~20.04.1 linux-image-gkeop-edge - 5.15.0.1043.50~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1043.50~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1043.50~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1043.50~20.04.1 linux-tools-gkeop-edge - 5.15.0.1043.50~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-generic-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-oem-20.04 - 5.15.0.105.115~20.04.1 linux-headers-oem-20.04b - 5.15.0.105.115~20.04.1 linux-headers-oem-20.04c - 5.15.0.105.115~20.04.1 linux-headers-oem-20.04d - 5.15.0.105.115~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-oem-20.04 - 5.15.0.105.115~20.04.1 linux-image-oem-20.04b - 5.15.0.105.115~20.04.1 linux-image-oem-20.04c - 5.15.0.105.115~20.04.1 linux-image-oem-20.04d - 5.15.0.105.115~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.105.115~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.105.115~20.04.1 linux-oem-20.04 - 5.15.0.105.115~20.04.1 linux-oem-20.04b - 5.15.0.105.115~20.04.1 linux-oem-20.04c - 5.15.0.105.115~20.04.1 linux-oem-20.04d - 5.15.0.105.115~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-tools-oem-20.04 - 5.15.0.105.115~20.04.1 linux-tools-oem-20.04b - 5.15.0.105.115~20.04.1 linux-tools-oem-20.04c - 5.15.0.105.115~20.04.1 linux-tools-oem-20.04d - 5.15.0.105.115~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.105.115~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1053.56~20.04.1 linux-headers-ibm-edge - 5.15.0.1053.56~20.04.1 linux-ibm - 5.15.0.1053.56~20.04.1 linux-ibm-edge - 5.15.0.1053.56~20.04.1 linux-image-ibm - 5.15.0.1053.56~20.04.1 linux-image-ibm-edge - 5.15.0.1053.56~20.04.1 linux-tools-ibm - 5.15.0.1053.56~20.04.1 linux-tools-ibm-edge - 5.15.0.1053.56~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1055.61~20.04.1 linux-headers-intel - 5.15.0.1055.61~20.04.1 linux-headers-intel-iotg - 5.15.0.1055.61~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1055.61~20.04.1 linux-image-intel - 5.15.0.1055.61~20.04.1 linux-image-intel-iotg - 5.15.0.1055.61~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1055.61~20.04.1 linux-intel - 5.15.0.1055.61~20.04.1 linux-intel-iotg - 5.15.0.1055.61~20.04.1 linux-intel-iotg-edge - 5.15.0.1055.61~20.04.1 linux-tools-intel - 5.15.0.1055.61~20.04.1 linux-tools-intel-iotg - 5.15.0.1055.61~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1055.61~20.04.1 No subscription required linux-aws - 5.15.0.1058.64~20.04.1 linux-aws-edge - 5.15.0.1058.64~20.04.1 linux-headers-aws - 5.15.0.1058.64~20.04.1 linux-headers-aws-edge - 5.15.0.1058.64~20.04.1 linux-headers-oracle - 5.15.0.1058.64~20.04.1 linux-headers-oracle-edge - 5.15.0.1058.64~20.04.1 linux-image-aws - 5.15.0.1058.64~20.04.1 linux-image-aws-edge - 5.15.0.1058.64~20.04.1 linux-image-oracle - 5.15.0.1058.64~20.04.1 linux-image-oracle-edge - 5.15.0.1058.64~20.04.1 linux-modules-extra-aws - 5.15.0.1058.64~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1058.64~20.04.1 linux-oracle - 5.15.0.1058.64~20.04.1 linux-oracle-edge - 5.15.0.1058.64~20.04.1 linux-tools-aws - 5.15.0.1058.64~20.04.1 linux-tools-aws-edge - 5.15.0.1058.64~20.04.1 linux-tools-oracle - 5.15.0.1058.64~20.04.1 linux-tools-oracle-edge - 5.15.0.1058.64~20.04.1 No subscription required linux-gcp - 5.15.0.1058.66~20.04.1 linux-gcp-edge - 5.15.0.1058.66~20.04.1 linux-headers-gcp - 5.15.0.1058.66~20.04.1 linux-headers-gcp-edge - 5.15.0.1058.66~20.04.1 linux-image-gcp - 5.15.0.1058.66~20.04.1 linux-image-gcp-edge - 5.15.0.1058.66~20.04.1 linux-modules-extra-gcp - 5.15.0.1058.66~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1058.66~20.04.1 linux-tools-gcp - 5.15.0.1058.66~20.04.1 linux-tools-gcp-edge - 5.15.0.1058.66~20.04.1 No subscription required linux-azure - 5.15.0.1061.70~20.04.1 linux-azure-cvm - 5.15.0.1061.70~20.04.1 linux-azure-edge - 5.15.0.1061.70~20.04.1 linux-cloud-tools-azure - 5.15.0.1061.70~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1061.70~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1061.70~20.04.1 linux-headers-azure - 5.15.0.1061.70~20.04.1 linux-headers-azure-cvm - 5.15.0.1061.70~20.04.1 linux-headers-azure-edge - 5.15.0.1061.70~20.04.1 linux-image-azure - 5.15.0.1061.70~20.04.1 linux-image-azure-cvm - 5.15.0.1061.70~20.04.1 linux-image-azure-edge - 5.15.0.1061.70~20.04.1 linux-modules-extra-azure - 5.15.0.1061.70~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1061.70~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1061.70~20.04.1 linux-tools-azure - 5.15.0.1061.70~20.04.1 linux-tools-azure-cvm - 5.15.0.1061.70~20.04.1 linux-tools-azure-edge - 5.15.0.1061.70~20.04.1 No subscription required linux-azure-fde - 5.15.0.1061.70~20.04.1.40 linux-azure-fde-edge - 5.15.0.1061.70~20.04.1.40 linux-cloud-tools-azure-fde - 5.15.0.1061.70~20.04.1.40 linux-cloud-tools-azure-fde-edge - 5.15.0.1061.70~20.04.1.40 linux-headers-azure-fde - 5.15.0.1061.70~20.04.1.40 linux-headers-azure-fde-edge - 5.15.0.1061.70~20.04.1.40 linux-image-azure-fde - 5.15.0.1061.70~20.04.1.40 linux-image-azure-fde-edge - 5.15.0.1061.70~20.04.1.40 linux-modules-extra-azure-fde - 5.15.0.1061.70~20.04.1.40 linux-modules-extra-azure-fde-edge - 5.15.0.1061.70~20.04.1.40 linux-tools-azure-fde - 5.15.0.1061.70~20.04.1.40 linux-tools-azure-fde-edge - 5.15.0.1061.70~20.04.1.40 No subscription required Medium CVE-2023-24023 CVE-2023-52600 CVE-2023-52603 CVE-2024-26581 Ubuntu 20.04 LTS Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6744-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pil-doc - 7.0.0-4ubuntu0.9 python3-pil - 7.0.0-4ubuntu0.9 python3-pil.imagetk - 7.0.0-4ubuntu0.9 No subscription required Medium CVE-2024-28219 Ubuntu 20.04 LTS USN-6744-1 fixed a vulnerability in Pillow (Python 3). This update provides the corresponding updates for Pillow (Python 2) in Ubuntu 20.04 LTS. Original advisory details: Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6744-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pil - 6.2.1-3ubuntu0.1~esm2 python-pil.imagetk - 6.2.1-3ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-28219 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-3852, CVE-2024-3864, CVE-2024-3865) Bartek Nowotarski discovered that Firefox did not properly limit HTTP/2 CONTINUATION frames. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3302) Gary Kwong discovered that Firefox did not properly manage memory when running garbage collection during realm initialization. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3853) Lukas Bernhard discovered that Firefox did not properly manage memory during JIT optimisations, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3854, CVE-2024-3855) Nan Wang discovered that Firefox did not properly manage memory during WASM garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3856) Lukas Bernhard discovered that Firefox did not properly manage memory when handling JIT created code during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3857) Lukas Bernhard discovered that Firefox did not properly manage memory when tracing in JIT. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3858) Ronald Crane discovered that Firefox did not properly manage memory in the OpenType sanitizer on 32-bit devices, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3859) Garry Kwong discovered that Firefox did not properly manage memory when tracing empty shape lists in JIT. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3860) Ronald Crane discovered that Firefox did not properly manage memory when handling an AlignedBuffer. An attacker could potentially exploit this issue to cause denial of service, or execute arbitrary code. (CVE-2024-3861) Ronald Crane discovered that Firefox did not properly manage memory when handling code in MarkStack. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-3862) Update Instructions: Run `sudo pro fix USN-6747-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 125.0.2+build1-0ubuntu0.20.04.2 firefox-dev - 125.0.2+build1-0ubuntu0.20.04.2 firefox-geckodriver - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-af - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-an - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ar - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-as - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ast - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-az - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-be - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-bg - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-bn - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-br - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-bs - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ca - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-cak - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-cs - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-csb - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-cy - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-da - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-de - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-el - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-en - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-eo - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-es - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-et - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-eu - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-fa - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-fi - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-fr - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-fy - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ga - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-gd - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-gl - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-gn - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-gu - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-he - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-hi - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-hr - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-hsb - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-hu - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-hy - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ia - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-id - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-is - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-it - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ja - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ka - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-kab - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-kk - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-km - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-kn - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ko - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ku - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-lg - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-lt - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-lv - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-mai - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-mk - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ml - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-mn - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-mr - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ms - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-my - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-nb - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ne - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-nl - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-nn - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-nso - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-oc - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-or - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-pa - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-pl - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-pt - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ro - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ru - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-si - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-sk - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-sl - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-sq - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-sr - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-sv - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-sw - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-szl - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ta - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-te - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-tg - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-th - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-tr - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-uk - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ur - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-uz - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-vi - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-xh - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-zh-hans - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-zh-hant - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-zu - 125.0.2+build1-0ubuntu0.20.04.2 firefox-mozsymbols - 125.0.2+build1-0ubuntu0.20.04.2 No subscription required Medium CVE-2024-3302 CVE-2024-3852 CVE-2024-3853 CVE-2024-3854 CVE-2024-3855 CVE-2024-3856 CVE-2024-3857 CVE-2024-3858 CVE-2024-3859 CVE-2024-3860 CVE-2024-3861 CVE-2024-3862 CVE-2024-3864 CVE-2024-3865 Ubuntu 20.04 LTS USN-6747-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-3852, CVE-2024-3864, CVE-2024-3865) Bartek Nowotarski discovered that Firefox did not properly limit HTTP/2 CONTINUATION frames. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3302) Gary Kwong discovered that Firefox did not properly manage memory when running garbage collection during realm initialization. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3853) Lukas Bernhard discovered that Firefox did not properly manage memory during JIT optimisations, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3854, CVE-2024-3855) Nan Wang discovered that Firefox did not properly manage memory during WASM garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3856) Lukas Bernhard discovered that Firefox did not properly manage memory when handling JIT created code during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3857) Lukas Bernhard discovered that Firefox did not properly manage memory when tracing in JIT. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3858) Ronald Crane discovered that Firefox did not properly manage memory in the OpenType sanitizer on 32-bit devices, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3859) Garry Kwong discovered that Firefox did not properly manage memory when tracing empty shape lists in JIT. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3860) Ronald Crane discovered that Firefox did not properly manage memory when handling an AlignedBuffer. An attacker could potentially exploit this issue to cause denial of service, or execute arbitrary code. (CVE-2024-3861) Ronald Crane discovered that Firefox did not properly manage memory when handling code in MarkStack. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-3862) Update Instructions: Run `sudo pro fix USN-6747-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 125.0.3+build1-0ubuntu0.20.04.1 firefox-dev - 125.0.3+build1-0ubuntu0.20.04.1 firefox-geckodriver - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-af - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-an - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ar - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-as - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ast - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-az - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-be - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bg - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bn - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-br - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bs - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ca - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cak - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cs - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-csb - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cy - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-da - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-de - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-el - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-en - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-eo - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-es - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-et - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-eu - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fa - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fi - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fr - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fy - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ga - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gd - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gl - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gn - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gu - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-he - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hi - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hr - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hu - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hy - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ia - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-id - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-is - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-it - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ja - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ka - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kab - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kk - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-km - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kn - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ko - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ku - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lg - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lt - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lv - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mai - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mk - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ml - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mn - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mr - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ms - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-my - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nb - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ne - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nl - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nn - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nso - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-oc - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-or - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pa - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pl - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pt - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ro - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ru - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-si - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sk - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sl - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sq - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sr - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sv - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sw - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-szl - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ta - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-te - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-tg - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-th - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-tr - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-uk - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ur - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-uz - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-vi - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-xh - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zu - 125.0.3+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 125.0.3+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2064553 Ubuntu 20.04 LTS It was discovered that Sanitize incorrectly handled noscript elements under certain circumstances. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-23627) It was discovered that Sanitize incorrectly handled style elements under certain circumstances. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. (CVE-2023-36823) Update Instructions: Run `sudo pro fix USN-6748-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-sanitize - 4.6.6-2.1~0.20.04.2 No subscription required Medium CVE-2023-23627 CVE-2023-36823 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled certain context resets. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-22211) Evgeny Legerov discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-32039, CVE-2024-32040) Evgeny Legerov discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause FreeRDP to crash, resulting in a denial of service. (CVE-2024-32041, CVE-2024-32458, CVE-2024-32460) Evgeny Legerov discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause FreeRDP clients and servers to crash, resulting in a denial of service. (CVE-2024-32459) Update Instructions: Run `sudo pro fix USN-6749-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freerdp2-dev - 2.6.1+dfsg1-0ubuntu0.20.04.1 freerdp2-shadow-x11 - 2.6.1+dfsg1-0ubuntu0.20.04.1 freerdp2-wayland - 2.6.1+dfsg1-0ubuntu0.20.04.1 freerdp2-x11 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-client2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-server2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-shadow-subsystem2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-shadow2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libfreerdp2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libuwac0-0 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libuwac0-dev - 2.6.1+dfsg1-0ubuntu0.20.04.1 libwinpr-tools2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libwinpr2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libwinpr2-dev - 2.6.1+dfsg1-0ubuntu0.20.04.1 winpr-utils - 2.6.1+dfsg1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-22211 CVE-2024-32039 CVE-2024-32040 CVE-2024-32041 CVE-2024-32458 CVE-2024-32459 CVE-2024-32460 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-2609, CVE-2024-3852, CVE-2024-3864) Bartek Nowotarski discovered that Thunderbird did not properly limit HTTP/2 CONTINUATION frames. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3302) Lukas Bernhard discovered that Thunderbird did not properly manage memory during JIT optimisations, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3854) Lukas Bernhard discovered that Thunderbird did not properly manage memory when handling JIT created code during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3857) Ronald Crane discovered that Thunderbird did not properly manage memory in the OpenType sanitizer on 32-bit devices, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3859) Ronald Crane discovered that Thunderbird did not properly manage memory when handling an AlignedBuffer. An attacker could potentially exploit this issue to cause denial of service, or execute arbitrary code. (CVE-2024-3861) Update Instructions: Run `sudo pro fix USN-6750-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.10.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.10.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.10.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.10.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-3852 CVE-2024-3854 CVE-2024-3857 CVE-2024-2609 CVE-2024-3859 CVE-2024-3861 CVE-2024-3302 CVE-2024-3864 Ubuntu 20.04 LTS It was discovered that Zabbix incorrectly handled input data in the discovery and graphs pages. A remote authenticated attacker could possibly use this issue to perform reflected cross-site scripting (XSS) attacks. (CVE-2022-35229, CVE-2022-35230) Update Instructions: Run `sudo pro fix USN-6751-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: zabbix-agent - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-frontend-php - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-java-gateway - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-proxy-mysql - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-proxy-pgsql - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-proxy-sqlite3 - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-server-mysql - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-server-pgsql - 1:4.0.17+dfsg-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-35229 CVE-2022-35230 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause FreeRDP to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6752-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freerdp2-dev - 2.6.1+dfsg1-0ubuntu0.20.04.2 freerdp2-shadow-x11 - 2.6.1+dfsg1-0ubuntu0.20.04.2 freerdp2-wayland - 2.6.1+dfsg1-0ubuntu0.20.04.2 freerdp2-x11 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libfreerdp-client2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libfreerdp-server2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libfreerdp-shadow-subsystem2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libfreerdp-shadow2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libfreerdp2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libuwac0-0 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libuwac0-dev - 2.6.1+dfsg1-0ubuntu0.20.04.2 libwinpr-tools2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libwinpr2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libwinpr2-dev - 2.6.1+dfsg1-0ubuntu0.20.04.2 winpr-utils - 2.6.1+dfsg1-0ubuntu0.20.04.2 No subscription required Low CVE-2024-32658 CVE-2024-32659 CVE-2024-32660 CVE-2024-32661 Ubuntu 20.04 LTS Thomas Neil James Shadwell discovered that CryptoJS was using an insecure cryptographic default configuration. A remote attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6753-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjs-cryptojs - 3.1.2+dfsg-2ubuntu0.20.04.1 No subscription required Medium CVE-2023-46233 Ubuntu 20.04 LTS It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9511, CVE-2019-9513) It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2023-44487) It was discovered that nghttp2 could be made to process an unlimited number of HTTP/2 CONTINUATION frames. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. (CVE-2024-28182) Update Instructions: Run `sudo pro fix USN-6754-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnghttp2-14 - 1.40.0-1ubuntu0.3 libnghttp2-dev - 1.40.0-1ubuntu0.3 libnghttp2-doc - 1.40.0-1ubuntu0.3 nghttp2 - 1.40.0-1ubuntu0.3 nghttp2-client - 1.40.0-1ubuntu0.3 nghttp2-proxy - 1.40.0-1ubuntu0.3 nghttp2-server - 1.40.0-1ubuntu0.3 No subscription required Medium CVE-2019-9511 CVE-2019-9513 CVE-2023-44487 CVE-2024-28182 Ubuntu 20.04 LTS Ingo Brückl discovered that cpio contained a path traversal vulnerability. If a user or automated system were tricked into extracting a specially crafted cpio archive, an attacker could possibly use this issue to write arbitrary files outside the target directory on the host, even if using the option --no-absolute-filenames. Update Instructions: Run `sudo pro fix USN-6755-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cpio - 2.13+dfsg-2ubuntu0.4 cpio-win32 - 2.13+dfsg-2ubuntu0.4 No subscription required Medium CVE-2023-7207 Ubuntu 20.04 LTS It was discovered that less mishandled newline characters in file names. If a user or automated system were tricked into opening specially crafted files, an attacker could possibly use this issue to execute arbitrary commands on the host. Update Instructions: Run `sudo pro fix USN-6756-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: less - 551-1ubuntu0.3 No subscription required Medium CVE-2024-32487 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-4900) It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to cookie by pass. (CVE-2024-2756) It was discovered that PHP incorrectly handled some passwords. An attacker could possibly use this issue to cause an account takeover attack. (CVE-2024-3096) Update Instructions: Run `sudo pro fix USN-6757-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-php7.4 - 7.4.3-4ubuntu2.21 libphp7.4-embed - 7.4.3-4ubuntu2.21 php7.4 - 7.4.3-4ubuntu2.21 php7.4-bcmath - 7.4.3-4ubuntu2.21 php7.4-bz2 - 7.4.3-4ubuntu2.21 php7.4-cgi - 7.4.3-4ubuntu2.21 php7.4-cli - 7.4.3-4ubuntu2.21 php7.4-common - 7.4.3-4ubuntu2.21 php7.4-curl - 7.4.3-4ubuntu2.21 php7.4-dba - 7.4.3-4ubuntu2.21 php7.4-dev - 7.4.3-4ubuntu2.21 php7.4-enchant - 7.4.3-4ubuntu2.21 php7.4-fpm - 7.4.3-4ubuntu2.21 php7.4-gd - 7.4.3-4ubuntu2.21 php7.4-gmp - 7.4.3-4ubuntu2.21 php7.4-imap - 7.4.3-4ubuntu2.21 php7.4-interbase - 7.4.3-4ubuntu2.21 php7.4-intl - 7.4.3-4ubuntu2.21 php7.4-json - 7.4.3-4ubuntu2.21 php7.4-ldap - 7.4.3-4ubuntu2.21 php7.4-mbstring - 7.4.3-4ubuntu2.21 php7.4-mysql - 7.4.3-4ubuntu2.21 php7.4-odbc - 7.4.3-4ubuntu2.21 php7.4-opcache - 7.4.3-4ubuntu2.21 php7.4-pgsql - 7.4.3-4ubuntu2.21 php7.4-phpdbg - 7.4.3-4ubuntu2.21 php7.4-pspell - 7.4.3-4ubuntu2.21 php7.4-readline - 7.4.3-4ubuntu2.21 php7.4-snmp - 7.4.3-4ubuntu2.21 php7.4-soap - 7.4.3-4ubuntu2.21 php7.4-sqlite3 - 7.4.3-4ubuntu2.21 php7.4-sybase - 7.4.3-4ubuntu2.21 php7.4-tidy - 7.4.3-4ubuntu2.21 php7.4-xml - 7.4.3-4ubuntu2.21 php7.4-xmlrpc - 7.4.3-4ubuntu2.21 php7.4-xsl - 7.4.3-4ubuntu2.21 php7.4-zip - 7.4.3-4ubuntu2.21 No subscription required Medium CVE-2022-4900 CVE-2024-2756 CVE-2024-3096 Ubuntu 20.04 LTS USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. This update fixes the problem. Original advisory details: It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-4900) It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to cookie by pass. (CVE-2024-2756) It was discovered that PHP incorrectly handled some passwords. An attacker could possibly use this issue to cause an account takeover attack. (CVE-2024-3096) Update Instructions: Run `sudo pro fix USN-6757-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-php7.4 - 7.4.3-4ubuntu2.22 libphp7.4-embed - 7.4.3-4ubuntu2.22 php7.4 - 7.4.3-4ubuntu2.22 php7.4-bcmath - 7.4.3-4ubuntu2.22 php7.4-bz2 - 7.4.3-4ubuntu2.22 php7.4-cgi - 7.4.3-4ubuntu2.22 php7.4-cli - 7.4.3-4ubuntu2.22 php7.4-common - 7.4.3-4ubuntu2.22 php7.4-curl - 7.4.3-4ubuntu2.22 php7.4-dba - 7.4.3-4ubuntu2.22 php7.4-dev - 7.4.3-4ubuntu2.22 php7.4-enchant - 7.4.3-4ubuntu2.22 php7.4-fpm - 7.4.3-4ubuntu2.22 php7.4-gd - 7.4.3-4ubuntu2.22 php7.4-gmp - 7.4.3-4ubuntu2.22 php7.4-imap - 7.4.3-4ubuntu2.22 php7.4-interbase - 7.4.3-4ubuntu2.22 php7.4-intl - 7.4.3-4ubuntu2.22 php7.4-json - 7.4.3-4ubuntu2.22 php7.4-ldap - 7.4.3-4ubuntu2.22 php7.4-mbstring - 7.4.3-4ubuntu2.22 php7.4-mysql - 7.4.3-4ubuntu2.22 php7.4-odbc - 7.4.3-4ubuntu2.22 php7.4-opcache - 7.4.3-4ubuntu2.22 php7.4-pgsql - 7.4.3-4ubuntu2.22 php7.4-phpdbg - 7.4.3-4ubuntu2.22 php7.4-pspell - 7.4.3-4ubuntu2.22 php7.4-readline - 7.4.3-4ubuntu2.22 php7.4-snmp - 7.4.3-4ubuntu2.22 php7.4-soap - 7.4.3-4ubuntu2.22 php7.4-sqlite3 - 7.4.3-4ubuntu2.22 php7.4-sybase - 7.4.3-4ubuntu2.22 php7.4-tidy - 7.4.3-4ubuntu2.22 php7.4-xml - 7.4.3-4ubuntu2.22 php7.4-xmlrpc - 7.4.3-4ubuntu2.22 php7.4-xsl - 7.4.3-4ubuntu2.22 php7.4-zip - 7.4.3-4ubuntu2.22 No subscription required Medium CVE-2022-4900 CVE-2024-2756 CVE-2024-3096 Ubuntu 20.04 LTS It was discovered that the JSON5 parse method incorrectly handled the parsing of keys named \_\_proto\_\_. An attacker could possibly use this issue to pollute the prototype of the returned object, setting arbitrary or unexpected keys, and cause a denial of service, allow unintended access to network services or have other unspecified impact, depending on the application's use of the module. Update Instructions: Run `sudo pro fix USN-6758-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-json5 - 0.5.1-3ubuntu0.1 No subscription required Medium CVE-2022-46175 Ubuntu 20.04 LTS George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did not properly initialize a data structure when parsing certain nested RS-274X format files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service (application crash). Update Instructions: Run `sudo pro fix USN-6760-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gerbv - 2.7.0-1ubuntu0.2 No subscription required Low CVE-2023-4508 Ubuntu 20.04 LTS It was discovered that Anope did not properly process credentials for suspended accounts. An attacker could possibly use this issue to normally login to the platform as a suspended user after changing their password. Update Instructions: Run `sudo pro fix USN-6761-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: anope - 2.0.6-1ubuntu0.1 No subscription required Medium CVE-2024-30187 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 2.20.11-0ubuntu27.12 7.4.3-4ubuntu1.1 3.36.1-1ubuntu0.1 3.8.2-1ubuntu1.1 1.3-1ubuntu0.1 2.3.0-6ubuntu0.1 2.3.1-9ubuntu1.1 2:4.11.6+dfsg-0ubuntu1.1 5.4.0-28.32 2.28.2-0ubuntu0.20.04.1 8.0.20-0ubuntu0.20.04.1 2.4.49+dfsg-2ubuntu1.2 76.0+build2-0ubuntu0.20.04.1 76.0.1+build1-0ubuntu0.20.04.1 1:13.99.1-1ubuntu3.2 4.10-1ubuntu1.1 0.6.21-6ubuntu0.1 2.0.2ubuntu0.1 0.13.1+dfsg-7ubuntu0.1 0.13.1+dfsg-7ubuntu0.2 0.13.1+dfsg-7ubuntu0.3 1:2.3.7.2-1ubuntu3.1 19.11.1-0ubuntu1.1 1:9.16.1-0ubuntu2.1 4.93-13ubuntu1.1 5.4.0-1011.11 5.4.0-1012.12 5.4.0-26.30 5.4.0-31.35 5.4.0-33.37 0.102.3+dfsg-0ubuntu0.20.04.1 1:4.2-3ubuntu6.1 1:68.8.0+build2-0ubuntu0.20.04.2 1.9.4-2ubuntu1.1 7.4.3-4ubuntu2.2 20190110ubuntu1.1 2.1.1+dfsg1-0ubuntu0.20.04.1 2:2.2.12-1ubuntu0.1 77.0.1+build1-0ubuntu0.20.04.1 3.6.13-2ubuntu1.1 3.20200609.0ubuntu0.20.04.0 3.20200609.0ubuntu0.20.04.2 2.0.3-0ubuntu1.20.04.1 5.4.0-1012.12 5.4.0-1015.15 5.4.0-1016.16 5.4.0-27.31 5.4.0-37.41 3.31.1-4ubuntu0.1 1.3.9-4ubuntu0.1 0.6.21-6ubuntu0.3 2:3.49.1-1ubuntu1.1 1.12.16-2ubuntu2.1 1:9.16.1-0ubuntu2.2 1:1.3.4-2.5ubuntu3.3 1.13.2-1ubuntu0.1 7.68.0-1ubuntu2.1 1.13.2-1ubuntu0.2 390.138-0ubuntu0.20.04.1 440.100-0ubuntu0.20.04.1 5.4.0-1017.17 5.4.0-1018.18 5.4.0-1019.19 5.4.0-39.43 2.64.2-1ubuntu0.1 0.9.12+dfsg-9ubuntu0.1 78.0.1+build1-0ubuntu0.20.04.1 2:4.11.6+dfsg-0ubuntu1.3 5.8+dfsg-2ubuntu2.1 5.4.0-1013.13 5.4.0-1018.18 5.4.0-1019.19 5.4.0-1020.20 5.4.0-28.32 5.4.0-40.44 4.5.1.1-1.1ubuntu0.20.04.1 2:3.49.1-1ubuntu1.2 2.3.0-6ubuntu0.2 2:16.1.0-0ubuntu1 3.0.1-0ubuntu1.2 1:68.10.0+build1-0ubuntu0.20.04.1 2.28.3-0ubuntu0.20.04.1 78.0.2+build2-0ubuntu0.20.04.1 2.45.1+20.04.2 5.4.0-1015.15 5.4.0-1020.20 5.4.0-1021.21 5.4.0-1022.22 5.4.0-30.34 5.4.0-42.46 3.8.2-1ubuntu1.2 3.36.3-0ubuntu1.1 7.0.0-4ubuntu0.1 7:4.2.4-1ubuntu0.1 1.142.3+2.04-1ubuntu26.1 2.04-1ubuntu26.1 1.142.4+2.04-1ubuntu26.2 2.04-1ubuntu26.2 11.0.8+10-0ubuntu1~20.04 0.9.12+dfsg-9ubuntu0.2 0.102.4+dfsg-0ubuntu0.20.04.1 4.1.0-2ubuntu2.1 3.31.1-4ubuntu0.2 8.0.21-0ubuntu0.20.04.3 8.0.21-0ubuntu0.20.04.4 6.2.40~dfsg-4ubuntu0.20.04.1~esm1 79.0+build1-0ubuntu0.20.04.1 2.28.4-0ubuntu0.20.04.1 9.50~dfsg-5ubuntu4.1 0.9.3-2ubuntu2.1 2.20.11-0ubuntu27.6 0.2.69ubuntu0.1 2.4.7-2+4.1ubuntu5.1 6.0.0-0ubuntu8.3 8u265-b01-0ubuntu2~20.04 2:4.11.6+dfsg-0ubuntu1.4 2:3.49.1-1ubuntu1.4 1:2.3.7.2-1ubuntu3.2 0.98.9.2 2.4.41-4ubuntu3.1 4:19.12.3-0ubuntu1.1 3.36.4-1ubuntu1~20.04.2 7.68.0-1ubuntu2.2 1:4.2-3ubuntu6.4 1:4.2-3ubuntu6.14 1:9.16.1-0ubuntu2.3 9.50~dfsg-5ubuntu4.2 1.0.29-0ubuntu5.1 5.8+dfsg-2ubuntu2.3 12.4-0ubuntu0.20.04.1 80.0+build2-0ubuntu0.20.04.1 80.0.1+build1-0ubuntu0.20.04.1 3.5-6ubuntu6.2 2:3.49.1-1ubuntu1.5 4.10-1ubuntu1.2 4.0-3ubuntu0.1~esm1 2:2.2.12-1ubuntu0.2 2.2.0+dfsg1-0ubuntu0.20.04.1 4:19.12.3-0ubuntu1.2 5.4.0-1016.17 5.4.0-1022.22 5.4.0-1023.23 5.4.0-45.49 2:1.6.9-2ubuntu1.1 2:1.20.8-2ubuntu2.3 5.4.0-1018.20 5.4.0-1024.24 5.4.0-1025.25 5.4.0-47.51 2:1.20.8-2ubuntu2.4 3.6.13-2ubuntu1.3 2:2.2.2-3ubuntu2.2 1.2.3-0ubuntu0.20.04.1 0.1.2-1+deb9u1build0.20.04.1 3.2.1-1+deb8u1build0.20.04.1 1:4.2-3ubuntu6.6 0.4.15-10ubuntu1.1 1.3.8-2+deb8u1build0.20.04.1 5.4.0-1019.21 5.4.0-1024.24 5.4.0-1025.25 5.4.0-1026.26 5.4.0-48.52 1:1.30.1-4ubuntu6.2 2:2.18.06-1+deb10u1build0.20.04.1 1.1.1+bzr982-0ubuntu32.2 1.1.13-2ubuntu1.1 0.60-1+deb10u1ubuntu1 4.6.6-2.1~0.20.04.1 81.0+build2-0ubuntu0.20.04.1 81.0.2+build1-0ubuntu0.20.04.1 1.34.2-1ubuntu1.1 8:6.9.10.23+dfsg-2.1ubuntu11.1 19.11.3-0ubuntu0.2 0.7.2-5ubuntu1.1 1.06-6.2~deb10u1build0.20.04.1 2:4.11.6+dfsg-0ubuntu1.5 2.0.7-2ubuntu0.1 1.17.0-4ubuntu0.1 1:4.2.8p12+dfsg-3ubuntu4.20.04.1 1.0.7-6ubuntu0.1 1.25.8-2ubuntu0.1 0.14.2-4ubuntu3.1 3.22.0-5ubuntu2.1 5.4.0-1021.24 5.4.0-1026.27 5.4.0-1028.29 5.4.0-1031.32 5.4.0-51.56 7.4.3-4ubuntu2.4 19.03.8-0ubuntu1.20.04.1 5.4.0-1022.25 5.4.0-52.57 2.10.1-2ubuntu0.1 9.0.31-1ubuntu0.1 82.0+build2-0ubuntu0.20.04.1 82.0.2+build1-0ubuntu0.20.04.1 5.30.0-9ubuntu0.2 1:10.3.25-0ubuntu0.20.04.1 8.0.22-0ubuntu0.20.04.2 2.1.2-1ubuntu0.1 2.1.2-1ubuntu0.2 11.0.9+11-0ubuntu1~20.04 8u272-b10-0ubuntu1~20.04 11.0.9.1+1-0ubuntu1~20.04 8u275-b01-0ubuntu1~20.04 20201027ubuntu0.20.04.1 18-3ubuntu0.1 2:4.11.6+dfsg-0ubuntu1.6 2.8-3ubuntu0.1 3.36.3-0ubuntu0.20.04.2 0.6.55-0ubuntu12~20.04.4 0.19.0-2ubuntu0.2 3.0a-2ubuntu0.2 2.4.49+dfsg-2ubuntu1.4 2.0.3-3ubuntu4.1 0.6.21-6ubuntu0.4 82.0.3+build1-0ubuntu0.20.04.1 5.4.0-1029.31 5.4.0-53.59 3.20201110.0ubuntu0.20.04.1 3.20201110.0ubuntu0.20.04.2 3.20210216.0ubuntu0.20.04.1 2.0.15-0ubuntu1.20.04.1 1.4.2-0ubuntu1.20.04.1 12.5-0ubuntu0.20.04.1 2.4.49+dfsg-2ubuntu1.5 1.17-6ubuntu4.1 0.9.12+dfsg-9ubuntu0.3 3.22.0-5ubuntu2.2 83.0+build2-0ubuntu0.20.04.1 1:13.99.1-1ubuntu3.8 1.13.2-1ubuntu0.3 2.30.3-0ubuntu0.20.04.1 1.1.3-2ubuntu1.20.04.1 1.1.3-2ubuntu1.20.04.2 1:4.2-3ubuntu6.10 8.0.22-0ubuntu0.20.04.3 1.3.3-0ubuntu2.1 1.3.3-0ubuntu2.2 1:1.10.9+submodules+notgz-1ubuntu0.20.04.1 2:1.20.8-2ubuntu2.6 5.4.0-1023.26 5.4.0-1028.29 5.4.0-1030.31 5.4.0-1030.32 5.4.0-1032.33 5.4.0-56.62 5.4.0-1025.28 5.4.0-1030.31 5.4.0-1032.33 5.4.0-1032.34 5.4.0-1034.35 5.4.0-58.64 1.1.1f-1ubuntu2.1 2.40.0+dfsg-3ubuntu0.1 1.1.1+bzr982-0ubuntu32.3 7.68.0-1ubuntu2.4 4.5.0-1ubuntu0.1 4.5.0-1ubuntu0.2 2.0.2ubuntu0.2 2.0.0ubuntu0.20.04.2 2.0.0ubuntu0.20.04.3 8:6.9.10.23+dfsg-2.1ubuntu11.2 84.0+build3-0ubuntu0.20.04.1 0.4.15-10ubuntu1.2 1:2.3.7.2-1ubuntu3.3 3:18.3.2-0ubuntu0.20.04.4 2.3.0-6ubuntu0.3 0.23.20-1ubuntu0.1 5.8.0-34.37~20.04.2 5.4.0-1026.29 5.4.0-1031.32 5.4.0-1033.35 5.4.0-1034.35 5.4.0-1034.36 5.4.0-1035.36 5.4.0-59.65 5.2.0-1ubuntu0.1 5.6.0-1039.43 0~20191122.bd85bf54-2ubuntu3.1 2.3.1-1ubuntu4.20.04.1 84.0.2+build1-0ubuntu0.20.04.1 390.141-0ubuntu0.20.04.1 450.102.04-0ubuntu0.20.04.1 460.32.03-0ubuntu0.20.04.1 5.4.0-1034.37 5.4.0-1035.37 5.4.0-1035.38 5.4.0-1036.38 5.4.0-60.67 5.6.0-1042.46 5.8.0-36.40~20.04.1 418.181.07-0ubuntu0.20.04.1 450.102.04-0ubuntu0.20.04.1 5.4.0-64.72 5.8.0-40.45~20.04.1 4.5.1.1-1.1ubuntu0.20.04.2 2.13.1-0ubuntu0.20.04.3 1.30+dfsg-7ubuntu0.20.04.1 5.4.0-62.70 5.8.0-38.43~20.04.1 7.0.0-4ubuntu0.2 2.80-1.1ubuntu1.2 2.80-1.1ubuntu1.3 1.2.10+dfsg-7ubuntu0.20.04.1 1.13.2-1ubuntu0.4 1.8.31-1ubuntu1.2 15.2.7-0ubuntu0.20.04.2 1.5.2-5ubuntu0.20.04.1 5.4.0-65.73 5.8.0-41.46~20.04.1 5.4.0-1028.31 5.4.0-1032.33 5.4.0-1036.39 5.4.0-1037.39 5.4.0-1037.40 5.4.0-1039.41 1.4.11.1-1ubuntu0.1 2:2.2.12-1ubuntu0.3 8.0.23-0ubuntu0.20.04.1 85.0+build1-0ubuntu0.20.04.1 85.0.1+build1-0ubuntu0.20.04.1 20210119~20.04.1 2.20.11-0ubuntu27.16 1.6.5-0ubuntu0.2 1.2.1+dfsg-1ubuntu0.20.04.1 1:1.10.9+submodules+notgz-1ubuntu0.20.04.2 2.4.49+dfsg-2ubuntu1.6 1:4.2-3ubuntu6.12 11.0.10+9-0ubuntu1~20.04 8u282-b08-0ubuntu1~20.04 5.6.0-1047.51 5.8.0-43.49~20.04.1 2.48.3+20.04 2.13.1-0ubuntu0.20.04.4 4.12-8ubuntu0.20.04.1 0.2.3-2ubuntu0.1 0.2.3-2ubuntu0.2 2:2.9-1ubuntu4.2 12.6-0ubuntu0.20.04.1 1:9.16.1-0ubuntu2.6 1.1.1f-1ubuntu2.2 2.30.5-0ubuntu0.20.04.1 1.3.2-4ubuntu0.1 2:2.2.12-1ubuntu0.4 2.40.0+dfsg-3ubuntu0.2 2.4.49+dfsg-2ubuntu1.7 353-1ubuntu1.20.04.2 4.8.0-1ubuntu0.1 5.4.0-1010.11 5.4.0-1029.32 5.4.0-1033.34 5.4.0-1037.40 5.4.0-1038.40 5.4.0-1038.41 5.4.0-1040.42 5.4.0-66.74 5.8.0-44.50~20.04.1 5.6.0-1048.52 5.10.0-1014.15 3.8.5-1~20.04.2 2.7.18-1~20.04.1 4.1.0+git191117-2ubuntu0.20.04.1 86.0+build3-0ubuntu0.20.04.1 2:2.9-1ubuntu4.3 1.14.3-2ubuntu2~20.04.2 2.64.6-1~ubuntu20.04.2 1.4.4+dfsg-3ubuntu0.1 1:2.25.1-1ubuntu3.1 1:8.2p1-4ubuntu0.2 7.0.0-4ubuntu0.3 2.64.6-1~ubuntu20.04.3 1:4.0.17+dfsg-1ubuntu0.1~esm1 19.05.5-1ubuntu0.1~esm1 2.9.0dev.5-1ubuntu0.1~esm1 4:4.9.5+dfsg1-2ubuntu0.1~esm1 1:2.1.51-0ubuntu1+esm1 2.17.5-1ubuntu1+esm1 1.10.7-1ubuntu0.1~esm1 5.4.0-1011.12 5.4.0-1030.33 5.4.0-1034.35 5.4.0-1038.41 5.4.0-1039.41 5.4.0-1039.42 5.4.0-1041.43 5.4.0-67.75 5.8.0-45.51~20.04.1 1.3.3-0ubuntu2.3 2.7.0-5ubuntu1.3 5.10.0-1017.18 2.3.1+dfsg-1ubuntu2.1 3.0.28-2ubuntu0.1 5.10.0-1019.20 5.4.0-1012.13 5.4.0-1032.35 5.4.0-1036.37 5.4.0-1040.43 5.4.0-1041.43 5.4.0-1041.44 5.4.0-1043.45 5.4.0-70.78 5.6.0-1052.56 5.8.0-48.54~20.04.1 2:2.0.10-0ubuntu0.20.04.3 1.1.1f-1ubuntu2.3 11.0.11+9-0ubuntu2~20.04 8u292-b10-0ubuntu1~20.04 87.0+build3-0ubuntu0.20.04.2 2.30.6-0ubuntu0.20.04.1 4.10-1ubuntu1.3 4.5.0-1ubuntu0.3 2.3.1+dfsg-1ubuntu2.2 7.68.0-1ubuntu2.5 3.4.4-1ubuntu1.1 2.3.0-6ubuntu0.5 2:2.2.12-1ubuntu0.5 2:1.20.9-2ubuntu1.2~20.04.2 3.5.1+really3.5.1-2ubuntu0.1 5.4.0-1013.14 5.4.0-1033.36 5.4.0-1037.38 5.4.0-1041.44 5.4.0-1042.45 5.4.0-1043.45 5.4.0-1044.46 5.4.0-71.79 5.8.0-49.55~20.04.1 5.10.0-1021.22 5.6.0-1053.57 1.9.1~dfsg-1ubuntu0.20.04.1 5.6.0-1054.58 5.6.0-1055.59 5.10.0-1022.23 5.4.0-1014.15 5.4.0-1034.37 5.4.0-1038.39 5.4.0-1042.45 5.4.0-1043.46 5.4.0-1045.47 5.4.0-1046.48 5.4.0-72.80 5.8.0-50.56~20.04.1 0.103.2+dfsg-0ubuntu0.20.04.1 0.103.2+dfsg-0ubuntu0.20.04.2 4.3.2-2ubuntu1.20.04.1~esm2 0.99.beta19-2.1ubuntu1.20.04.1 2.7.0-5ubuntu1.4 0~20191122.bd85bf54-2ubuntu3.2 3.0.4+dfsg1-1ubuntu0.1 88.0+build2-0ubuntu0.20.04.1 3.36.3-0ubuntu1.1 1.16.2-1ubuntu2.1 1:9.16.1-0ubuntu2.8 2:4.11.6+dfsg-0ubuntu1.8 2:2.2.12-1ubuntu0.6 2.4.7-1ubuntu2.20.04.2 4.93-13ubuntu1.5 390.143-0ubuntu0.20.04.1 418.197.02-0ubuntu0.20.04.1 450.119.03-0ubuntu0.20.04.1 460.73.01-0ubuntu0.20.04.1 1:78.8.1+build1-0ubuntu0.20.04.1 0.2.3-2ubuntu0.3 0.2.3-2ubuntu0.4 1.9.4-2ubuntu1.2 2.32.0-0ubuntu0.20.04.1 5.3.1-1ubuntu0.1 0.27.2-8ubuntu2.2 88.0.1+build1-0ubuntu0.20.04.2 1.4.11.1-1ubuntu0.2 1:10.3.29-0ubuntu0.20.04.1 1:10.3.30-0ubuntu0.20.04.1 5.4.0-1015.16 5.4.0-1039.40 5.4.0-1043.45 5.4.0-1043.46 5.4.0-1045.49+1 5.4.0-1047.49 5.4.0-1048.50 5.4.0-73.82 5.4.0-1035.38 5.6.0-1056.60 5.10.0-1026.27 5.8.0-53.60~20.04.1 1.6.5-0ubuntu0.3 8.0.25-0ubuntu0.20.04.1 7.6+dfsg-2ubuntu0.20.04.1 0.25.1-2ubuntu1.1 3.5.27.1-14ubuntu0.1 0.4.21-7ubuntu0.20.04.1 1.16.2-4ubuntu0.1 1.0.0~rc93-0ubuntu1~20.04.2 20.0.2-5ubuntu1.5 2.6.0+dfsg.1-1ubuntu2.2 7.0.0-4ubuntu0.4 0.27.2-8ubuntu2.4 2.20.11-0ubuntu27.18 2:1.6.9-2ubuntu1.2 1.18.0-0ubuntu1.2 1.9.2-2ubuntu0.20.04.1 4.4.1-2.1ubuntu5.20.04.2 1.2.3-0ubuntu0.20.04.2 0.6.1-2ubuntu0.20.04.1 12.7-0ubuntu0.20.04.1 3.8.5-1~20.04.3 3.8.10-0ubuntu1~20.04.1 2.6.0-7ubuntu1.2 2:2.2.12-1ubuntu0.7 2.80-1.1ubuntu1.4 89.0+build2-0ubuntu0.20.04.2 0.105-26ubuntu1.1 4.10-1ubuntu1.4 5.4.0-1016.17 5.4.0-1036.39 5.4.0-1040.41 5.4.0-1044.46 5.4.0-1044.47 5.4.0-1046.50 5.4.0-1048.50 5.4.0-1049.51 5.4.0-74.83 5.10.0-1029.30 5.8.0-55.62~20.04.1 3.20210608.0ubuntu0.20.04.1 11.88-1ubuntu0.1 8:6.9.10.23+dfsg-2.1ubuntu11.4 5.53-0ubuntu3.2 3.5.1+really3.5.1-2ubuntu0.2 2.9.10+dfsg-5ubuntu0.20.04.1 1.167.2+2.04-1ubuntu44.2 2.04-1ubuntu44.2 1:2.3.7.2-1ubuntu3.4 2.4.41-4ubuntu3.3 1:78.11.0+build1-0ubuntu0.20.04.2 15.2.12-0ubuntu0.20.04.1 5.8.0-1033.34~20.04.1 5.8.0-1035.37~20.04.1 5.8.0-1036.38~20.04.1 5.8.0-1038.40~20.04.1 5.8.0-59.66~20.04.1 5.4.0-1018.19 5.4.0-1038.41 5.4.0-1046.48 5.4.0-1046.49 5.4.0-1048.52 5.4.0-1051.53 5.4.0-77.86 5.4.0-1041.42 5.10.0-1033.34 3.8.2-0ubuntu1.3 7.4.3-4ubuntu2.5 1.34.2-1ubuntu1.3 0.7-4ubuntu7.1 4.1.0-2ubuntu2.2 1:4.2-3ubuntu6.17 90.0+build1-0ubuntu0.20.04.1 1.5.2-0ubuntu1~20.04.2 245.4-4ubuntu3.10 5.10.0-1038.40 5.8.0-1037.38~20.04.1 5.8.0-1038.40~20.04.1 5.8.0-1039.42~20.04.1 5.8.0-1041.43~20.04.1 5.8.0-63.71~20.04.1 5.4.0-1021.22 5.4.0-1041.45 5.4.0-1044.46 5.4.0-1049.52 5.4.0-1049.53 5.4.0-1052.56 5.4.0-1054.57 5.4.0-1055.57 5.4.0-80.90 390.144-0ubuntu0.20.04.1 418.211.00-0ubuntu0.20.04.1 450.142.00-0ubuntu0.20.04.1 460.91.03-0ubuntu0.20.04.1 470.57.02-0ubuntu0.20.04.1 2.7.0-5ubuntu1.5 7.68.0-1ubuntu2.6 8.0.26-0ubuntu0.20.04.2 1:10.3.31-0ubuntu0.20.04.1 0.60.8-1ubuntu0.1 2.32.3-0ubuntu0.20.04.1 1.0.28-7ubuntu0.1 9.1.1-1ubuntu0.1 1:1.10.9+submodules+notgz-1ubuntu0.20.04.3 0.27.2-8ubuntu2.5 3.6.13-2ubuntu1.6 1.643-1ubuntu0.1 20.10.7-0ubuntu1~20.04.1 1.15.0-1ubuntu0.1 3.20-8ubuntu0.4 0.4.2.7-1ubuntu0.1~esm1 91.0+build2-0ubuntu0.20.04.1 91.0.2+build1-0ubuntu0.20.04.1 12.8-0ubuntu0.20.04.1 2.0.13-2ubuntu0.2 0.27.2-8ubuntu2.6 0.27.2-8ubuntu2.7 5.4.0-1022.23 5.4.0-1042.46 5.4.0-1045.47 5.4.0-1051.54 5.4.0-1051.55 5.4.0-1053.57 5.4.0-1055.58 5.4.0-1056.58 5.4.0-81.91 5.11.0-27.29~20.04.1 91.0.1+build1-0ubuntu0.20.04.1 2:1.9.4-11ubuntu0.1 5.8.0-1038.39~20.04.1 5.8.0-1039.41 5.8.0-1040.43~20.04.1 5.8.0-1042.44~20.04.1 1.1.1f-1ubuntu2.8 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2 0.9.3-2ubuntu2.2 0.3.12-1ubuntu0.1 1:4.4-1ubuntu0.1 1:78.13.0+build1-0ubuntu0.20.04.2 1:2017.3.23AR.3-3ubuntu1.1 2.0.13-2ubuntu0.3 2.13+dfsg-2ubuntu0.3 2.13.3-0ubuntu0.20.04.2 4.9.0-0ubuntu3.1 2.2.3-3ubuntu0.7 2.2.5-5.2ubuntu2.1 0.16.0-1ubuntu0.1 5.11.0-1015.16~20.04.1 5.11.0-1017.18~20.04.1 5.11.0-34.36~20.04.1 5.4.0-1023.24 5.4.0-1046.48 5.4.0-1052.55 5.4.0-1052.56 5.4.0-1054.58 5.4.0-1056.59 5.4.0-1058.60 5.4.0-84.94 5.4.0-1043.47 5.10.0-1045.47 5.8.0-1041.44~20.04.1 92.0+build3-0ubuntu0.20.04.1 9.50~dfsg-5ubuntu4.3 1:2.25.1-1ubuntu3.2 2.20.11-0ubuntu27.20 1:4.4-1ubuntu0.2 1:4.4-1ubuntu0.3 7.68.0-1ubuntu2.7 1.8.5-5ubuntu1.1 5.13.0-1012.16 4.1.0+git191117-2ubuntu0.20.04.2 5.11.0-36.40~20.04.1 5.4.0-86.97 2.32.4-0ubuntu0.20.04.1 0~20191122.bd85bf54-2ubuntu3.3 20210119~20.04.2 2.4.41-4ubuntu3.5 2.4.41-4ubuntu3.6 5.4.0-1024.25 5.4.0-1047.49 5.4.0-1053.56 5.4.0-1053.57 5.4.0-1055.59 5.4.0-1057.60 5.4.0-1059.62 5.4.0-88.99 5.4.0-1044.48 5.4.0-1061.64 5.11.0-1019.20~20.04.1 5.11.0-1017.18~20.04.1 5.11.0-1019.20~20.04.1 5.11.0-37.41~20.04.2 5.11.0-1019.20~20.04.1 2:8.1.2269-1ubuntu5.3 2.6-2ubuntu0.20.04.1 5.13.0-1014.18 1.6.9+ds-1ubuntu0.1 1.6.1-1ubuntu0.1 1.5.2-0ubuntu1~20.04.3 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3 20.10.7-0ubuntu1~20.04.2 4.10-1ubuntu1.5 0.12.15-2.1ubuntu0.1 5.10.0-1049.51 93.0+build1-0ubuntu0.20.04.1 1.5-2ubuntu0.1 1:5.12.0-3ubuntu4.1 5.8.2-1ubuntu3.3 5.11.0-1020.21~20.04.1 5.11.0-1020.21~20.04.2 5.11.0-1021.23~20.04.1 5.11.0-38.42~20.04.1 5.10.0-1050.52 5.4.0-1020.23 5.4.0-1048.50 5.4.0-89.100 5.4.0-1006.7 5.4.0-1025.26 5.4.0-1045.49 5.4.0-1054.57 5.4.0-1056.60 5.4.0-1058.61 5.4.0-1062.65 5.13.0-1017.21 0.99.beta19-2.1ubuntu1.20.04.2 5.8.0-1043.46~20.04.1 1:2.1.29-1ubuntu3.1 2.20.11-0ubuntu27.21 8.0.27-0ubuntu0.20.04.1 2.34-6ubuntu1.3 7.4.3-4ubuntu2.7 1:9.16.1-0ubuntu2.9 2.34.1-0ubuntu0.20.04.1 94.0+build3-0ubuntu0.20.04.1 20.10.7-0ubuntu5~20.04.2 5.11.0-1021.22~20.04.1 5.11.0-1021.22~20.04.2 5.11.0-1022.24~20.04.1 5.11.0-40.44~20.04.2 5.13.0-1019.23 5.4.0-1007.8 5.4.0-1026.27 5.4.0-1049.51 5.4.0-1055.58 5.4.0-1057.61 5.4.0-1059.62 5.4.0-1063.66 5.4.0-90.101 5.4.0-1021.24 5.4.0-1046.50 5.4.0-1057.61 1.8.1-1ubuntu0.1 5.10.0-1051.53 5.14.0-1007.7 0.9.62-3ubuntu0.1 2:4.13.14+dfsg-0ubuntu0.20.04.1 2:4.13.14+dfsg-0ubuntu0.20.04.3 2:4.13.14+dfsg-0ubuntu0.20.04.4 12.9-0ubuntu0.20.04.1 1:78.14.0+build1-0ubuntu0.20.04.1 2:8.1.2269-1ubuntu5.4 1.3.18-2ubuntu0.1 0.6.55-0ubuntu12~20.04.5 1:2.1.29-1ubuntu3.1+esm1 0.9+LibO6.4.7-0ubuntu0.20.04.2 1.2.0+LibO6.4.7-0ubuntu0.20.04.2 1:6.4.7-0ubuntu0.20.04.2 2:102.11+LibO6.4.7-0ubuntu0.20.04.2 2.2.0+dfsg1-0ubuntu0.20.04.2 5.53-0ubuntu3.4 66.1-2ubuntu2.1 1.2.4-1ubuntu0.1 3:4.8.24-2ubuntu1+esm1 5.11.0-1022.23~20.04.1 5.11.0-1023.25~20.04.1 5.11.0-41.45~20.04.1 5.13.0-1020.24 5.4.0-1008.9 5.4.0-1022.25 5.4.0-1027.28 5.4.0-1047.52 5.4.0-1050.52 5.4.0-1056.59 5.4.0-1058.62 5.4.0-1060.63 5.4.0-1064.67 5.4.0-91.102 5.14.0-1008.8 2:3.49.1-1ubuntu1.6 1:78.14.0+build1-0ubuntu0.20.04.2 0.34.4-1ubuntu0.1~esm1 1:10.3.32-0ubuntu0.20.04.1 1:4.2.8p12+dfsg-3ubuntu4.20.04.1+esm1 2:1.9.4-11ubuntu0.1+esm1 2:2.2.12-1ubuntu0.8 1:1.30.1-4ubuntu6.4 1.12.1+dfsg-5ubuntu0.20.04.1~esm3 1.4.3+dfsg.1-1ubuntu0.1~esm2 1.0~dfsg0-1ubuntu0.1~esm1 1.5.17-3ubuntu0.1~esm1 95.0+build1-0ubuntu0.20.04.1 95.0.1+build2-0ubuntu0.20.04.1 3.1.3-1ubuntu0.1~esm1 1:2.0.19-2ubuntu0.1 1.4+really1.3.35-1ubuntu0.1~esm1 1.6.5-0ubuntu0.4 2.15.0-0.20.04.1 2:1.20.13-1ubuntu1~20.04.2 3.1.3+dfsg-2ubuntu0.1~esm1 1.3.0+dfsg-1ubuntu0.1 2.16.0-0.20.04.1 1.9.7-1ubuntu0.2 3.8.10-0ubuntu1~20.04.2 3.9.5-3ubuntu0~20.04.1 11.0.13+8-0ubuntu1~20.04 8u312-b07-0ubuntu1~20.04 2.17.0-0.20.04.1 2:2.2.12-1ubuntu0.9 4.3.2-1ubuntu0.1~esm2 5.14.0-1013.13 5.10.0-1053.55 5.11.0-1023.24~20.04.1 5.11.0-1024.26~20.04.1 5.11.0-44.48~20.04.2 5.4.0-1010.11 5.4.0-1023.26 5.4.0-1029.30 5.4.0-1048.53 5.4.0-1051.53 5.4.0-1057.60 5.4.0-1059.63 5.4.0-1061.64 5.4.0-1065.68 5.4.0-92.103 5.4.0-1060.64 5.4.0-94.106 2.4.41-4ubuntu3.9 2.34.3-0ubuntu0.20.04.1 1.2.10+ds1-1ubuntu1+esm1 3.4.5-2ubuntu0.1~esm1 2.8.5-1ubuntu0.1~esm1 5.14.0-1018.19 5.13.0-1026.32 5.10.0-1055.58 5.11.0-1025.27~20.04.1 5.11.0-1026.29~20.04.1 5.11.0-46.51~20.04.1 1.10.1-1ubuntu0.1~esm1 5:5.0.7-2ubuntu0.1+esm1 2.17.1-0.20.04.1 1.2.17-9ubuntu0.1 9.50~dfsg-5ubuntu4.5 4.5.0-1ubuntu0.5 245.4-4ubuntu3.15 7.0.0-4ubuntu0.5 7.0.0-4ubuntu0.6 96.0+build2-0ubuntu0.20.04.1 1.7044-1ubuntu0.1~esm1 1.4.3.6-2ubuntu0.1~esm1 0.11.1-1ubuntu0.1~esm1 0.103.5+dfsg-1~20.04.1 2.7.0-5ubuntu1.6 19.09+dfsg-2ubuntu0.1~esm1 42.2.10-1ubuntu0.1~esm1 4.5.11-1ubuntu0.1~esm1 5.10.0-1057.61 5.11.0-1027.30~20.04.1 5.11.0-1028.32~20.04.1 5.13.0-1028.35 5.14.0-1020.22 5.4.0-1012.13 5.4.0-1025.28 5.4.0-1031.32 5.4.0-1050.56 5.4.0-1053.55 5.4.0-1059.62 5.4.0-1061.65 5.4.0-1062.66 5.4.0-1063.66 5.4.0-1067.70 5.4.0-96.109 0.16.1-1ubuntu0.1 1.12.16-2ubuntu2.2 3.6.3-1ubuntu0.1~esm1 2:8.1.2269-1ubuntu5.6 1:91.5.0+build1-0ubuntu0.20.04.1 2.0-21-g6fe2f4f-2ubuntu0.20.04.1 5.8.2-1ubuntu3.4 0.4.22-3ubuntu0.1~esm1 0.105-26ubuntu1.2 2.0.7-2ubuntu0.1+esm1 2.34.4-0ubuntu0.20.04.1 0.9.3-2ubuntu0.1~esm2 1.7.0-4.1ubuntu1+esm1 2.8-1ubuntu0.1~esm1 2:4.13.17~dfsg-0ubuntu0.21.04.1 5.11.0-1028.31~20.04.1 5.11.0-1028.31~20.04.2 5.11.0-1029.33~20.04.3 5.13.0-1012.13~20.04.1 5.13.0-1029.36 5.13.0-28.31~20.04.1 5.4.0-1061.64 5.4.0-1013.14 5.4.0-1026.29 5.4.0-1032.33 5.4.0-1054.56 5.4.0-1062.66 5.4.0-1063.67 5.4.0-1064.67 5.4.0-1068.71 5.4.0-97.110 5.4.0-1014.15 5.4.0-1033.34 5.4.0-1055.57 5.4.0-1062.65 5.4.0-1063.67 5.4.0-1064.68 5.4.0-1065.68 5.4.0-1069.72 5.4.0-99.112 5.4.0-1052.58 2:2.2.12-1ubuntu0.10 8.0.28-0ubuntu0.20.04.3 4.7.6-1ubuntu0.1~esm1 1.10.4+repack-11ubuntu1+esm1 4.14.2.1+dfsg1-1ubuntu0.1~esm1 2.0.10+dfsg1-3ubuntu0.1~esm1 5.53-0ubuntu3.5 450.172.01-0ubuntu0.20.04.1 470.103.01-0ubuntu0.20.04.1 510.47.03-0ubuntu0.20.04.1 5.14.0-1022.24 1:2.34-0.1ubuntu9.3 2.34-0.1ubuntu9.3 1.2~rc1.2-1.1ubuntu1.20.04.1 0.20.0-3ubuntu0.1~esm1 0.19-1ubuntu0.1~esm1 4.4.10+ds1-2ubuntu1+esm1 97.0+build2-0ubuntu0.20.04.1 2:2.2.2-3ubuntu2.4 2.2.9-1ubuntu0.2 4.3.8+dfsg-1ubuntu1+esm1 3.4.0-2ubuntu1.1 2.54.3+20.04 2.54.3+20.04.1 2.54.3+20.04.1ubuntu0.2 0.9.1.2-10ubuntu0.20.04.1 5.4.0-100.113 5.4.0-1015.16 5.4.0-1028.31 5.4.0-1034.35 5.4.0-1053.60 5.4.0-1056.58 5.4.0-1064.68 5.4.0-1065.69 5.4.0-1066.69 5.4.0-1070.73 5.4.0-1070.73+cvm1.1 5.13.0-30.33~20.04.1 5.13.0-1014.15~20.04.1 5.13.0-1018.22~20.04.1 5.4.0-1063.66 7.4.3-4ubuntu2.10 2.1.27+dfsg-2ubuntu0.1 5.14.0-1024.26 7.4.3-4ubuntu2.9 0.105-26ubuntu1.3 1:10.3.34-0ubuntu0.20.04.1 2.34.6-0ubuntu0.20.04.1 1:4.2-3ubuntu6.21 0.8.2-1ubuntu1.1 2.31-0ubuntu9.7 1.5.5-0ubuntu3~20.04.2 1.5.9-0ubuntu1~20.04.4 2.0.13-2ubuntu0.5 11.0.14+9-0ubuntu2~20.04 17.0.2+8-1~20.04 11.0.14.1+1-0ubuntu1~20.04 97.0.2+build1-0ubuntu0.20.04.1 2.9.6+dfsg-1ubuntu0.1~esm1 5:5.0.7-2ubuntu0.1 5.13.0-1017.19~20.04.1 5.13.0-1019.23~20.04.1 5.13.0-1021.26~20.04.1 5.13.0-35.40~20.04.1 5.14.0-1027.30 5.4.0-1017.19 5.4.0-1030.33 5.4.0-1036.37 5.4.0-104.118 5.4.0-1055.62 5.4.0-1058.61 5.4.0-1065.68 5.4.0-1066.71 5.4.0-1067.71 5.4.0-1068.72 5.4.0-1072.75 5.4.0-1072.75+cvm1.1 2.2.9-1ubuntu0.4 98.0+build3-0ubuntu0.20.04.2 98.0.1+build2-0ubuntu0.20.04.1 98.0.2+build1-0ubuntu0.20.04.1 1:3.20-1ubuntu0.1 2.9.10+dfsg-5ubuntu0.20.04.2 5.8-3ubuntu1.1 1.1.1f-1ubuntu2.12 1.30+dfsg-7ubuntu0.20.04.2 0.9+LibO6.4.7-0ubuntu0.20.04.4 1.2.0+LibO6.4.7-0ubuntu0.20.04.4 1:6.4.7-0ubuntu0.20.04.4 2:102.11+LibO6.4.7-0ubuntu0.20.04.4 4.9.3-4ubuntu0.1 1:9.16.1-0ubuntu2.10 2.4.41-4ubuntu3.10 5.13.0-1019.21~20.04.1 5.13.0-1021.25~20.04.1 5.13.0-37.42~20.04.1 5.4.0-1018.20 5.4.0-1037.38 5.4.0-105.119 5.4.0-1056.63 5.4.0-1059.62 5.4.0-1066.69 5.4.0-1067.72 5.4.0-1068.72 5.4.0-1069.73 5.4.0-1073.76 5.4.0-1073.76+cvm1.1 4.12.1+dfsg-1ubuntu0.1 3.8.10-0ubuntu1~20.04.4 2.7.18-1~20.04.3+esm1 1:91.7.0+build2-0ubuntu0.20.04.1 5.14.0-1029.32 2.4.7-1ubuntu2.20.04.4 3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1~esm1 2.6.0-2ubuntu0.1 5.14.0-1031.34 18.9.0-11ubuntu0.20.04.2 1:1.2.11.dfsg-2ubuntu1.3 5.13.0-39.44~20.04.1 5.4.0-1061.64 5.4.0-1069.75 5.4.0-107.121 5.4.0-1071.76 5.4.0-1074.77 5.13.0-1021.23~20.04.2 5.13.0-1023.28~20.04.1 5.4.0-1019.21 5.4.0-1038.39 5.4.0-1058.65 5.4.0-1067.70 5.4.0-1069.73 5.4.0-1074.77+cvm1.1 3.1.3-8ubuntu0.3 9.0.31-1ubuntu0.2 5.13.0-1010.10 1.4.1-1ubuntu0.1 1.4.197-4+deb10u1build0.20.04.1 1.0.8-2ubuntu0.1 3.1.0-1.2ubuntu0.1~esm1 5.13.0-1021.24~20.04.1 5.13.0-1025.30~20.04.1 4.1.1-0ubuntu1.1 99.0+build2-0ubuntu0.20.04.2 1.18.0-0ubuntu1.3 1.13.0-3ubuntu0.1 2:2.2.12-1ubuntu0.11 3.4.0-2ubuntu1.2 1:2.25.1-1ubuntu3.3 1:2.25.1-1ubuntu3.4 5.4.0-1032.35 1.10-0ubuntu4.1 5.2.4-1ubuntu1.1 2.0.7-1ubuntu5.1 5.0-6ubuntu1.2 5.14.0-1033.36 1.15.5-1ubuntu0.3 5.13.0-1011.11 5.13.0-1022.24~20.04.1 5.13.0-1022.26~20.04.1 5.13.0-1024.29~20.04.1 5.13.0-1027.32~20.04.1 5.13.0-40.45~20.04.1 5.4.0-1020.22 5.4.0-1039.40 5.4.0-1059.67 5.4.0-1062.65 5.4.0-1068.71 5.4.0-1070.76 5.4.0-1072.77 5.4.0-1076.79+cvm1.1 5.4.0-1077.80 5.4.0-109.123 3.6.2-1ubuntu0.1~esm1 1:10.1.0-0ubuntu2.1 11.0.15+10-0ubuntu0.20.04.1 17.0.3+7-0ubuntu0.20.04.1 3.0-1ubuntu0.1 1.13.2-1ubuntu0.5 1:91.8.1+build1-0ubuntu0.20.04.1 2.36.0-0ubuntu0.20.04.3 2.1-2~ubuntu20.04.2 2.1-2~ubuntu20.04.3 7.68.0-1ubuntu2.10 6.0.0-0ubuntu8.16 8.0.29-0ubuntu0.20.04.2 8.0.29-0ubuntu0.20.04.3 19.11.12-0ubuntu0.20.04.1 1.1.1f-1ubuntu2.13 3.31.1-4ubuntu0.3 8.2001.0-1ubuntu1.3 2.80-1.1ubuntu1.5 2:3.49.1-1ubuntu1.7 100.0+build2-0ubuntu0.20.04.1 7.68.0-1ubuntu2.11 5.4.0-1021.23 5.4.0-1040.41 5.4.0-1060.68 5.4.0-1063.66 5.4.0-1071.76 5.4.0-1071.77 5.4.0-1073.78 5.4.0-1078.81 5.4.0-1078.81+cvm1.1 5.4.0-110.124 5.14.0-1036.40 5.13.0-1023.25~20.04.1 5.13.0-1023.27~20.04.1 5.13.0-1025.30~20.04.1 5.13.0-41.46~20.04.1 4.1.0+git191117-2ubuntu0.20.04.3 2.9.10+dfsg-5ubuntu0.20.04.3 0.103.6+dfsg-0ubuntu0.20.04.1 2.4.49+dfsg-2ubuntu1.9 2:8.39-12ubuntu0.1 3.4-6ubuntu0.1 2.20.11-0ubuntu27.24 100.0.2+build1-0ubuntu0.20.04.1 1:91.9.1+build1-0ubuntu0.20.04.1 1.9.7-1ubuntu0.3 12.11-0ubuntu0.20.04.1 2.36.2-0ubuntu0.20.04.1 5.4.0-1023.25 5.4.0-1065.68 5.4.0-1072.77 5.4.0-1075.80 5.4.0-1080.83 5.4.0-1080.83+cvm1.1 5.4.0-113.127 5.4.0-1036.39 5.4.0-1043.44 5.4.0-1062.70 5.4.0-1073.79 5.13.0-1025.27~20.04.1 5.13.0-1025.29~20.04.1 5.13.0-44.49~20.04.1 5.13.0-1027.32~20.04.1 5.13.0-1030.35~20.04.1 5.14.0-1038.42 1.13.0-3ubuntu0.2 1.19.7ubuntu3.2 1.6.4-1+deb10u1build0.20.04.1 2.3.1-9ubuntu1.2 1.2-4ubuntu0.20.04.1~esm1 2.36.3-0ubuntu0.20.04.1 2:6.9-1ubuntu0.2 2.2.0+dfsg1-0ubuntu0.20.04.3 2.7.0-5ubuntu1.7 1:2017.3.23AR.3-3ubuntu1.2 1.45.5-2ubuntu1.1 2.0-1.45.5-2ubuntu1.1 2.1-1.45.5-2ubuntu1.1 5.4.0-1026.29 5.4.0-1046.48 5.4.0-1065.75 5.4.0-1068.72 5.4.0-1074.79 5.4.0-1076.83 5.4.0-1078.84 5.4.0-1083.87 5.4.0-1083.87+cvm1.1 5.4.0-117.132 5.13.0-1014.15 5.13.0-1028.31~20.04.1 5.13.0-1028.33~20.04.1 5.13.0-1030.36~20.04.1 5.13.0-1033.39~20.04.1 5.13.0-48.54~20.04.1 5.14.0-1042.47 7:4.2.7-0ubuntu0.1 20211016~20.04.1 6.2.1-2ubuntu0.1 6.2.1-2ubuntu0.2 101.0.1+build1-0ubuntu0.20.04.1 3.12.0-3ubuntu0.1 7.4.3-4ubuntu2.12 5.53-0ubuntu3.6 3.2.7-1ubuntu0.1 2.5.1-1ubuntu0.1 5.13.0-1017.19 5.13.0-1031.35~20.04.1 5.13.0-1031.37~20.04.1 5.13.0-1033.40~20.04.1 5.13.0-1036.43~20.04.1 5.13.0-51.58~20.04.1 5.4.0-1028.32 5.4.0-1048.51 5.4.0-1070.75 5.4.0-1076.82 5.4.0-1078.86 5.4.0-1080.87 5.4.0-1085.90 5.4.0-1085.90+cvm1.1 5.4.0-120.136 5.14.0-1044.49 3.20220510.0ubuntu0.20.04.1 2.4.41-4ubuntu3.12 1.1.1f-1ubuntu2.15 1:4.2-3ubuntu6.23 4.10-1ubuntu1.6 5.4.0-121.137 5.13.0-52.59~20.04.1 7.68.0-1ubuntu2.12 22.2-0ubuntu1~20.04.3 2:2.2.12-1ubuntu0.12 1.1.1f-1ubuntu2.16 2.2.19-3ubuntu2.2 102.0+build2-0ubuntu0.20.04.1 2:3.49.1-1ubuntu1.8 3.2.0-4ubuntu2.1 1:2.3.7.2-1ubuntu3.6 2:1.20.13-1ubuntu1~20.04.3 1:2.25.1-1ubuntu3.5 1:91.11.0+build2-0ubuntu0.20.04.1 5.4.0-1029.33 5.4.0-1049.52 5.4.0-1066.76 5.4.0-1071.76 5.4.0-1078.84 5.4.0-1079.87 5.4.0-1081.88 5.4.0-1084.92 5.4.0-1086.91 5.4.0-1086.91+cvm1.1 5.4.0-122.138 5.14.0-1045.51 2.7.18-1~20.04.3 3.8.10-0ubuntu1~20.04.5 6.06-1ubuntu0.1 2.36.4-0ubuntu0.20.04.1 4.1.0+git191117-2ubuntu0.20.04.4 2.6.4-1ubuntu4.2 2.0.10-2+deb11u1build0.20.04.1 1.7.1-2ubuntu2.1 2.10.1-2ubuntu0.2 1.3.3-1ubuntu0.1 0.12.15-2.1ubuntu0.2 103.0+build1-0ubuntu0.20.04.1 8.0.30-0ubuntu0.20.04.2 1.2.5-1ubuntu0.1 5.4.0-1042.47 2:4.13.17~dfsg-0ubuntu1.20.04.1 5.8+dfsg-2ubuntu2.4 5.15.0-43.46~20.04.1 5.14.0-1046.53 11.0.16+8-0ubuntu1~20.04 17.0.4+8-1~20.04 8u342-b07-0ubuntu1~20.04 390.154-0ubuntu0.20.04.1 450.203.03-0ubuntu0.20.04.1 470.141.03-0ubuntu0.20.04.1 510.85.02-0ubuntu0.20.04.1 515.65.01-0ubuntu0.20.04.1 2.9.10+dfsg-5ubuntu0.20.04.4 2:2.2.12-1ubuntu0.13 3.6.13-2ubuntu1.7 4.6.8-1ubuntu3.1 1.9.8.2-1ubuntu0.20.04.1 2.40.0+dfsg-3ubuntu0.3 1.16.3-0ubuntu1.1 1.0-174-gce9f821-1ubuntu0.2 2.24.0+ds-2ubuntu0.1 3.36.4-0ubuntu2 5.4.0-1031.35 5.4.0-1044.49 5.4.0-1051.54 5.4.0-1068.78 5.4.0-1073.78 5.4.0-1080.86 5.4.0-1081.89 5.4.0-1083.90 5.4.0-1086.94 5.4.0-1089.94 5.4.0-124.140 5.15.0-46.49~20.04.1 5.15.0-1014.17~20.04.1 5.15.0-1016.21~20.04.1 5.15.0-1017.20~20.04.1 5.15.0-1017.21~20.04.1 5.14.0-1048.55 2.36.6-0ubuntu0.20.04.1 1.9.4-2ubuntu1.3 1:1.2.11.dfsg-2ubuntu1.5 12.12-0ubuntu0.20.04.1 3.1.3-8ubuntu0.4 4.93-13ubuntu1.6 1.1.34-4ubuntu0.20.04.1 5.14.0-1049.56 2:11.3.0-2ubuntu0~ubuntu20.04.3 104.0+build3-0ubuntu0.20.04.1 5.4.0-1089.94+cvm1.2 1.6.10-9ubuntu0.1 6.0.3-2ubuntu0.1 7.68.0-1ubuntu2.13 5.4.0-1069.79 5.4.0-125.141 5.14.0-1050.57 5.4.0-1032.36 5.4.0-1045.50 5.4.0-1052.55 5.4.0-1074.79 5.4.0-1081.87 5.4.0-1082.90 5.4.0-1084.91 5.4.0-1087.95 5.4.0-1090.95 5.15.0-1015.18~20.04.1 5.15.0-1017.23~20.04.2 5.15.0-1019.23~20.04.1 5.15.0-1019.24~20.04.1 5.4.0-1090.95+cvm1.1 0.86.1-0ubuntu1.1 2.40.0+dfsg-3ubuntu0.4 19.11.13-0ubuntu0.20.04.1 1.2.1-3ubuntu0.1 2.36.7-0ubuntu0.20.04.1 3.20220809.0ubuntu0.20.04.1 2:8.1.2269-1ubuntu5.8 2:8.1.2269-1ubuntu5.9 1.18.0-1ubuntu0.1 3.31.1-4ubuntu0.4 4.11.3+24-g14b62ab3e5-1ubuntu2.3 4.1.0+git191117-2ubuntu0.20.04.5 2.3.0-6ubuntu0.5+esm1 5.4.0-1033.37 5.4.0-1046.51 5.4.0-1053.56 5.4.0-1070.80 5.4.0-1075.80 5.4.0-1083.91 5.4.0-1085.92 5.4.0-1091.96 5.4.0-126.142 5.15.0-48.54~20.04.1 5.15.0-1020.24~20.04.1 5.15.0-1020.25~20.04.1 1.1.0+ds1-1ubuntu2.1 1:9.16.1-0ubuntu2.11 10.34-7ubuntu0.1 3.2.26+dfsg-6ubuntu0.1 2.0.3-0ubuntu1.20.04.3 4.3-1ubuntu0.20.04.2 2.2.9-1ubuntu0.5 2.2.9-1ubuntu0.6 5.4.0-1091.96+cvm1.1 4.10-1ubuntu1.7 2.36.8-0ubuntu0.20.04.1 9.50~dfsg-5ubuntu4.6 5.15.0-1018.24~20.04.1 5.4.0-1089.97 5.15.0-1016.19~20.04.1 105.0+build2-0ubuntu0.20.04.1 5.8.2-1ubuntu3.5 2:2.2.12-1ubuntu0.14 5.4.0-1083.89 4.4.1-2.1ubuntu5.20.04.4 0.15.0-1ubuntu0.2 0.9+LibO6.4.7-0ubuntu0.20.04.5 1.2.0+LibO6.4.7-0ubuntu0.20.04.5 1:6.4.7-0ubuntu0.20.04.5 2:102.11+LibO6.4.7-0ubuntu0.20.04.5 1:102.2.2+build1-0ubuntu0.20.04.1 5.15.0-1021.25~20.04.1 5.15.0-1021.26~20.04.1 5.15.0-50.56~20.04.1 5.4.0-1034.38 5.4.0-1047.52 5.4.0-1054.57 5.4.0-1076.81 5.4.0-1084.90 5.4.0-1084.92 5.4.0-1086.93 5.4.0-128.144 2:6.2.0+dfsg-4ubuntu0.1 6.0-25ubuntu1.1 7.7.0+dfsg-1ubuntu1.1 5.4.0-1071.81 5.4.0-1090.98 3:3.8.0-2.1ubuntu0.1 1:2.25.1-1ubuntu3.6 1.3.5-2ubuntu0.20.04.1 5.30.0-9ubuntu0.3 5.4.0-1036.41 5.4.0-1049.55 5.4.0-1056.60 5.4.0-1073.84 5.4.0-1078.84 5.4.0-1086.93 5.4.0-1086.95 5.4.0-1088.96 5.4.0-1092.101 5.4.0-1094.100 5.4.0-131.147 5.14.0-1054.61 5.15.0-1019.23~20.04.1 5.15.0-1021.28~20.04.1 5.15.0-1022.26~20.04.1 5.15.0-1022.27~20.04.1 5.15.0-52.58~20.04.1 0.9+LibO6.4.7-0ubuntu0.20.04.6 1.2.0+LibO6.4.7-0ubuntu0.20.04.6 1:6.4.7-0ubuntu0.20.04.6 2:102.11+LibO6.4.7-0ubuntu0.20.04.6 8.0.31-0ubuntu0.20.04.1 1:10.1.0-0ubuntu2.2 7.68.0-1ubuntu2.14 1.12.16-2ubuntu2.3 5.4.0-1092.97+cvm1.1 8324-0ubuntu3~20.04.5 106.0.2+build1-0ubuntu0.20.04.1 106.0.5+build1-0ubuntu0.20.04.1 1:2017.3.23AR.3-3ubuntu1.3 4.1.0+git191117-2ubuntu0.20.04.6 0.19.5-1ubuntu1.1 3.31.1-4ubuntu0.5 7.4.3-4ubuntu2.15 0.38.4-0ubuntu2.1 11.0.17+8-1ubuntu2~20.04 17.0.5+8-2ubuntu1~20.04 8u352-ga-1~20.04 1.18.0-0ubuntu1.4 1:102.4.2+build2-0ubuntu0.20.04.1 1.13.8-1ubuntu1.1 107.0+build2-0ubuntu0.20.04.1 5.4.0-1037.42 5.4.0-1050.56 5.4.0-1074.85 5.4.0-1079.85 5.4.0-1087.96 5.4.0-1089.97 5.4.0-1093.102 5.4.0-1095.101 5.4.0-132.148 5.4.0-1057.61 5.4.0-1087.94 5.4.0-1095.101+cvm1.1 5.15.0-1022.28~20.04.1 5.15.0-1023.27~20.04.1 5.15.0-1023.29~20.04.1 5.15.0-53.59~20.04.1 5.15.0-1020.25~20.04.1 5.15.0-1022.29~20.04.1 2.38.2-0ubuntu0.20.04.1 0.8.3-1ubuntu2.1 1.9.4-2ubuntu1.4 1.3.3-1ubuntu0.1 2.2.0+dfsg1-0ubuntu0.20.04.4 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 1:10.3.37-0ubuntu0.20.04.1 1:10.3.38-0ubuntu0.20.04.1 2:1.20.13-1ubuntu1~20.04.4 4.93-13ubuntu1.7 2.1-3.1ubuntu0.20.04.1 4.1.0+git191117-2ubuntu0.20.04.7 1:4.8.1-1ubuntu5.20.04.3 1:4.8.1-1ubuntu5.20.04.4 12.2.0-2ubuntu0.2 2.57.5+20.04ubuntu0.1 5.15.0-1025.31~20.04.2 5.15.0-1026.30~20.04.2 5.15.0-56.62~20.04.1 5.15.0-1023.28~20.04.2 5.15.0-1025.32~20.04.2 5.4.0-1040.45 5.4.0-1060.64 5.4.0-1077.88 5.4.0-1082.88 5.4.0-1090.99 5.4.0-1092.100 5.4.0-1096.105 5.4.0-135.152 5.4.0-1090.97 5.4.0-1098.104 1:0.5.0-1~ubuntu20.04.1+esm1 2.9.10+dfsg-5ubuntu0.20.04.5 20211016ubuntu0.20.04.1 2.34-6ubuntu1.4 1:1.17.4-5ubuntu3.1 2021.01+dfsg-3ubuntu0~20.04.5 7.7.0+dfsg-1ubuntu1.2 3.8.10-0ubuntu1~20.04.6 1:4.2-3ubuntu6.24 1.5.9-0ubuntu1~20.04.6 7.0.0-4ubuntu0.7 6.2.1-3ubuntu0.1~esm1 2:1.20.13-1ubuntu1~20.04.5 5.15.0-1029.36~20.04.1 108.0+build2-0ubuntu0.20.04.1 108.0.1+build1-0ubuntu0.20.04.1 108.0.2+build1-0ubuntu0.20.04.1 0.8.0-1ubuntu0.1 3.0.20+dfsg-3ubuntu0.2 1:3.36.3-0ubuntu1.20.04.2 1.3.5-2ubuntu0.20.04.2 7.68.0-1ubuntu2.15 5.14.0-1055.62 5.4.0-1041.46 5.4.0-1061.65 5.4.0-1078.89 5.4.0-1083.89 5.4.0-1091.100 5.4.0-1091.98 5.4.0-1093.101 5.4.0-1097.106 5.4.0-136.153 5.4.0-1100.106 5.4.0-1100.106+cvm1.1 5.15.0-57.63~20.04.1 5.15.0-1027.31~20.04.1 5.15.0-1030.37~20.04.1 5.8+dfsg-2ubuntu2.6 0.5.3-37ubuntu0.1 2.38.3-0ubuntu0.20.04.1 7.7.0+dfsg-1ubuntu1.3 2:8.1.2269-1ubuntu5.11 5.15.0-1027.34~20.04.1 5.15.0-1028.32~20.04.1 5.15.0-1031.38~20.04.1 5.15.0-58.64~20.04.1 5.4.0-1042.47 5.4.0-1084.90 5.4.0-1092.101 5.4.0-1094.102 5.4.0-1098.107 5.4.0-137.154 2.7.0-5ubuntu1.8 1:3.5.12-1ubuntu0.20.04.1 5.14.0-1056.63 1:2.25.1-1ubuntu3.7 1:2.25.1-1ubuntu3.8 1.8.31-1ubuntu1.4 1.25.8-2ubuntu0.2 5.4.0-1062.66 5.15.0-1027.33~20.04.1 5.15.0-58.64~20.04.1 5.4.0-1054.60 109.0+build2-0ubuntu0.20.04.1 109.0.1+build1-0ubuntu0.20.04.2 44.0.0-2ubuntu0.1 45.2.0-1ubuntu0.1 7.4.3-4ubuntu2.17 2.0.29-0ubuntu1.1 1:5.9~svn20110310-12ubuntu0.1 0.34.2-1ubuntu0.1 20.0.2-5ubuntu1.8 2:4.13.17~dfsg-0ubuntu1.20.04.4 2:4.13.17~dfsg-0ubuntu1.20.04.5 8.0.32-0buntu0.20.04.1 8.0.32-0ubuntu0.20.04.2 1:102.7.1+build2-0ubuntu0.20.04.1 1.3.1-5ubuntu4.4 1.3.1-5ubuntu4.6 3.0.28-2ubuntu0.2 1:9.16.1-0ubuntu2.12 1.17-6ubuntu4.2 5.4.0-1079.90 5.4.0-1101.107 0.18.2-2ubuntu0.1 2:16.4.2-0ubuntu2.1 2:20.2.0-0ubuntu1.1 2:21.2.4-0ubuntu2.1 2:16.4.2-0ubuntu2.2 2:2.2.12-1ubuntu0.15 2.1-2.1ubuntu0.20.04.1 2.4.41-4ubuntu3.13 0.631+git180528-1+deb10u1build0.20.04.1 0.12.1-1.1ubuntu0.20.04.1~esm1 3.0a-2ubuntu0.4 1.1.1f-1ubuntu2.17 2:1.20.13-1ubuntu1~20.04.6 1.0.4-2ubuntu0.1~esm1 7.7.0+dfsg-1ubuntu1.4 5.15.0-1029.35~20.04.1 5.15.0-1033.40~20.04.1 5.15.0-60.66~20.04.1 2.25.2-0ubuntu1.1 5.4.0-1064.68 5.4.0-1080.91 5.4.0-1086.92 5.4.0-1093.102 5.4.0-1096.104 5.4.0-1103.109 5.4.0-139.156 8:6.9.10.23+dfsg-2.1ubuntu11.5 8:6.9.10.23+dfsg-2.1ubuntu11.7 5.14.0-1057.64 1:3.2.7a-7ubuntu0.1 2:21.2.4-0ubuntu2.2 2.38.4-0ubuntu0.20.04.2 2:2.2.12-1ubuntu0.16 2.0.29-0ubuntu1.3 1.6.1-4ubuntu2.1 1:2.25.1-1ubuntu3.10 0.3.2-4ubuntu0.1 5.4.0-1044.49 5.4.0-1100.109 5.4.0-1094.101 5.15.0-1029.36~20.04.1 5.15.0-1030.34~20.04.1 5.15.0-1027.32~20.04.1 110.0+build3-0ubuntu0.20.04.1 110.0.1+build2-0ubuntu0.20.04.1 3.6.4-2.1ubuntu0.1~esm1 3.20230214.0ubuntu0.20.04.1 0.103.8+dfsg-0ubuntu0.20.04.1 3.9.5-3ubuntu0~20.04.1+esm1 1.32.3-2ubuntu2+esm1 2.13.8-0ubuntu1.1 7.68.0-1ubuntu2.16 2:3.49.1-1ubuntu1.9 2.38.5-0ubuntu0.20.04.1 2:1.3.0-8+deb10u1build0.20.04.1 2.0.7-2ubuntu0.1+esm2 11.0.18+10-0ubuntu1~20.04.1 17.0.6+10-0ubuntu1~20.04.1 8u362-ga-0ubuntu1~20.04.1 7.6+dfsg-2ubuntu0.20.04.2 1.30+dfsg-7ubuntu0.20.04.3 3.6.13-2ubuntu1.8 7.4.3-4ubuntu2.18 1.4.55-1ubuntu1.20.04.2 14.4.2+git20190427-2+deb11u1build0.20.04.1 14.4.2+git20190427-2+deb11u2build0.20.04.1 12.14-0ubuntu0.20.04.1 1.15.0-1ubuntu0.2 5.4.0-1103.109+cvm1.1 2.0.7-2ubuntu0.1+esm3 5.15.0-1028.33~20.04.1 5.15.0-1030.36~20.04.1 5.15.0-1030.37~20.04.1 5.15.0-1031.35~20.04.1 5.15.0-1034.41~20.04.1 5.15.0-67.74~20.04.1 5.14.0-1058.66 5.4.0-1065.69 5.4.0-1087.93 5.4.0-1094.103 5.4.0-1095.102 5.4.0-1097.105 5.4.0-1101.110 5.4.0-1104.110 5.4.0-144.161 5.4.0-1058.64 3.1.3-8ubuntu0.5 4.1.0+git191117-2ubuntu0.20.04.8 245.4-4ubuntu3.20 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 5.4.0-1081.92 2:4.15.13+dfsg-0ubuntu0.20.04.1 0.9+20170913-1ubuntu0.20.04.1~esm1 2.4.41-4ubuntu3.14 1:102.8.0+build2-0ubuntu0.20.04.1 1.25+ds-2ubuntu0.1 3.6.1.3-2ubuntu5.2 1.4.11.1-1ubuntu0.3 2.12.5-1ubuntu0.1~esm1 0.16.1+dfsg1-2ubuntu0.1 5.4.0-1045.50 7.13.0-1ubuntu0.1~esm1 111.0+build2-0ubuntu0.20.04.1 111.0.1+build2-0ubuntu0.20.04.1 6.0.6-0.1ubuntu0.1~esm1 2.1.3-1.2+deb10u1build0.20.04.1 7:4.2.7-0ubuntu0.1+esm1 1.17-6ubuntu4.3 3.8.10-0ubuntu1~20.04.7 8.14.6-0.1ubuntu0.1~esm1 2:8.1.2269-1ubuntu5.12 7.68.0-1ubuntu2.18 1.10.1+dfsg-3ubuntu0.1+esm2 1:3.5.1-2ubuntu0.1 1:3.5.1-2ubuntu0.2 1:3.5.1-2ubuntu0.3 0.11.4-2ubuntu0.1 3.0.7-1ubuntu0.1~esm1 1.9+srconly-3ubuntu0.1 2.42.2-3ubuntu0.1~esm1 1:102.9.0+build1-0ubuntu0.20.04.1 1.4.7-3ubuntu0.1 1.4+really1.3.35-1ubuntu0.1 5.14.0-1059.67 5.4.0-1046.51 5.4.0-1066.70 5.4.0-1082.93 5.4.0-1088.94 5.4.0-1096.103 5.4.0-1098.107 5.4.0-1099.107 5.4.0-1102.111 5.4.0-1105.111 5.4.0-146.163 5.15.0-1031.38~20.04.1 5.15.0-1032.38~20.04.1 5.15.0-1033.37~20.04.1 5.15.0-1035.42~20.04.1 5.15.0-69.76~20.04.1 2:1.20.13-1ubuntu1~20.04.8 5.15.0-1029.34~20.04.1 1.0.7-6ubuntu0.20.04.1 1.1.24-1ubuntu0.1~esm1 2:2.4.4-0ubuntu0.20.04.2 2:4.15.13+dfsg-0ubuntu0.20.04.2 2:8.1.2269-1ubuntu5.13 3.12.0-3ubuntu0.2 1.8.18-8ubuntu0.1 1.2.17-9ubuntu0.2 1.0.0-1ubuntu0.20.04.1 5.4.0-1059.65 1.8.31-1ubuntu1.5 0.12.11-1ubuntu1.20.04.1+esm1 112.0+build2-0ubuntu0.20.04.1 112.0.1+build1-0ubuntu0.20.04.1 112.0.2+build1-0ubuntu0.20.04.1 2.2-2ubuntu0.20.04.1 1:102.10.0+build2-0ubuntu0.20.04.1 3.3.0-1+deb10u1build0.20.04.1 9.50~dfsg-5ubuntu4.7 2.20.11-0ubuntu27.26 3.0.8-2ubuntu0.1 5.4.0-1060.66 5.3.2-1ubuntu0.1~esm1 0.9+LibO6.4.7-0ubuntu0.20.04.7 1.2.0+LibO6.4.7-0ubuntu0.20.04.7 1:6.4.7-0ubuntu0.20.04.7 2:102.11+LibO6.4.7-0ubuntu0.20.04.7 5.15.0-1031.36~20.04.1 5.15.0-1032.40~20.04.1 5.15.0-1033.39~20.04.1 5.15.0-1034.38~20.04.1 5.15.0-1036.43~20.04.1 5.15.0-70.77~20.04.1 2:8.1.2269-1ubuntu5.14 5.4.0-1047.52 5.4.0-1067.71 5.4.0-1083.94 5.4.0-1089.95 5.4.0-1097.104 5.4.0-1099.108 5.4.0-1100.108 5.4.0-1103.112 5.4.0-1106.112 5.4.0-147.164 2.9.10+dfsg-5ubuntu0.20.04.6 2.80-1.1ubuntu1.7 3.6-1+deb11u1build0.20.04.1 1.18.1-1ubuntu1~20.04.2 1.13.8-1ubuntu1.2 1.16.2-0ubuntu1~20.04.1 1.1.1f-1ubuntu2.18 5.15.0-70.77~20.04.1 23.1.2-0ubuntu0~20.04.1 23.1.2-0ubuntu0~20.04.2 5.15.0-1032.37~20.04.1 5.15.0-1034.40~20.04.1 5.15.0-1035.39~20.04.1 5.15.0-71.78~20.04.1 2.1.0-0ubuntu1.20.04.2 5.4.0-1048.53 5.4.0-1068.72 5.4.0-1090.96 5.4.0-1098.105 5.4.0-1100.109 5.4.0-1101.109 5.4.0-1104.113 5.4.0-1107.113 5.4.0-148.165 0.4.37-1ubuntu0.20.04.1 1:4.1.45-1ubuntu0.1~esm1 1:2.25.1-1ubuntu3.11 5.15.0-1037.44~20.04.1 2:2.2.12-1ubuntu0.17 2.7.0-5ubuntu1.9 2.7.0-5ubuntu1.10 1:22.2.7+dfsg-1ubuntu0.2 8.0.33-0ubuntu0.20.04.1 8.0.33-0ubuntu0.20.04.2 2.38.6-0ubuntu0.20.04.1 2.10.1-2ubuntu0.3 15.2.17-0ubuntu0.20.04.3 0.2.4-3ubuntu0.1 3.2.1-1ubuntu0.1~esm1 1:14.2.0-0ubuntu1.1 2:16.4.2-0ubuntu6.2 2.13.8-0ubuntu1.2 5.4.0-1084.95 5.15.0-1037.44~20.04.1.1 2:16.4.2-0ubuntu2.3 2.0.0-0ubuntu4.1 2:21.2.4-0ubuntu2.3 3.0.8-0ubuntu1.1 2:21.2.4-0ubuntu2.4 2:16.4.2-0ubuntu2.4 2.0.0-0ubuntu4.2 2:21.2.4-0ubuntu2.5 3.0.8-0ubuntu1.2 113.0+build2-0ubuntu0.20.04.1 113.0.1+build1-0ubuntu0.20.04.1 113.0.2+build1-0ubuntu0.20.04.1 1:102.11.0+build1-0ubuntu0.20.04.1 11.0.19+7~us1-0ubuntu1~20.04.1 17.0.7+7~us1-0ubuntu1~20.04 8u372-ga~us1-0ubuntu1~20.04 0.6.1-2ubuntu0.20.04.2 5.15.0-1036.40~20.04.1 5.15.0-1038.45~20.04.1 5.15.0-1038.45~20.04.1.1 5.15.0-72.79~20.04.1 0.2.1-1+deb10u1build0.20.04.1 1.27.4-1ubuntu0.2 3.0.4-4ubuntu0.1 2.7.0-5ubuntu1.11 1.1.4-0ubuntu1~20.04.3 5.15.0-1033.38~20.04.1 5.15.0-1034.42~20.04.1 5.15.0-1035.41~20.04.1 5.4.0-1062.68 5.4.0-1049.54 5.4.0-1069.73 5.4.0-1091.97 5.4.0-1099.106 5.4.0-1102.110 5.4.0-1105.114 5.4.0-1108.114 5.4.0-149.166 1.9.2-1ubuntu0.1 1:3.04-1ubuntu0.1 6.2-0ubuntu2.1 1.06-1ubuntu0.20.04.1 2.34-6ubuntu1.5 0.1.27+ds-1+deb10u2build0.20.04.1 0.2.3-1+deb10u1build0.20.04.1 12.15-0ubuntu0.20.04.1 20230311ubuntu0.20.04.1 5.15.0-1033.41~20.04.1 1:3.04-1ubuntu0.2 5.4.0-1085.96 1:3.04-1ubuntu0.2+esm1 1.1.1-2ubuntu0.1 5.30.0-9ubuntu0.4 1.0.1-1+deb10u1build0.20.04.1 2019.20190605.51237-3ubuntu0.1 7.1.2+dfsg-1ubuntu0.1 1.12-1ubuntu0.1 5.4.0-1101.110 1.1.1f-1ubuntu2.19 0.4.1-1ubuntu0.1~esm1 2.58+20.04.1 5.15.0-1034.39~20.04.1 5.15.0-1035.43~20.04.1 5.15.0-1036.42~20.04.1 5.15.0-1037.41~20.04.1 5.15.0-1039.46~20.04.1 5.15.0-73.80~20.04.1 2.3.1-9ubuntu1.3 0.7-4ubuntu7.2 5.4.0-1050.55 5.4.0-1070.74 5.4.0-1092.98 5.4.0-1100.107 5.4.0-1102.111 5.4.0-1103.111 5.4.0-1106.115 5.4.0-1109.115 5.4.0-150.167 5.4.0-1064.70 5.15.0-1030.35~20.04.1 5.15.0-1039.46~20.04.1.1 0.19.5-1ubuntu1.2 0.9.3-2ubuntu2.3 3.8.10-0ubuntu1~20.04.8 1.40.0-1ubuntu0.1 114.0+build3-0ubuntu0.20.04.1 114.0.1+build1-0ubuntu0.20.04.1 114.0.2+build1-0ubuntu0.20.04.1 0.9+LibO6.4.7-0ubuntu0.20.04.8 1.2.0+LibO6.4.7-0ubuntu0.20.04.8 1:6.4.7-0ubuntu0.20.04.8 2:102.11+LibO6.4.7-0ubuntu0.20.04.8 12.2.0-2ubuntu0.3 3.1.12~ds-4ubuntu0.20.04.1 0.6.0-1ubuntu0.1 5.4.0-1086.97 5.4.0-1023.27 5.4.0-1101.108 4.6.3-3ubuntu0.1~esm1 2:8.1.2269-1ubuntu5.15 2.22.0-2ubuntu1.1 2.2.3-3ubuntu0.11 2.2.3-3ubuntu0.12 1.7.3-2ubuntu0.1 2.34-6ubuntu1.6 5.15.0-1031.36~20.04.1 2.9.19+dfsg-3ubuntu0.20.04.1 1.15.0-1ubuntu0.3 2.64.6-1~ubuntu20.04.6 1:2.32-1ubuntu0.1 1:4.2-3ubuntu6.27 2:1.6.9-2ubuntu1.5 1.8.1-1ubuntu0.1~esm1 5.15.0-1036.41~20.04.1 5.15.0-1036.44~20.04.1 5.15.0-1037.43~20.04.1 5.15.0-1038.43~20.04.1 5.15.0-1040.47~20.04.1 5.15.0-1040.47~20.04.1.1 5.15.0-75.82~20.04.1 5.4.0-152.169 1.26.0-3ubuntu1.20.04.1 1.4.0-1ubuntu0.20.04.1 1.4.0-1ubuntu0.20.04.1+esm1 3.0.9.2-1ubuntu0.1~esm1 2.3.0-7ubuntu0.20.04.1 1:9.16.1-0ubuntu2.15 2.3.1-9ubuntu1.4 5.4.0-1051.56 5.4.0-1065.71 5.4.0-1071.75 5.4.0-1088.99 5.4.0-1093.99 5.4.0-1102.109 5.4.0-1103.112 5.4.0-1104.112 5.4.0-1107.116 5.4.0-1110.116 3.2.26+dfsg-6ubuntu0.2+esm1 0.6.55-0ubuntu12~20.04.6 5.15.0-1023.28~20.04.1 5.15.0-1037.42~20.04.1 5.15.0-1037.45~20.04.1 5.15.0-1038.44~20.04.1 5.15.0-1039.44~20.04.1 5.15.0-1041.48~20.04.1 5.15.0-1041.48~20.04.1.1 5.15.0-76.83~20.04.1 5.4.0-1052.57 5.4.0-1066.72 5.4.0-1072.76 5.4.0-1089.100 5.4.0-1094.100 5.4.0-1104.113 5.4.0-1105.113 5.4.0-1108.117 5.4.0-1111.117 5.4.0-153.170 3.5.34-1ubuntu1.1 7.4.3-4ubuntu2.19 8:6.9.10.23+dfsg-2.1ubuntu11.9 115.0+build2-0ubuntu0.20.04.3 1.6.12-0ubuntu1~20.04.3 2:2.2.12-1ubuntu0.18 1.2.0-0ubuntu7.1 5.4.0-1103.110 5.15.0-1033.38~20.04.1 2.7.0-1ubuntu0.1 5.0.2-2ubuntu0.1 5.15.0-1034.39~20.04.1 9.50~dfsg-5ubuntu4.8 1:102.13.0+build1-0ubuntu0.20.04.1 1.21-0ubuntu1~20.04.1 1.8.1+ds-3ubuntu0.2 115.0.2+build1-0ubuntu0.20.04.1 2.7.0-5ubuntu1.12 5.4.0-1024.28 3.2.1-3ubuntu2.1 1.3.3-3ubuntu0.1~esm1 0.12.5-1ubuntu0.1 2.1.0-3ubuntu0.20.04.1 5.4.0-1025.29 1.36-2ubuntu0.1 7.68.0-1ubuntu2.19 2:4.15.13+dfsg-0ubuntu0.20.04.3 0.3.2+git20151018-2+deb10u1build0.20.04.1 1:8.2p1-4ubuntu0.8 1.1.4-5ubuntu0.1 3.20191218.1ubuntu1.1 5.15.0-1024.29~20.04.1 5.15.0-1038.43~20.04.1 5.15.0-1038.46~20.04.1 5.15.0-1039.45~20.04.1 5.15.0-1040.45~20.04.1 5.15.0-1042.49~20.04.1 5.15.0-1042.49~20.04.1.1 5.15.0-78.85~20.04.1 5.4.0-1026.30 5.4.0-1053.58 5.4.0-1073.77 5.4.0-1090.101 5.4.0-1095.101 5.4.0-1104.111 5.4.0-1105.114 5.4.0-1106.114 5.4.0-1109.118 5.4.0-1112.118 5.4.0-155.172 5.15.0-1036.41~20.04.1 5.4.0-1017.18 2:11.3.0-2ubuntu0~ubuntu20.04.5 2.0.874-7.1ubuntu6.4 5.4.0-1018.19 3.2.3-1ubuntu0.1~esm1 11.0.20+8-1ubuntu1~20.04 17.0.8+7-1~20.04.2 8u382-ga-1~20.04.1 11.0.20.1+1-0ubuntu1~20.04 17.0.8.1+1~us1-0ubuntu1~20.04 2.48.9-1ubuntu0.20.04.4 116.0+build2-0ubuntu0.20.04.2 116.0.2+build1-0ubuntu0.20.04.1 116.0.3+build2-0ubuntu0.20.04.1 1.16.3-0ubuntu1.2 1.16.3-0ubuntu1.2 2:8.1.2269-1ubuntu5.16 2.0.13-1.4+deb11u1build0.20.04.1 0.86.1-0ubuntu1.2 0.67.1+ds0ubuntu0.libgit2-0ubuntu0.20.04.2+esm1 0.6.2+dfsg-3ubuntu0.20.04.1 1:8.2p1-4ubuntu0.9 1.26.0-3ubuntu1.20.04.2 1.7-5+deb9u1build0.20.04.1 2.0-7ubuntu0.20.04.1 5.4.0-1019.20 5.4.0-1074.78 5.4.0-1091.102 5.4.0-1096.102 5.4.0-1106.115 5.4.0-1107.115 5.4.0-1110.119 5.4.0-156.173 3.20230808.0ubuntu0.20.04.1 2.2.2-1ubuntu0.1 8.0.34-0ubuntu0.20.04.1 4.1.0+git191117-2ubuntu0.20.04.9 2.0.31-0ubuntu0.2 12.16-0ubuntu0.20.04.1 9.50~dfsg-5ubuntu4.9 0.13.62-3.2ubuntu1.1 0.86.1-0ubuntu1.3 5.15.0-1037.42~20.04.1 5.15.0-1040.46~20.04.1 5.15.0-1041.46~20.04.1 5.15.0-79.86~20.04.2 5.15.0-79.88~20.04.1 5.4.0-1027.31 2:8.1.2269-1ubuntu5.17 0.103.9+dfsg-0ubuntu0.20.04.1 2:1.9.4-11ubuntu0.2 7.4.3-4ubuntu2.20 0.6.1+dfsg1-1ubuntu0.1 5.15.0-1025.30~20.04.1 5.15.0-1039.44~20.04.1 5.15.0-1039.47~20.04.1 5.4.0-1105.112 2.9.1-1ubuntu0.1 5.4.0-1054.59 5.4.0-1068.74 5.15.0-1041.47~20.04.1 5.15.0-1043.48~20.04.1 5.15.0-82.91~20.04.1 5.4.0-1028.32 5.4.0-1097.103 5.4.0-1107.116 5.4.0-1108.116 5.4.0-1111.120 5.4.0-159.176 3.20191218.1ubuntu1.2 117.0+build2-0ubuntu0.20.04.1 0.176-1.1ubuntu0.1 5.4.0-1075.79 5.15.0-1026.31~20.04.1 3.0.7-1ubuntu0.1~esm2 5.15.0-1040.48~20.04.1 5.4.0-1114.120 5.15.0-1045.52~20.04.1 1:102.15.0+build1-0ubuntu0.20.04.1 0.7.git20120829-3.1ubuntu0.1 2.7.1+ds2-7ubuntu0.3 5.15.0-83.92~20.04.1 5.15.0-1027.32~20.04.1 5.15.0-1041.49~20.04.1 5.15.0-1046.53~20.04.1 5.15.0-1046.53~20.04.1.1 5.4.0-1021.22 5.4.0-1098.104 5.4.0-1108.117 5.4.0-1109.118 5.4.0-1112.121 5.4.0-162.179 5.4.0-1029.33 5.4.0-1076.80 5.4.0-1093.104 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 5.4.0-1092.103 5.15.0-1043.50~20.04.1.1 5.15.0-1038.43~20.04.1 5.4.0-1115.122 5.15.0-1037.40~20.04.1 5.15.0-1042.48~20.04.1 5.15.0-1044.49~20.04.1 1.3.2-4ubuntu0.2 1.8.5-8ubuntu0.20.04.1 1.187.3~20.04.1+2.06-2ubuntu14.1 1.40.9+15.7-0ubuntu1 15.7-0ubuntu1 2.06-2ubuntu14.1 1.3.2-7ubuntu0.1 5.4.0-1056.61 4.3.2-3+deb10u1build0.20.04.1 1.3.3-1ubuntu0.2 2.3.1-9ubuntu1.5 9.50~dfsg-5ubuntu4.10 2:11.3.0-2ubuntu0~ubuntu20.04.6 117.0.1+build2-0ubuntu0.20.04.1 1:102.15.1+build1-0ubuntu0.20.04.1 0.6.1-2ubuntu0.20.04.3 2.9.3-1ubuntu0.1 1.8.0-2.1ubuntu0.1 1:5.0.1+dfsg-1ubuntu0.1 1.13.2-1ubuntu0.6 1.15.0-1ubuntu0.4 0.19.5-1ubuntu1.3 2:2.2.12-1ubuntu0.19 3.0.5-0ubuntu0.20.04.1 10.19.0~dfsg-3ubuntu1.1 1.5.22-2ubuntu0.3 5.15.0-1028.33~20.04.1 5.15.0-1038.41~20.04.1 5.15.0-1042.50~20.04.1 5.15.0-1045.50~20.04.1 5.15.0-1047.54~20.04.1 5.15.0-1047.54~20.04.1.1 5.15.0-84.93~20.04.1 5.15.0-1040.46~20.04.1 5.15.0-1044.50~20.04.1 5.4.0-1022.23 5.4.0-1030.34 5.4.0-1057.62 5.4.0-1077.81 5.4.0-1099.105 5.4.0-1109.118 5.4.0-1110.119 5.4.0-1113.122 5.4.0-1116.123 5.4.0-163.180 5.4.0-1071.77 5.4.0-1094.105 2.2.12-1ubuntu0.20.04.1 1:9.16.1-0ubuntu2.16 2.3.1-9ubuntu1.6 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 5.4.0-1070.76 1.2.1+dfsg-1ubuntu0.20.04.2 2.2.0+dfsg1-0ubuntu0.20.04.5 1.2.0-3ubuntu0.1 1.8.2-1ubuntu0.2 118.0.1+build1-0ubuntu0.20.04.1 118.0.2+build2-0ubuntu0.20.04.1 1:115.3.1+build1-0ubuntu0.20.04.1 2:1.6.9-2ubuntu1.6 1:3.5.12-1ubuntu0.20.04.2 1.187.6~20.04.1+2.06-2ubuntu14.4 4.93-13ubuntu1.8 2:2.2.12-1ubuntu0.20 5.15.0-1030.35~20.04.1 5.15.0-1040.43~20.04.1 5.15.0-1044.52~20.04.1 5.15.0-1047.52~20.04.1 5.15.0-1049.56~20.04.1 5.15.0-1049.56~20.04.1.1 5.15.0-86.95~20.04.1 5.15.0-1045.51~20.04.1 5.15.0-86.96~20.04.1 5.4.0-1023.24 5.4.0-1031.35 5.4.0-1058.63 5.4.0-1072.78 5.4.0-1078.82 5.4.0-1095.106 5.4.0-1100.106 5.4.0-1110.119 5.4.0-1111.120 5.4.0-1115.124 5.4.0-1117.124 5.4.0-164.181 10.19.0~dfsg-3ubuntu1.2 1.12.1+dfsg-5ubuntu0.20.04.1 2:8.1.2269-1ubuntu5.18 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1 2.2.1-2ubuntu0.1 1.17.0-4ubuntu0.2 2:4.15.13+dfsg-0ubuntu0.20.04.6 2:4.15.13+dfsg-0ubuntu0.20.04.7 4.1.0+git191117-2ubuntu0.20.04.10 7.68.0-1ubuntu2.20 7:4.2.7-0ubuntu0.1+esm2 3.7-3ubuntu0.1~esm1 1.2.4-4ubuntu0.1 9.50~dfsg-5ubuntu4.11 3.1.5-1ubuntu0.1~esm1 1.1.1f-1ubuntu2.20 7.2.1-1ubuntu0.2+esm1 5.4.0-1032.36 5.4.0-1059.64 5.4.0-1079.83 5.4.0-1101.107 5.4.0-1111.120 5.4.0-1112.121 5.4.0-1116.125 5.4.0-1118.125 5.4.0-165.182 5.4.0-1024.25 5.4.0-1096.107 5.4.0-1073.79 5.15.0-1043.49~20.04.1 5.15.0-1041.44~20.04.1 5.15.0-1048.53~20.04.1 5.15.0-1050.57~20.04.1 5.15.0-1050.57~20.04.1.1 5.15.0-87.96~20.04.1 5.15.0-87.97~20.04.1 5.15.0-1031.37~20.04.1 5.15.0-1045.53~20.04.2 5.15.0-1046.52~20.04.1 1.0.0.errata1-3+deb11u1build0.20.04.1 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 7:4.2.7-0ubuntu0.1+esm3 7:4.2.7-0ubuntu0.1+esm4 2:8.1.2269-1ubuntu5.20 2:1.20.13-1ubuntu1~20.04.9 4.93-13ubuntu1.9 119.0+build2-0ubuntu0.20.04.1 119.0.1+build1-0ubuntu0.20.04.1 19.05.5-1ubuntu0.1~esm2 8.0.35-0ubuntu0.20.04.1 5.4.0-1033.37 5.4.0-1060.65 5.4.0-1074.80 5.4.0-1080.84 5.4.0-1097.109 5.4.0-1102.108 5.4.0-1112.121 5.4.0-1113.123 5.4.0-1117.126 5.4.0-1119.126 5.4.0-166.183 5.4.0-1025.26 2:11.3.0-2ubuntu0~ubuntu20.04.7 5.15.0-1032.38~20.04.1 5.15.0-1042.45~20.04.1 5.15.0-1046.54~20.04.1 5.15.0-1047.53~20.04.1 5.15.0-1049.54~20.04.1 5.15.0-1051.59~20.04.1 5.15.0-1051.59~20.04.1.1 5.15.0-88.98~20.04.1 1.17-6ubuntu4.4 1:115.4.1+build1-0ubuntu0.20.04.1 0.9.12-1ubuntu0.1 1.4-28+deb10u1build0.20.04.1 1.0.28-7ubuntu0.2 2.5+dfsg-6+deb10u1build0.20.04.1 1.25.8-2ubuntu0.3 20.0.2-5ubuntu1.10 0.9.12-1ubuntu0.1+esm1 2:3.3.16-1ubuntu2.4 1:2.1.0-2ubuntu0.20.04.1~esm1 1.2.4-4ubuntu0.4 2:5.6.0-11ubuntu0.20.04.1 3.20231114.0ubuntu0.20.04.1 0.7-4ubuntu7.3 5.8.2-1ubuntu3.6 7-1ubuntu0.2 10.19.0~dfsg-3ubuntu1.3 1.6.9-1ubuntu0.1~esm1 1.0.1-0ubuntu1.20.04.2 5.4.0-1026.27 5.4.0-1034.38 5.4.0-1061.66 5.4.0-1075.81 5.4.0-1098.110 5.4.0-1103.110 5.4.0-1113.122 5.4.0-1114.124 5.4.0-167.184 5.4.0-1081.85 5.4.0-1118.127 5.4.0-1120.127 5.15.0-1043.46~20.04.1 5.15.0-1048.54~20.04.1 5.15.0-1050.55~20.04.1 5.15.0-89.99~20.04.1 5.15.0-1033.39~20.04.1 5.15.0-1047.55~20.04.1 5.15.0-1052.60~20.04.1 5.15.0-1052.60~20.04.1.1 3.6.13-2ubuntu1.9 4.10-1ubuntu1.8 3.8.2-0ubuntu1.5 1.40.0-1ubuntu0.2 2.4.41-4ubuntu3.15 0.86.1-0ubuntu1.4 120.0+build2-0ubuntu0.20.04.1 120.0.1+build1-0ubuntu0.20.04.1 0.8.3-1ubuntu12.16 4.1.0+git191117-2ubuntu0.20.04.11 3.8.10-0ubuntu1~20.04.9 2.13.8-0ubuntu1.3 1:115.5.0+build1-0ubuntu0.20.04.1 5.15.0-1045.51~20.04.1 5.30.0-9ubuntu0.5 2.10.18-1ubuntu0.1 2.2.0+dfsg1-0ubuntu0.20.04.6 7.3.1+dfsg-4ubuntu0.1 1.0.2-4ubuntu0.1 1.16.3-0ubuntu1.1 11.0.21+9-0ubuntu1~20.04 17.0.9+9-1~20.04 8u392-ga-1~20.04 4.4.3-2+deb10u3build0.20.04.1 2.0.31-0ubuntu0.3 5:5.0.7-2ubuntu0.1+esm2 7.68.0-1ubuntu2.21 12.17-0ubuntu0.20.04.1 2.8-3ubuntu0.2 5.53-0ubuntu3.7 2.31-0ubuntu9.14 2.6.2-4+deb10u1build0.20.04.1 1.30+dfsg-7ubuntu0.20.04.4 2.34-6ubuntu1.7 0.9+LibO6.4.7-0ubuntu0.20.04.9 1.2.0+LibO6.4.7-0ubuntu0.20.04.9 1:6.4.7-0ubuntu0.20.04.9 2:102.11+LibO6.4.7-0ubuntu0.20.04.9 5.4.0-1035.39 5.4.0-1063.68 5.4.0-1076.82 5.4.0-1104.111 5.4.0-1116.126 5.4.0-1120.129 5.4.0-1121.128 5.4.0-169.187 5.4.0-1100.112 5.4.0-1115.124 5.4.0-1083.87 5.4.0-1028.29 5.15.0-1044.47~20.04.1 5.15.0-1049.55~20.04.1 5.15.0-1051.56~20.04.1 5.15.0-1053.61~20.04.1 5.15.0-1053.61~20.04.1.1 5.15.0-91.101~20.04.1 5.15.0-1034.40~20.04.1 5.15.0-91.101~20.04.1 5.15.0-1046.52~20.04.1 5.15.0-1048.56~20.04.1 3.2.1-3ubuntu0.1~esm1 3.1.12~ds-4ubuntu0.20.04.3 1.2-1ubuntu0.1~esm1 1:3.36.5-0ubuntu4.1 2:1.20.13-1ubuntu1~20.04.12 2:8.1.2269-1ubuntu5.21 0.3.6-5+deb10u1build0.20.04.1 3.4.13-5ubuntu0.1 1:8.2p1-4ubuntu0.10 0.9.3-2ubuntu2.4 121.0+build1-0ubuntu0.20.04.1 121.0.1+build1-0ubuntu0.20.04.1 1:115.6.0+build2-0ubuntu0.20.04.1 1:8.2p1-4ubuntu0.11 3.31.1-4ubuntu0.6 1:4.2-3ubuntu6.28 0.103.11+dfsg-0ubuntu0.20.04.1 0.103.11-0ubuntu0.20.04.1 1:5.26.0-4ubuntu0.1~esm1 1.20.3-1ubuntu0.1~20.04.1 1.21.1-1~ubuntu20.04.2 18.9.0-11ubuntu0.20.04.3 3.2.2+debian-1ubuntu0.1 0.5.3-37ubuntu0.2 2.34-6ubuntu1.8 1.2.10-7+deb9u2build0.20.04.1 3.18.0+ds2-1ubuntu3.1 2:1.20.13-1ubuntu1~20.04.14 2:1.20.13-1ubuntu1~20.04.15 1.3.1-5ubuntu4.7 3.46.3-1ubuntu0.1 3.2.2+debian-1ubuntu0.2 3.4.13-0ubuntu1.3 3.4.13-0ubuntu1.4 0.9.3-2ubuntu2.5 3.6.13-2ubuntu1.10 4.10-1ubuntu1.9 0.4-1+deb10u1build0.20.04.1 2.6.0-2ubuntu0.3 2.10.1-2ubuntu0.2 1:10.3.39-0ubuntu0.20.04.2 5.4.0-1029.30 5.4.0-1036.40 5.4.0-1064.69 5.4.0-1077.83 5.4.0-1084.88 5.4.0-1101.113 5.4.0-1116.125 5.4.0-1117.127 5.4.0-1121.130 5.4.0-1122.129 5.4.0-170.188 5.4.0-1105.112 5.15.0-1054.62~20.04.1 5.15.0-1054.62~20.04.1.1 5.15.0-1035.41~20.04.1 5.15.0-1045.48~20.04.1 5.15.0-1049.57~20.04.1 5.15.0-1052.57~20.04.1 5.15.0-92.102~20.04.1 5.15.0-1050.56~20.04.1 122.0+build2-0ubuntu0.20.04.1 122.0.1+build1-0ubuntu0.20.04.1 4.93-13ubuntu1.10 2.6.2-4+deb10u2build0.20.04.1 15.2.17-0ubuntu0.20.04.6 1:3.5.1-2ubuntu0.4 8.0.36-0ubuntu0.20.04.1 2.4.49+dfsg-2ubuntu1.10 1.0.4-1ubuntu0.1 7.0.0-4ubuntu0.8 1.1.7-0ubuntu1~20.04.2 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 1.1.1f-1ubuntu2.21 2:2.2.12-1ubuntu0.21 5.4.0-1030.31 5.4.0-1037.41 5.4.0-1065.70 5.4.0-1078.84 5.4.0-1085.89 5.4.0-1106.113 5.4.0-1117.126 5.4.0-1118.128 5.4.0-1123.130 5.4.0-171.189 5.4.0-1122.131 5.4.0-1102.114 5.15.0-1036.42~20.04.1 5.15.0-1046.49~20.04.1 5.15.0-1051.57~20.04.1 5.15.0-1051.59~20.04.1 5.15.0-1053.58~20.04.1 5.15.0-94.104~20.04.1 5.15.0-1056.64~20.04.1 5.15.0-1056.64~20.04.1.1 1.0.4-1ubuntu0.2 5.15.0-1048.54~20.04.1 1.35-4ubuntu0.1 1.35-4ubuntu0.1+esm1 2.0.0-0ubuntu4.3 0~20191122.bd85bf54-2ubuntu3.5 1:4.8.1-1ubuntu5.20.04.5 1:9.16.48-0ubuntu0.20.04.1 1.1.5-5ubuntu0.1~esm1 4.1.0+git191117-2ubuntu0.20.04.12 5.4.0-1031.32 5.4.0-1038.42 5.4.0-1066.71 5.4.0-1079.85 5.4.0-1086.90 5.4.0-1103.115 5.4.0-1107.114 5.4.0-1118.127 5.4.0-1119.129 5.4.0-1123.132 5.4.0-172.190 5.4.0-1124.131 123.0+build3-0ubuntu0.20.04.1 123.0.1+build1-0ubuntu0.20.04.1 5.15.0-1037.43~20.04.1 5.15.0-1047.50~20.04.1 5.15.0-1049.55~20.04.1 5.15.0-1052.58~20.04.1 5.15.0-1052.60~20.04.1 5.15.0-1057.65~20.04.1 5.15.0-1057.65~20.04.1.1 5.15.0-97.107~20.04.1 5.15.0-1055.60~20.04.1 1.4.3+dfsg.1-1ubuntu0.1~esm3 2.34-6ubuntu1.9 12.18-0ubuntu0.20.04.1 2.90-0ubuntu0.20.04.1 2.9.10+dfsg-5ubuntu0.20.04.7 1.0.4-1ubuntu0.3 11.0.22+7-0ubuntu2~20.04.1 17.0.10+7-1~20.04.1 21.0.2+13-1~20.04.1 1.1.1f-1ubuntu2.22 551-1ubuntu0.2 1.9.4-2ubuntu1.5 1.34.2-1ubuntu1.5 4.19-1ubuntu0.1 5.2.0-0ubuntu1.20.04.2 1:115.8.1+build1-0ubuntu0.20.04.1 1.4.2-0.1+deb10u2build0.20.04.1 10.19.0~dfsg-3ubuntu1.5 2.8-3ubuntu0.3 2:2.2.12-1ubuntu0.22 1.10.3-1ubuntu0.20.04.1 1.15.0-1ubuntu0.5 1.0.4-1ubuntu0.4 0.28.4+dfsg.1-2ubuntu0.1 5.4.0-1032.33 5.4.0-1087.91 5.4.0-1104.116 5.4.0-1108.115 5.4.0-1124.133 5.4.0-173.191 5.4.0-1039.43 5.4.0-1080.87 5.4.0-1067.72 5.4.0-1119.128 5.4.0-1120.130 3.12.4-1ubuntu2+esm1 2.23-1ubuntu0.1~esm1 1.14-1+deb10u1build0.20.04.1 5.15.0-100.110~20.04.1 5.15.0-1038.44~20.04.1 5.15.0-1048.51~20.04.1 5.15.0-1053.61~20.04.1 5.15.0-1058.66~20.04.2 5.15.0-1058.66~20.04.2.1 5.15.0-1053.59~20.04.1 5.15.0-1050.56~20.04.1 0.6.55-0ubuntu12~20.04.7 2.13.8-0ubuntu1.4 20.03.2-0ubuntu0.20.04.5 2.8.5-3+deb10u1build0.20.04.1 2019.20190605.51237-3ubuntu0.2 8u402-ga-2ubuntu1~20.04 2:8.1.2269-1ubuntu5.22 5.4.0-1033.34 5.4.0-1068.73 5.4.0-1081.88 5.4.0-1088.92 5.4.0-1109.116 5.4.0-1120.129 5.4.0-1125.134 5.4.0-174.193 5.4.0-1040.44 5.4.0-1105.117 5.4.0-1121.131 124.0+build1-0ubuntu0.20.04.1 5.15.0-101.111~20.04.1 5.15.0-1039.45~20.04.1 5.15.0-1049.52~20.04.1 5.15.0-1054.62~20.04.1 5.15.0-1059.67~20.04.1 5.15.0-1059.67~20.04.1.1 5.15.0-1054.60~20.04.1 5.15.0-1051.57~20.04.1 5.15.0-1056.61~20.04.1 2.42.2-3ubuntu0.1~esm2 124.0.1+build1-0ubuntu0.20.04.1 124.0.2+build1-0ubuntu0.20.04.1 4.2.0-2ubuntu1.1 0.21-2ubuntu0.1 0.84ubuntu0.1 2.3.6-0.1ubuntu0.1 5.4.0-1126.133 1:115.9.0+build1-0ubuntu0.20.04.1 7.68.0-1ubuntu2.22 1:2.34-0.1ubuntu9.5 2.34-0.1ubuntu9.5 1:2.34-0.1ubuntu9.6 2.34-0.1ubuntu9.6 2:1.20.13-1ubuntu1~20.04.16 2:1.20.13-1ubuntu1~20.04.17 5.15.0-102.112~20.04.1 5.15.0-1040.46~20.04.1 5.15.0-1050.53~20.04.1 5.15.0-1052.58~20.04.1 5.15.0-1055.61~20.04.1 5.15.0-1055.63~20.04.1 5.15.0-1060.69~20.04.1 5.15.0-1060.69~20.04.1.1 5.15.0-1057.63~20.04.1 5.4.0-1069.74 5.4.0-1082.89 5.4.0-1089.93 5.4.0-1106.118 5.4.0-1110.117 5.4.0-1121.130 5.4.0-1122.132 5.4.0-1126.135 5.4.0-1127.134 5.4.0-176.196 5.4.0-1034.35 5.4.0-1041.45 2:3.98-0ubuntu0.20.04.1 2:3.98-0ubuntu0.20.04.2 4.10-1ubuntu1.10 4.10-1ubuntu1.11 4.10-1ubuntu1.12 2.4.41-4ubuntu3.17 3.3.0-1ubuntu0.20.04.1 0.9.24-1+deb11u1build0.20.04.1 3.6.13-2ubuntu1.11 6.0.0-0ubuntu8.19 10.19.0~dfsg-3ubuntu1.6 2.0.7-1ubuntu5.2 2.31-0ubuntu9.15 5.4.0-1035.36 5.4.0-1042.46 5.4.0-1070.75 5.4.0-1083.90 5.4.0-1090.94 5.4.0-1107.119 5.4.0-1111.118 5.4.0-1122.131 5.4.0-1123.133 5.4.0-1127.136 5.4.0-1128.135 5.4.0-177.197 5.15.0-1043.50~20.04.1 5.15.0-105.115~20.04.1 5.15.0-1053.56~20.04.1 5.15.0-1055.61~20.04.1 5.15.0-1058.64~20.04.1 5.15.0-1058.66~20.04.1 5.15.0-1061.70~20.04.1 5.15.0-1061.70~20.04.1.1 7.0.0-4ubuntu0.9 6.2.1-3ubuntu0.1~esm2 125.0.2+build1-0ubuntu0.20.04.2 125.0.3+build1-0ubuntu0.20.04.1 4.6.6-2.1~0.20.04.2 2.6.1+dfsg1-0ubuntu0.20.04.1 1:115.10.1+build1-0ubuntu0.20.04.1 1:4.0.17+dfsg-1ubuntu0.1~esm2 2.6.1+dfsg1-0ubuntu0.20.04.2 3.1.2+dfsg-2ubuntu0.20.04.1 1.40.0-1ubuntu0.3 2.13+dfsg-2ubuntu0.4 551-1ubuntu0.3 7.4.3-4ubuntu2.21 7.4.3-4ubuntu2.22 0.5.1-3ubuntu0.1 2.7.0-1ubuntu0.2 2.0.6-1ubuntu0.1 ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^file-roller(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^re2c(?::\w+|)\s+(.*)$ ^libopenexr-dev(?::\w+|)\s+(.*)$ ^openexr(?::\w+|)\s+(.*)$ ^libopenexr24(?::\w+|)\s+(.*)$ ^openexr-doc(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libpulse0(?::\w+|)\s+(.*)$ ^pulseaudio-module-zeroconf(?::\w+|)\s+(.*)$ ^pulseaudio-module-gsettings(?::\w+|)\s+(.*)$ ^pulseaudio-module-bluetooth(?::\w+|)\s+(.*)$ ^libpulse-dev(?::\w+|)\s+(.*)$ ^pulseaudio-utils(?::\w+|)\s+(.*)$ ^pulseaudio-module-raop(?::\w+|)\s+(.*)$ ^pulseaudio(?::\w+|)\s+(.*)$ ^libpulsedsp(?::\w+|)\s+(.*)$ ^pulseaudio-equalizer(?::\w+|)\s+(.*)$ ^libpulse-mainloop-glib0(?::\w+|)\s+(.*)$ ^pulseaudio-module-lirc(?::\w+|)\s+(.*)$ ^pulseaudio-module-jack(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^libexif-doc(?::\w+|)\s+(.*)$ ^libexif-dev(?::\w+|)\s+(.*)$ ^libexif12(?::\w+|)\s+(.*)$ ^apt-doc(?::\w+|)\s+(.*)$ ^libapt-pkg6.0(?::\w+|)\s+(.*)$ ^apt-transport-https(?::\w+|)\s+(.*)$ ^libapt-pkg-doc(?::\w+|)\s+(.*)$ ^apt(?::\w+|)\s+(.*)$ ^apt-utils(?::\w+|)\s+(.*)$ ^libapt-pkg-dev(?::\w+|)\s+(.*)$ ^libjson-c4-udeb(?::\w+|)\s+(.*)$ ^libjson-c-doc(?::\w+|)\s+(.*)$ ^libjson-c-dev(?::\w+|)\s+(.*)$ ^libjson-c4(?::\w+|)\s+(.*)$ ^libjson-c4-udeb(?::\w+|)\s+(.*)$ ^libjson-c-doc(?::\w+|)\s+(.*)$ ^libjson-c-dev(?::\w+|)\s+(.*)$ ^libjson-c4(?::\w+|)\s+(.*)$ ^libjson-c4-udeb(?::\w+|)\s+(.*)$ ^libjson-c-doc(?::\w+|)\s+(.*)$ ^libjson-c-dev(?::\w+|)\s+(.*)$ ^libjson-c4(?::\w+|)\s+(.*)$ ^dovecot-auth-lua(?::\w+|)\s+(.*)$ ^dovecot-pgsql(?::\w+|)\s+(.*)$ ^dovecot-mysql(?::\w+|)\s+(.*)$ ^dovecot-sieve(?::\w+|)\s+(.*)$ ^dovecot-core(?::\w+|)\s+(.*)$ ^dovecot-ldap(?::\w+|)\s+(.*)$ ^dovecot-sqlite(?::\w+|)\s+(.*)$ ^dovecot-dev(?::\w+|)\s+(.*)$ ^dovecot-pop3d(?::\w+|)\s+(.*)$ ^dovecot-imapd(?::\w+|)\s+(.*)$ ^dovecot-managesieved(?::\w+|)\s+(.*)$ ^dovecot-lucene(?::\w+|)\s+(.*)$ ^mail-stack-delivery(?::\w+|)\s+(.*)$ ^dovecot-gssapi(?::\w+|)\s+(.*)$ ^dovecot-solr(?::\w+|)\s+(.*)$ ^dovecot-submissiond(?::\w+|)\s+(.*)$ ^dovecot-lmtpd(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-memif20.0(?::\w+|)\s+(.*)$ ^dpdk-igb-uio-dkms(?::\w+|)\s+(.*)$ ^librte-pmd-iavf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-af-packet20.0(?::\w+|)\s+(.*)$ ^librte-pmd-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-event20.0(?::\w+|)\s+(.*)$ ^librte-bus-ifpga20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-stack0.200(?::\w+|)\s+(.*)$ ^librte-pmd-e1000-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-null20.0(?::\w+|)\s+(.*)$ ^librte-pipeline20.0(?::\w+|)\s+(.*)$ ^librte-sched20.0(?::\w+|)\s+(.*)$ ^librte-distributor20.0(?::\w+|)\s+(.*)$ ^librte-efd20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ark20.0(?::\w+|)\s+(.*)$ ^librte-gro20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sfc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-failsafe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pcap20.0(?::\w+|)\s+(.*)$ ^librte-rawdev20.0(?::\w+|)\s+(.*)$ ^librte-meter20.0(?::\w+|)\s+(.*)$ ^librte-hash20.0(?::\w+|)\s+(.*)$ ^librte-ring20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-telemetry0.200(?::\w+|)\s+(.*)$ ^librte-rawdev-skeleton20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bond20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hinic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-skeleton-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-mlx5-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-cmdif20.0(?::\w+|)\s+(.*)$ ^librte-pmd-fm10k20.0(?::\w+|)\s+(.*)$ ^librte-cryptodev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-i40e20.0(?::\w+|)\s+(.*)$ ^librte-cmdline20.0(?::\w+|)\s+(.*)$ ^librte-jobstats20.0(?::\w+|)\s+(.*)$ ^dpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-ccp20.0(?::\w+|)\s+(.*)$ ^librte-pmd-atlantic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sw-event20.0(?::\w+|)\s+(.*)$ ^librte-ip-frag20.0(?::\w+|)\s+(.*)$ ^librte-pmd-isal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dsw-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nitrox20.0(?::\w+|)\s+(.*)$ ^librte-pmd-kni20.0(?::\w+|)\s+(.*)$ ^librte-mempool-bucket20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-event20.0(?::\w+|)\s+(.*)$ ^librte-gso20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vdev-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-openssl20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnx2x20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-compress20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ioat20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-latencystats20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-kvargs20.0(?::\w+|)\s+(.*)$ ^librte-bus-fslmc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-avp20.0(?::\w+|)\s+(.*)$ ^librte-pdump20.0(?::\w+|)\s+(.*)$ ^librte-metrics20.0(?::\w+|)\s+(.*)$ ^librte-bbdev0.200(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-sec20.0(?::\w+|)\s+(.*)$ ^librte-bus-vmbus20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnxt20.0(?::\w+|)\s+(.*)$ ^librte-timer20.0(?::\w+|)\s+(.*)$ ^librte-cfgfile20.0(?::\w+|)\s+(.*)$ ^librte-rcu0.200(?::\w+|)\s+(.*)$ ^librte-pmd-qat20.0(?::\w+|)\s+(.*)$ ^librte-mempool20.0(?::\w+|)\s+(.*)$ ^libdpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-null20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio20.0(?::\w+|)\s+(.*)$ ^librte-pmd-axgbe20.0(?::\w+|)\s+(.*)$ ^librte-port20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-mb20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ntb20.0(?::\w+|)\s+(.*)$ ^librte-pmd-softnic20.0(?::\w+|)\s+(.*)$ ^dpdk-doc(?::\w+|)\s+(.*)$ ^librte-pmd-mlx4-20.0(?::\w+|)\s+(.*)$ ^librte-net20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-fpga-lte-fec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-null-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ena20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ice20.0(?::\w+|)\s+(.*)$ ^librte-common-dpaax20.0(?::\w+|)\s+(.*)$ ^librte-member20.0(?::\w+|)\s+(.*)$ ^librte-bus-pci20.0(?::\w+|)\s+(.*)$ ^librte-kni20.0(?::\w+|)\s+(.*)$ ^librte-pmd-thunderx20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx20.0(?::\w+|)\s+(.*)$ ^dpdk(?::\w+|)\s+(.*)$ ^librte-pmd-ifc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-opdl-event20.0(?::\w+|)\s+(.*)$ ^librte-pci20.0(?::\w+|)\s+(.*)$ ^librte-eal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-turbo-sw20.0(?::\w+|)\s+(.*)$ ^librte-ethdev20.0(?::\w+|)\s+(.*)$ ^librte-table20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hns3-20.0(?::\w+|)\s+(.*)$ ^librte-ipsec0.200(?::\w+|)\s+(.*)$ ^librte-pmd-zlib20.0(?::\w+|)\s+(.*)$ ^librte-bitratestats20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-sec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-caam-jr20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-octeontx2-dma20.0(?::\w+|)\s+(.*)$ ^librte-mbuf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-event20.0(?::\w+|)\s+(.*)$ ^librte-mempool-stack20.0(?::\w+|)\s+(.*)$ ^librte-power20.0(?::\w+|)\s+(.*)$ ^librte-pmd-liquidio20.0(?::\w+|)\s+(.*)$ ^librte-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio-crypto20.0(?::\w+|)\s+(.*)$ ^librte-reorder20.0(?::\w+|)\s+(.*)$ ^librte-pmd-qede20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pfe20.0(?::\w+|)\s+(.*)$ ^librte-flow-classify0.200(?::\w+|)\s+(.*)$ ^librte-rib0.200(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-cxgbe20.0(?::\w+|)\s+(.*)$ ^librte-mempool-ring20.0(?::\w+|)\s+(.*)$ ^librte-acl20.0(?::\w+|)\s+(.*)$ ^librte-common-cpt20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-gcm20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-qdma20.0(?::\w+|)\s+(.*)$ ^librte-lpm20.0(?::\w+|)\s+(.*)$ ^librte-pmd-tap20.0(?::\w+|)\s+(.*)$ ^librte-eventdev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nfp20.0(?::\w+|)\s+(.*)$ ^librte-bus-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ring20.0(?::\w+|)\s+(.*)$ ^librte-bus-vdev20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ixgbe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vmxnet3-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-crypto-scheduler20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enetc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-crypto20.0(?::\w+|)\s+(.*)$ ^librte-security20.0(?::\w+|)\s+(.*)$ ^librte-compressdev0.200(?::\w+|)\s+(.*)$ ^librte-fib0.200(?::\w+|)\s+(.*)$ ^librte-bpf0.200(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp|-kvm|-oracle|-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python-unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^ca-certificates-udeb(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^libturbojpeg0-dev(?::\w+|)\s+(.*)$ ^libjpeg-turbo8-dev(?::\w+|)\s+(.*)$ ^libjpeg-turbo-progs(?::\w+|)\s+(.*)$ ^libturbojpeg(?::\w+|)\s+(.*)$ ^libjpeg-turbo8(?::\w+|)\s+(.*)$ ^libjpeg-turbo-test(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp|-kvm|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^gir1.2-fwupdplugin-1.0(?::\w+|)\s+(.*)$ ^fwupd-amd64-signed-template(?::\w+|)\s+(.*)$ ^libfwupd-dev(?::\w+|)\s+(.*)$ ^fwupd-armhf-signed-template(?::\w+|)\s+(.*)$ ^gir1.2-fwupd-2.0(?::\w+|)\s+(.*)$ ^fwupd-tests(?::\w+|)\s+(.*)$ ^fwupd-doc(?::\w+|)\s+(.*)$ ^fwupd-arm64-signed-template(?::\w+|)\s+(.*)$ ^libfwupdplugin-dev(?::\w+|)\s+(.*)$ ^libfwupdplugin1(?::\w+|)\s+(.*)$ ^fwupd(?::\w+|)\s+(.*)$ ^libfwupd2(?::\w+|)\s+(.*)$ ^libexif-doc(?::\w+|)\s+(.*)$ ^libexif-dev(?::\w+|)\s+(.*)$ ^libexif12(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^dbus-1-doc(?::\w+|)\s+(.*)$ ^dbus(?::\w+|)\s+(.*)$ ^libdbus-1-dev(?::\w+|)\s+(.*)$ ^dbus-udeb(?::\w+|)\s+(.*)$ ^dbus-user-session(?::\w+|)\s+(.*)$ ^libdbus-1-3-udeb(?::\w+|)\s+(.*)$ ^dbus-x11(?::\w+|)\s+(.*)$ ^dbus-tests(?::\w+|)\s+(.*)$ ^libdbus-1-3(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^nfs-kernel-server(?::\w+|)\s+(.*)$ ^nfs-common(?::\w+|)\s+(.*)$ ^mutt(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^mutt(?::\w+|)\s+(.*)$ ^libnvidia-common-390(?::\w+|)\s+(.*)$ ^nvidia-384(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-gl-390(?::\w+|)\s+(.*)$ ^libnvidia-compute-390(?::\w+|)\s+(.*)$ ^nvidia-dkms-390(?::\w+|)\s+(.*)$ ^nvidia-driver-390(?::\w+|)\s+(.*)$ ^nvidia-opencl-icd-384(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-390(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-390(?::\w+|)\s+(.*)$ ^libnvidia-encode-390(?::\w+|)\s+(.*)$ ^nvidia-libopencl1-384(?::\w+|)\s+(.*)$ ^nvidia-384-dev(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-390(?::\w+|)\s+(.*)$ ^nvidia-headless-390(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-390(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-390(?::\w+|)\s+(.*)$ ^libnvidia-decode-390(?::\w+|)\s+(.*)$ ^libcuda1-384(?::\w+|)\s+(.*)$ ^nvidia-utils-390(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440(?::\w+|)\s+(.*)$ ^libnvidia-decode-440(?::\w+|)\s+(.*)$ ^libnvidia-gl-430(?::\w+|)\s+(.*)$ ^libnvidia-common-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-430(?::\w+|)\s+(.*)$ ^libnvidia-encode-440(?::\w+|)\s+(.*)$ ^nvidia-dkms-440(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-430(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-430(?::\w+|)\s+(.*)$ ^nvidia-utils-430(?::\w+|)\s+(.*)$ ^libnvidia-encode-430(?::\w+|)\s+(.*)$ ^nvidia-headless-440(?::\w+|)\s+(.*)$ ^libnvidia-extra-440(?::\w+|)\s+(.*)$ ^libnvidia-compute-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-430(?::\w+|)\s+(.*)$ ^nvidia-utils-440(?::\w+|)\s+(.*)$ ^nvidia-driver-440(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-430(?::\w+|)\s+(.*)$ ^nvidia-driver-430(?::\w+|)\s+(.*)$ ^libnvidia-common-430(?::\w+|)\s+(.*)$ ^libnvidia-decode-430(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-430(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-430(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440(?::\w+|)\s+(.*)$ ^libnvidia-compute-430(?::\w+|)\s+(.*)$ ^nvidia-dkms-430(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-430(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440(?::\w+|)\s+(.*)$ ^libnvidia-gl-440(?::\w+|)\s+(.*)$ ^nvidia-headless-430(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^glib-networking(?::\w+|)\s+(.*)$ ^glib-networking-services(?::\w+|)\s+(.*)$ ^glib-networking-tests(?::\w+|)\s+(.*)$ ^glib-networking-common(?::\w+|)\s+(.*)$ ^libvncserver1(?::\w+|)\s+(.*)$ ^libvncserver-dev(?::\w+|)\s+(.*)$ ^libvncclient1(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^snmptrapd(?::\w+|)\s+(.*)$ ^libsnmp-dev(?::\w+|)\s+(.*)$ ^libsnmp-base(?::\w+|)\s+(.*)$ ^snmp(?::\w+|)\s+(.*)$ ^libsnmp-perl(?::\w+|)\s+(.*)$ ^tkmib(?::\w+|)\s+(.*)$ ^snmpd(?::\w+|)\s+(.*)$ ^libsnmp35(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^coturn(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^libopenexr-dev(?::\w+|)\s+(.*)$ ^openexr(?::\w+|)\s+(.*)$ ^libopenexr24(?::\w+|)\s+(.*)$ ^openexr-doc(?::\w+|)\s+(.*)$ ^cinder-backup(?::\w+|)\s+(.*)$ ^cinder-api(?::\w+|)\s+(.*)$ ^cinder-volume(?::\w+|)\s+(.*)$ ^cinder-common(?::\w+|)\s+(.*)$ ^python3-cinder(?::\w+|)\s+(.*)$ ^cinder-scheduler(?::\w+|)\s+(.*)$ ^os-brick-common(?::\w+|)\s+(.*)$ ^python-os-brick-doc(?::\w+|)\s+(.*)$ ^python3-os-brick(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^libedataserver-1.2-24(?::\w+|)\s+(.*)$ ^libedata-cal2.0-dev(?::\w+|)\s+(.*)$ ^libebackend-1.2-10(?::\w+|)\s+(.*)$ ^libebook1.2-dev(?::\w+|)\s+(.*)$ ^evolution-data-server-tests(?::\w+|)\s+(.*)$ ^gir1.2-camel-1.2(?::\w+|)\s+(.*)$ ^libedata-cal-2.0-1(?::\w+|)\s+(.*)$ ^gir1.2-ecal-2.0(?::\w+|)\s+(.*)$ ^libebook-contacts-1.2-3(?::\w+|)\s+(.*)$ ^libedata-book1.2-dev(?::\w+|)\s+(.*)$ ^libebackend1.2-dev(?::\w+|)\s+(.*)$ ^libebook-1.2-20(?::\w+|)\s+(.*)$ ^libcamel1.2-dev(?::\w+|)\s+(.*)$ ^gir1.2-ebackend-1.2(?::\w+|)\s+(.*)$ ^gir1.2-edatacal-2.0(?::\w+|)\s+(.*)$ ^gir1.2-edatabook-1.2(?::\w+|)\s+(.*)$ ^gir1.2-edataserver-1.2(?::\w+|)\s+(.*)$ ^libecal2.0-dev(?::\w+|)\s+(.*)$ ^libedataserver1.2-dev(?::\w+|)\s+(.*)$ ^libebook-contacts1.2-dev(?::\w+|)\s+(.*)$ ^gir1.2-ebookcontacts-1.2(?::\w+|)\s+(.*)$ ^libedata-book-1.2-26(?::\w+|)\s+(.*)$ ^libedataserverui-1.2-2(?::\w+|)\s+(.*)$ ^libcamel-1.2-62(?::\w+|)\s+(.*)$ ^evolution-data-server(?::\w+|)\s+(.*)$ ^evolution-data-server-common(?::\w+|)\s+(.*)$ ^gir1.2-edataserverui-1.2(?::\w+|)\s+(.*)$ ^libedataserverui1.2-dev(?::\w+|)\s+(.*)$ ^libecal-2.0-1(?::\w+|)\s+(.*)$ ^evolution-data-server-doc(?::\w+|)\s+(.*)$ ^evolution-data-server-dev(?::\w+|)\s+(.*)$ ^gir1.2-ebook-1.2(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed(?::\w+|)\s+(.*)$ ^grub-firmware-qemu(?::\w+|)\s+(.*)$ ^grub-ieee1275(?::\w+|)\s+(.*)$ ^grub-efi-amd64(?::\w+|)\s+(.*)$ ^grub2-common(?::\w+|)\s+(.*)$ ^grub-uboot-bin(?::\w+|)\s+(.*)$ ^grub-common(?::\w+|)\s+(.*)$ ^grub-efi-amd64-bin(?::\w+|)\s+(.*)$ ^grub-pc-bin(?::\w+|)\s+(.*)$ ^grub-theme-starfield(?::\w+|)\s+(.*)$ ^grub-efi-arm(?::\w+|)\s+(.*)$ ^grub2(?::\w+|)\s+(.*)$ ^grub-xen-host(?::\w+|)\s+(.*)$ ^grub-efi-arm64-bin(?::\w+|)\s+(.*)$ ^grub-pc(?::\w+|)\s+(.*)$ ^grub-emu(?::\w+|)\s+(.*)$ ^grub-efi-arm-bin(?::\w+|)\s+(.*)$ ^grub-linuxbios(?::\w+|)\s+(.*)$ ^grub-xen(?::\w+|)\s+(.*)$ ^grub-uboot(?::\w+|)\s+(.*)$ ^grub-efi-ia32(?::\w+|)\s+(.*)$ ^grub-coreboot(?::\w+|)\s+(.*)$ ^grub-efi-ia32-bin(?::\w+|)\s+(.*)$ ^grub-ieee1275-bin(?::\w+|)\s+(.*)$ ^grub-xen-bin(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed-template(?::\w+|)\s+(.*)$ ^grub-rescue-pc(?::\w+|)\s+(.*)$ ^grub-mount-udeb(?::\w+|)\s+(.*)$ ^grub-coreboot-bin(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed-template(?::\w+|)\s+(.*)$ ^grub-efi-arm64(?::\w+|)\s+(.*)$ ^grub-efi(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed(?::\w+|)\s+(.*)$ ^grub-firmware-qemu(?::\w+|)\s+(.*)$ ^grub-ieee1275(?::\w+|)\s+(.*)$ ^grub-efi-amd64(?::\w+|)\s+(.*)$ ^grub2-common(?::\w+|)\s+(.*)$ ^grub-uboot-bin(?::\w+|)\s+(.*)$ ^grub-common(?::\w+|)\s+(.*)$ ^grub-efi-amd64-bin(?::\w+|)\s+(.*)$ ^grub-pc-bin(?::\w+|)\s+(.*)$ ^grub-theme-starfield(?::\w+|)\s+(.*)$ ^grub-efi-arm(?::\w+|)\s+(.*)$ ^grub2(?::\w+|)\s+(.*)$ ^grub-xen-host(?::\w+|)\s+(.*)$ ^grub-efi-arm64-bin(?::\w+|)\s+(.*)$ ^grub-pc(?::\w+|)\s+(.*)$ ^grub-emu(?::\w+|)\s+(.*)$ ^grub-efi-arm-bin(?::\w+|)\s+(.*)$ ^grub-linuxbios(?::\w+|)\s+(.*)$ ^grub-xen(?::\w+|)\s+(.*)$ ^grub-uboot(?::\w+|)\s+(.*)$ ^grub-efi-ia32(?::\w+|)\s+(.*)$ ^grub-coreboot(?::\w+|)\s+(.*)$ ^grub-efi-ia32-bin(?::\w+|)\s+(.*)$ ^grub-ieee1275-bin(?::\w+|)\s+(.*)$ ^grub-xen-bin(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed-template(?::\w+|)\s+(.*)$ ^grub-rescue-pc(?::\w+|)\s+(.*)$ ^grub-mount-udeb(?::\w+|)\s+(.*)$ ^grub-coreboot-bin(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed-template(?::\w+|)\s+(.*)$ ^grub-efi-arm64(?::\w+|)\s+(.*)$ ^grub-efi(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^libvncserver1(?::\w+|)\s+(.*)$ ^libvncserver-dev(?::\w+|)\s+(.*)$ ^libvncclient1(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libslirp0(?::\w+|)\s+(.*)$ ^libslirp-dev(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^sympa(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^libssh-gcrypt-dev(?::\w+|)\s+(.*)$ ^libssh-doc(?::\w+|)\s+(.*)$ ^libssh-gcrypt-4(?::\w+|)\s+(.*)$ ^libssh-4(?::\w+|)\s+(.*)$ ^libssh-dev(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^whoopsie(?::\w+|)\s+(.*)$ ^libwhoopsie0(?::\w+|)\s+(.*)$ ^libwhoopsie-dev(?::\w+|)\s+(.*)$ ^ppp-udeb(?::\w+|)\s+(.*)$ ^ppp(?::\w+|)\s+(.*)$ ^ppp-dev(?::\w+|)\s+(.*)$ ^libvirt0(?::\w+|)\s+(.*)$ ^libvirt-dev(?::\w+|)\s+(.*)$ ^libnss-libvirt(?::\w+|)\s+(.*)$ ^libvirt-sanlock(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-systemd(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-xen(?::\w+|)\s+(.*)$ ^libvirt-daemon(?::\w+|)\s+(.*)$ ^libvirt-wireshark(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-rbd(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-qemu(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-gluster(?::\w+|)\s+(.*)$ ^libvirt-doc(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-vbox(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-sysv(?::\w+|)\s+(.*)$ ^libvirt-daemon-system(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-lxc(?::\w+|)\s+(.*)$ ^libvirt-clients(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-zfs(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^dovecot-auth-lua(?::\w+|)\s+(.*)$ ^dovecot-pgsql(?::\w+|)\s+(.*)$ ^dovecot-mysql(?::\w+|)\s+(.*)$ ^dovecot-sieve(?::\w+|)\s+(.*)$ ^dovecot-core(?::\w+|)\s+(.*)$ ^dovecot-ldap(?::\w+|)\s+(.*)$ ^dovecot-sqlite(?::\w+|)\s+(.*)$ ^dovecot-dev(?::\w+|)\s+(.*)$ ^dovecot-pop3d(?::\w+|)\s+(.*)$ ^dovecot-imapd(?::\w+|)\s+(.*)$ ^dovecot-managesieved(?::\w+|)\s+(.*)$ ^dovecot-lucene(?::\w+|)\s+(.*)$ ^mail-stack-delivery(?::\w+|)\s+(.*)$ ^dovecot-gssapi(?::\w+|)\s+(.*)$ ^dovecot-solr(?::\w+|)\s+(.*)$ ^dovecot-submissiond(?::\w+|)\s+(.*)$ ^dovecot-lmtpd(?::\w+|)\s+(.*)$ ^software-properties-common(?::\w+|)\s+(.*)$ ^software-properties-gtk(?::\w+|)\s+(.*)$ ^python3-software-properties(?::\w+|)\s+(.*)$ ^software-properties-qt(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^ark(?::\w+|)\s+(.*)$ ^gnome-shell(?::\w+|)\s+(.*)$ ^gnome-shell-common(?::\w+|)\s+(.*)$ ^gnome-shell-extension-prefs(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^libsane(?::\w+|)\s+(.*)$ ^libsane-common(?::\w+|)\s+(.*)$ ^libsane1(?::\w+|)\s+(.*)$ ^sane-utils(?::\w+|)\s+(.*)$ ^libsane-dev(?::\w+|)\s+(.*)$ ^snmptrapd(?::\w+|)\s+(.*)$ ^libsnmp-dev(?::\w+|)\s+(.*)$ ^libsnmp-base(?::\w+|)\s+(.*)$ ^snmp(?::\w+|)\s+(.*)$ ^libsnmp-perl(?::\w+|)\s+(.*)$ ^tkmib(?::\w+|)\s+(.*)$ ^snmpd(?::\w+|)\s+(.*)$ ^libsnmp35(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^chrony(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^python3-rsa(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^ark(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libx11-6(?::\w+|)\s+(.*)$ ^libx11-data(?::\w+|)\s+(.*)$ ^libx11-xcb-dev(?::\w+|)\s+(.*)$ ^libx11-xcb1(?::\w+|)\s+(.*)$ ^libx11-doc(?::\w+|)\s+(.*)$ ^libx11-6-udeb(?::\w+|)\s+(.*)$ ^libx11-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core-udeb(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core-udeb(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^cryptsetup(?::\w+|)\s+(.*)$ ^libcryptsetup12-udeb(?::\w+|)\s+(.*)$ ^cryptsetup-run(?::\w+|)\s+(.*)$ ^libcryptsetup12(?::\w+|)\s+(.*)$ ^libcryptsetup-dev(?::\w+|)\s+(.*)$ ^cryptsetup-udeb(?::\w+|)\s+(.*)$ ^cryptsetup-bin(?::\w+|)\s+(.*)$ ^cryptsetup-initramfs(?::\w+|)\s+(.*)$ ^gir1.2-gupnp-1.2(?::\w+|)\s+(.*)$ ^libgupnp-doc(?::\w+|)\s+(.*)$ ^libgupnp-1.2-dev(?::\w+|)\s+(.*)$ ^libgupnp-1.2-0(?::\w+|)\s+(.*)$ ^ruby-websocket-extensions(?::\w+|)\s+(.*)$ ^storebackup(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^libproxy-cil-dev(?::\w+|)\s+(.*)$ ^libproxy1v5(?::\w+|)\s+(.*)$ ^libproxy0.4-cil(?::\w+|)\s+(.*)$ ^libproxy1-plugin-gsettings(?::\w+|)\s+(.*)$ ^libproxy-dev(?::\w+|)\s+(.*)$ ^python3-libproxy(?::\w+|)\s+(.*)$ ^libproxy1-plugin-webkit(?::\w+|)\s+(.*)$ ^libproxy1-plugin-kconfig(?::\w+|)\s+(.*)$ ^libproxy1-plugin-mozjs(?::\w+|)\s+(.*)$ ^libproxy1-plugin-networkmanager(?::\w+|)\s+(.*)$ ^libproxy-tools(?::\w+|)\s+(.*)$ ^libpam-tacplus(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^busybox(?::\w+|)\s+(.*)$ ^udhcpc(?::\w+|)\s+(.*)$ ^busybox-syslogd(?::\w+|)\s+(.*)$ ^udhcpd(?::\w+|)\s+(.*)$ ^busybox-initramfs(?::\w+|)\s+(.*)$ ^busybox-udeb(?::\w+|)\s+(.*)$ ^busybox-static(?::\w+|)\s+(.*)$ ^ldm-server(?::\w+|)\s+(.*)$ ^ldm(?::\w+|)\s+(.*)$ ^aptdaemon(?::\w+|)\s+(.*)$ ^python3-aptdaemon.gtk3widgets(?::\w+|)\s+(.*)$ ^aptdaemon-data(?::\w+|)\s+(.*)$ ^python3-aptdaemon.test(?::\w+|)\s+(.*)$ ^python3-aptdaemon(?::\w+|)\s+(.*)$ ^packagekit-docs(?::\w+|)\s+(.*)$ ^libpackagekit-glib2-dev(?::\w+|)\s+(.*)$ ^packagekit(?::\w+|)\s+(.*)$ ^packagekit-tools(?::\w+|)\s+(.*)$ ^libpackagekit-glib2-18(?::\w+|)\s+(.*)$ ^packagekit-command-not-found(?::\w+|)\s+(.*)$ ^packagekit-gtk3-module(?::\w+|)\s+(.*)$ ^gir1.2-packagekitglib-1.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-packagekit(?::\w+|)\s+(.*)$ ^libawl-php(?::\w+|)\s+(.*)$ ^awl-doc(?::\w+|)\s+(.*)$ ^ruby-sanitize(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libuv1-dev(?::\w+|)\s+(.*)$ ^libuv1(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-memif20.0(?::\w+|)\s+(.*)$ ^dpdk-igb-uio-dkms(?::\w+|)\s+(.*)$ ^librte-pmd-iavf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-af-packet20.0(?::\w+|)\s+(.*)$ ^librte-pmd-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-event20.0(?::\w+|)\s+(.*)$ ^librte-bus-ifpga20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-stack0.200(?::\w+|)\s+(.*)$ ^librte-pmd-e1000-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-null20.0(?::\w+|)\s+(.*)$ ^librte-pipeline20.0(?::\w+|)\s+(.*)$ ^librte-sched20.0(?::\w+|)\s+(.*)$ ^librte-distributor20.0(?::\w+|)\s+(.*)$ ^librte-efd20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ark20.0(?::\w+|)\s+(.*)$ ^librte-gro20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sfc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-failsafe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pcap20.0(?::\w+|)\s+(.*)$ ^librte-rawdev20.0(?::\w+|)\s+(.*)$ ^librte-meter20.0(?::\w+|)\s+(.*)$ ^librte-hash20.0(?::\w+|)\s+(.*)$ ^librte-ring20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-telemetry0.200(?::\w+|)\s+(.*)$ ^librte-rawdev-skeleton20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bond20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hinic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-skeleton-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-mlx5-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-cmdif20.0(?::\w+|)\s+(.*)$ ^librte-pmd-fm10k20.0(?::\w+|)\s+(.*)$ ^librte-cryptodev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-i40e20.0(?::\w+|)\s+(.*)$ ^librte-cmdline20.0(?::\w+|)\s+(.*)$ ^librte-jobstats20.0(?::\w+|)\s+(.*)$ ^dpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-ccp20.0(?::\w+|)\s+(.*)$ ^librte-pmd-atlantic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sw-event20.0(?::\w+|)\s+(.*)$ ^librte-ip-frag20.0(?::\w+|)\s+(.*)$ ^librte-pmd-isal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dsw-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nitrox20.0(?::\w+|)\s+(.*)$ ^librte-pmd-kni20.0(?::\w+|)\s+(.*)$ ^librte-mempool-bucket20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-event20.0(?::\w+|)\s+(.*)$ ^librte-gso20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vdev-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-openssl20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnx2x20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-compress20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ioat20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-latencystats20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-kvargs20.0(?::\w+|)\s+(.*)$ ^librte-bus-fslmc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-avp20.0(?::\w+|)\s+(.*)$ ^librte-pdump20.0(?::\w+|)\s+(.*)$ ^librte-metrics20.0(?::\w+|)\s+(.*)$ ^librte-bbdev0.200(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-sec20.0(?::\w+|)\s+(.*)$ ^librte-bus-vmbus20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnxt20.0(?::\w+|)\s+(.*)$ ^librte-timer20.0(?::\w+|)\s+(.*)$ ^librte-cfgfile20.0(?::\w+|)\s+(.*)$ ^librte-rcu0.200(?::\w+|)\s+(.*)$ ^librte-pmd-qat20.0(?::\w+|)\s+(.*)$ ^librte-mempool20.0(?::\w+|)\s+(.*)$ ^libdpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-null20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio20.0(?::\w+|)\s+(.*)$ ^librte-pmd-axgbe20.0(?::\w+|)\s+(.*)$ ^librte-port20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-mb20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ntb20.0(?::\w+|)\s+(.*)$ ^librte-pmd-softnic20.0(?::\w+|)\s+(.*)$ ^dpdk-doc(?::\w+|)\s+(.*)$ ^librte-pmd-mlx4-20.0(?::\w+|)\s+(.*)$ ^librte-net20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-fpga-lte-fec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-null-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ena20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ice20.0(?::\w+|)\s+(.*)$ ^librte-common-dpaax20.0(?::\w+|)\s+(.*)$ ^librte-member20.0(?::\w+|)\s+(.*)$ ^librte-bus-pci20.0(?::\w+|)\s+(.*)$ ^librte-kni20.0(?::\w+|)\s+(.*)$ ^librte-pmd-thunderx20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx20.0(?::\w+|)\s+(.*)$ ^dpdk(?::\w+|)\s+(.*)$ ^librte-pmd-ifc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-opdl-event20.0(?::\w+|)\s+(.*)$ ^librte-pci20.0(?::\w+|)\s+(.*)$ ^librte-eal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-turbo-sw20.0(?::\w+|)\s+(.*)$ ^librte-ethdev20.0(?::\w+|)\s+(.*)$ ^librte-table20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hns3-20.0(?::\w+|)\s+(.*)$ ^librte-ipsec0.200(?::\w+|)\s+(.*)$ ^librte-pmd-zlib20.0(?::\w+|)\s+(.*)$ ^librte-bitratestats20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-sec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-caam-jr20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-octeontx2-dma20.0(?::\w+|)\s+(.*)$ ^librte-mbuf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-event20.0(?::\w+|)\s+(.*)$ ^librte-mempool-stack20.0(?::\w+|)\s+(.*)$ ^librte-power20.0(?::\w+|)\s+(.*)$ ^librte-pmd-liquidio20.0(?::\w+|)\s+(.*)$ ^librte-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio-crypto20.0(?::\w+|)\s+(.*)$ ^librte-reorder20.0(?::\w+|)\s+(.*)$ ^librte-pmd-qede20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pfe20.0(?::\w+|)\s+(.*)$ ^librte-flow-classify0.200(?::\w+|)\s+(.*)$ ^librte-rib0.200(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-cxgbe20.0(?::\w+|)\s+(.*)$ ^librte-mempool-ring20.0(?::\w+|)\s+(.*)$ ^librte-acl20.0(?::\w+|)\s+(.*)$ ^librte-common-cpt20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-gcm20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-qdma20.0(?::\w+|)\s+(.*)$ ^librte-lpm20.0(?::\w+|)\s+(.*)$ ^librte-pmd-tap20.0(?::\w+|)\s+(.*)$ ^librte-eventdev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nfp20.0(?::\w+|)\s+(.*)$ ^librte-bus-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ring20.0(?::\w+|)\s+(.*)$ ^librte-bus-vdev20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ixgbe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vmxnet3-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-crypto-scheduler20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enetc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-crypto20.0(?::\w+|)\s+(.*)$ ^librte-security20.0(?::\w+|)\s+(.*)$ ^librte-compressdev0.200(?::\w+|)\s+(.*)$ ^librte-fib0.200(?::\w+|)\s+(.*)$ ^librte-bpf0.200(?::\w+|)\s+(.*)$ ^teeworlds-data(?::\w+|)\s+(.*)$ ^teeworlds-server(?::\w+|)\s+(.*)$ ^teeworlds(?::\w+|)\s+(.*)$ ^qmail(?::\w+|)\s+(.*)$ ^qmail-uids-gids(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^ruby-rack(?::\w+|)\s+(.*)$ ^kramdown(?::\w+|)\s+(.*)$ ^ruby-kramdown(?::\w+|)\s+(.*)$ ^ntp(?::\w+|)\s+(.*)$ ^sntp(?::\w+|)\s+(.*)$ ^ntp-doc(?::\w+|)\s+(.*)$ ^ntpdate(?::\w+|)\s+(.*)$ ^libbrotli1(?::\w+|)\s+(.*)$ ^python3-brotli(?::\w+|)\s+(.*)$ ^brotli(?::\w+|)\s+(.*)$ ^libbrotli-dev(?::\w+|)\s+(.*)$ ^python3-urllib3(?::\w+|)\s+(.*)$ ^libspice-server1(?::\w+|)\s+(.*)$ ^libspice-server-dev(?::\w+|)\s+(.*)$ ^vino(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^golang-github-docker-docker-dev(?::\w+|)\s+(.*)$ ^docker.io(?::\w+|)\s+(.*)$ ^golang-docker-dev(?::\w+|)\s+(.*)$ ^vim-syntax-docker(?::\w+|)\s+(.*)$ ^docker-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libfreetype6-udeb(?::\w+|)\s+(.*)$ ^libfreetype6(?::\w+|)\s+(.*)$ ^libfreetype6-dev(?::\w+|)\s+(.*)$ ^freetype2-doc(?::\w+|)\s+(.*)$ ^libfreetype-dev(?::\w+|)\s+(.*)$ ^freetype2-demos(?::\w+|)\s+(.*)$ ^tomcat9-docs(?::\w+|)\s+(.*)$ ^libtomcat9-embed-java(?::\w+|)\s+(.*)$ ^tomcat9-admin(?::\w+|)\s+(.*)$ ^tomcat9-common(?::\w+|)\s+(.*)$ ^libtomcat9-java(?::\w+|)\s+(.*)$ ^tomcat9-user(?::\w+|)\s+(.*)$ ^tomcat9(?::\w+|)\s+(.*)$ ^tomcat9-examples(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^perl-modules-5.30(?::\w+|)\s+(.*)$ ^libperl-dev(?::\w+|)\s+(.*)$ ^perl-doc(?::\w+|)\s+(.*)$ ^perl(?::\w+|)\s+(.*)$ ^perl-base(?::\w+|)\s+(.*)$ ^libperl5.30(?::\w+|)\s+(.*)$ ^perl-debug(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^blueman(?::\w+|)\s+(.*)$ ^blueman(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^ca-certificates-udeb(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^fastd(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^python3-cryptography(?::\w+|)\s+(.*)$ ^python-cryptography(?::\w+|)\s+(.*)$ ^python-cryptography-doc(?::\w+|)\s+(.*)$ ^gir1.2-gdm-1.0(?::\w+|)\s+(.*)$ ^libgdm-dev(?::\w+|)\s+(.*)$ ^gdm3(?::\w+|)\s+(.*)$ ^libgdm1(?::\w+|)\s+(.*)$ ^accountsservice(?::\w+|)\s+(.*)$ ^gir1.2-accountsservice-1.0(?::\w+|)\s+(.*)$ ^libaccountsservice-doc(?::\w+|)\s+(.*)$ ^libaccountsservice-dev(?::\w+|)\s+(.*)$ ^libaccountsservice0(?::\w+|)\s+(.*)$ ^spice-vdagent(?::\w+|)\s+(.*)$ ^tmux(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^pacemaker-remote(?::\w+|)\s+(.*)$ ^libcrmcommon-dev(?::\w+|)\s+(.*)$ ^libcib27(?::\w+|)\s+(.*)$ ^pacemaker-resource-agents(?::\w+|)\s+(.*)$ ^pacemaker-cli-utils(?::\w+|)\s+(.*)$ ^libstonithd26(?::\w+|)\s+(.*)$ ^liblrmd28(?::\w+|)\s+(.*)$ ^libcrmservice28(?::\w+|)\s+(.*)$ ^pacemaker-common(?::\w+|)\s+(.*)$ ^libcrmcluster-dev(?::\w+|)\s+(.*)$ ^libstonithd-dev(?::\w+|)\s+(.*)$ ^libpe-rules26(?::\w+|)\s+(.*)$ ^pacemaker-dev(?::\w+|)\s+(.*)$ ^libcrmcluster29(?::\w+|)\s+(.*)$ ^libcib-dev(?::\w+|)\s+(.*)$ ^pacemaker(?::\w+|)\s+(.*)$ ^libcrmservice-dev(?::\w+|)\s+(.*)$ ^libcrmcommon34(?::\w+|)\s+(.*)$ ^liblrmd-dev(?::\w+|)\s+(.*)$ ^libpe-status28(?::\w+|)\s+(.*)$ ^libpacemaker1(?::\w+|)\s+(.*)$ ^libpengine-dev(?::\w+|)\s+(.*)$ ^pacemaker-doc(?::\w+|)\s+(.*)$ ^libexif-doc(?::\w+|)\s+(.*)$ ^libexif-dev(?::\w+|)\s+(.*)$ ^libexif12(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^libraptor2-doc(?::\w+|)\s+(.*)$ ^raptor2-utils(?::\w+|)\s+(.*)$ ^libraptor2-dev(?::\w+|)\s+(.*)$ ^libraptor2-0(?::\w+|)\s+(.*)$ ^mmdb-bin(?::\w+|)\s+(.*)$ ^libmaxminddb-dev(?::\w+|)\s+(.*)$ ^libmaxminddb0(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^libk5crypto3(?::\w+|)\s+(.*)$ ^krb5-kpropd(?::\w+|)\s+(.*)$ ^libkdb5-9(?::\w+|)\s+(.*)$ ^krb5-user(?::\w+|)\s+(.*)$ ^libgssrpc4(?::\w+|)\s+(.*)$ ^libkrb5support0(?::\w+|)\s+(.*)$ ^krb5-doc(?::\w+|)\s+(.*)$ ^libkrb5-dev(?::\w+|)\s+(.*)$ ^krb5-pkinit(?::\w+|)\s+(.*)$ ^libkrb5-3(?::\w+|)\s+(.*)$ ^krb5-kdc-ldap(?::\w+|)\s+(.*)$ ^krb5-otp(?::\w+|)\s+(.*)$ ^krb5-gss-samples(?::\w+|)\s+(.*)$ ^libkrad-dev(?::\w+|)\s+(.*)$ ^krb5-locales(?::\w+|)\s+(.*)$ ^libgssapi-krb5-2(?::\w+|)\s+(.*)$ ^krb5-kdc(?::\w+|)\s+(.*)$ ^krb5-multidev(?::\w+|)\s+(.*)$ ^krb5-k5tls(?::\w+|)\s+(.*)$ ^libkrad0(?::\w+|)\s+(.*)$ ^libkadm5srv-mit11(?::\w+|)\s+(.*)$ ^libkadm5clnt-mit11(?::\w+|)\s+(.*)$ ^krb5-admin-server(?::\w+|)\s+(.*)$ ^libvncserver1(?::\w+|)\s+(.*)$ ^libvncserver-dev(?::\w+|)\s+(.*)$ ^libvncclient1(?::\w+|)\s+(.*)$ ^vino(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libpulse0(?::\w+|)\s+(.*)$ ^pulseaudio-module-zeroconf(?::\w+|)\s+(.*)$ ^pulseaudio-module-gsettings(?::\w+|)\s+(.*)$ ^pulseaudio-module-bluetooth(?::\w+|)\s+(.*)$ ^libpulse-dev(?::\w+|)\s+(.*)$ ^pulseaudio-utils(?::\w+|)\s+(.*)$ ^pulseaudio-module-raop(?::\w+|)\s+(.*)$ ^pulseaudio(?::\w+|)\s+(.*)$ ^libpulsedsp(?::\w+|)\s+(.*)$ ^pulseaudio-equalizer(?::\w+|)\s+(.*)$ ^libpulse-mainloop-glib0(?::\w+|)\s+(.*)$ ^pulseaudio-module-lirc(?::\w+|)\s+(.*)$ ^pulseaudio-module-jack(?::\w+|)\s+(.*)$ ^mutt(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^xdg-utils(?::\w+|)\s+(.*)$ ^xdg-utils(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-docker-containerd-dev(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-docker-containerd-dev(?::\w+|)\s+(.*)$ ^php-pear(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core-udeb(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libcrypto1.1-udeb(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl1.1-udeb(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-0(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-common(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-0-udeb(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-bin(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-dev(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-doc(?::\w+|)\s+(.*)$ ^gir1.2-gdkpixbuf-2.0(?::\w+|)\s+(.*)$ ^aptdaemon-data(?::\w+|)\s+(.*)$ ^python3-aptdaemon.gtk3widgets(?::\w+|)\s+(.*)$ ^aptdaemon(?::\w+|)\s+(.*)$ ^python3-aptdaemon.test(?::\w+|)\s+(.*)$ ^python3-aptdaemon(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^python3-lxml(?::\w+|)\s+(.*)$ ^python-lxml(?::\w+|)\s+(.*)$ ^python-lxml-doc(?::\w+|)\s+(.*)$ ^python3-lxml(?::\w+|)\s+(.*)$ ^python-lxml(?::\w+|)\s+(.*)$ ^python-lxml-doc(?::\w+|)\s+(.*)$ ^apt-doc(?::\w+|)\s+(.*)$ ^libapt-pkg6.0(?::\w+|)\s+(.*)$ ^apt-transport-https(?::\w+|)\s+(.*)$ ^libapt-pkg-doc(?::\w+|)\s+(.*)$ ^apt(?::\w+|)\s+(.*)$ ^apt-utils(?::\w+|)\s+(.*)$ ^libapt-pkg-dev(?::\w+|)\s+(.*)$ ^python3-apt(?::\w+|)\s+(.*)$ ^python-apt(?::\w+|)\s+(.*)$ ^python-apt-common(?::\w+|)\s+(.*)$ ^python-apt-dev(?::\w+|)\s+(.*)$ ^python-apt-doc(?::\w+|)\s+(.*)$ ^python3-apt(?::\w+|)\s+(.*)$ ^python-apt(?::\w+|)\s+(.*)$ ^python-apt-common(?::\w+|)\s+(.*)$ ^python-apt-dev(?::\w+|)\s+(.*)$ ^python-apt-doc(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libproxy-cil-dev(?::\w+|)\s+(.*)$ ^libproxy1v5(?::\w+|)\s+(.*)$ ^libproxy0.4-cil(?::\w+|)\s+(.*)$ ^libproxy1-plugin-gsettings(?::\w+|)\s+(.*)$ ^libproxy-dev(?::\w+|)\s+(.*)$ ^python3-libproxy(?::\w+|)\s+(.*)$ ^libproxy1-plugin-webkit(?::\w+|)\s+(.*)$ ^libproxy1-plugin-kconfig(?::\w+|)\s+(.*)$ ^libproxy1-plugin-mozjs(?::\w+|)\s+(.*)$ ^libproxy1-plugin-networkmanager(?::\w+|)\s+(.*)$ ^libproxy-tools(?::\w+|)\s+(.*)$ ^dovecot-auth-lua(?::\w+|)\s+(.*)$ ^dovecot-pgsql(?::\w+|)\s+(.*)$ ^dovecot-mysql(?::\w+|)\s+(.*)$ ^dovecot-sieve(?::\w+|)\s+(.*)$ ^dovecot-core(?::\w+|)\s+(.*)$ ^dovecot-ldap(?::\w+|)\s+(.*)$ ^dovecot-sqlite(?::\w+|)\s+(.*)$ ^dovecot-dev(?::\w+|)\s+(.*)$ ^dovecot-pop3d(?::\w+|)\s+(.*)$ ^dovecot-imapd(?::\w+|)\s+(.*)$ ^dovecot-managesieved(?::\w+|)\s+(.*)$ ^dovecot-lucene(?::\w+|)\s+(.*)$ ^mail-stack-delivery(?::\w+|)\s+(.*)$ ^dovecot-gssapi(?::\w+|)\s+(.*)$ ^dovecot-solr(?::\w+|)\s+(.*)$ ^dovecot-submissiond(?::\w+|)\s+(.*)$ ^dovecot-lmtpd(?::\w+|)\s+(.*)$ ^openstack-dashboard(?::\w+|)\s+(.*)$ ^python3-django-horizon(?::\w+|)\s+(.*)$ ^openstack-dashboard-ubuntu-theme(?::\w+|)\s+(.*)$ ^python3-django-openstack-auth(?::\w+|)\s+(.*)$ ^openstack-dashboard-common(?::\w+|)\s+(.*)$ ^libopenexr-dev(?::\w+|)\s+(.*)$ ^openexr(?::\w+|)\s+(.*)$ ^libopenexr24(?::\w+|)\s+(.*)$ ^openexr-doc(?::\w+|)\s+(.*)$ ^libp11-kit0(?::\w+|)\s+(.*)$ ^libp11-kit-dev(?::\w+|)\s+(.*)$ ^p11-kit-modules(?::\w+|)\s+(.*)$ ^p11-kit(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libwavpack1(?::\w+|)\s+(.*)$ ^libwavpack-dev(?::\w+|)\s+(.*)$ ^wavpack(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^qemu-efi-arm(?::\w+|)\s+(.*)$ ^qemu-efi(?::\w+|)\s+(.*)$ ^qemu-efi-aarch64(?::\w+|)\s+(.*)$ ^ovmf(?::\w+|)\s+(.*)$ ^libopenjp2-tools(?::\w+|)\s+(.*)$ ^libopenjpip-server(?::\w+|)\s+(.*)$ ^libopenjpip-viewer(?::\w+|)\s+(.*)$ ^libopenjp3d-tools(?::\w+|)\s+(.*)$ ^libopenjpip7(?::\w+|)\s+(.*)$ ^libopenjp2-7(?::\w+|)\s+(.*)$ ^libopenjp2-7-dev(?::\w+|)\s+(.*)$ ^libopenjp3d7(?::\w+|)\s+(.*)$ ^libopenjpip-dec-server(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-390(?::\w+|)\s+(.*)$ ^libnvidia-decode-390(?::\w+|)\s+(.*)$ ^nvidia-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-gl-390(?::\w+|)\s+(.*)$ ^libnvidia-compute-390(?::\w+|)\s+(.*)$ ^nvidia-driver-390(?::\w+|)\s+(.*)$ ^nvidia-384-dev(?::\w+|)\s+(.*)$ ^nvidia-opencl-icd-384(?::\w+|)\s+(.*)$ ^libcuda1-384(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-390(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-390(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-390(?::\w+|)\s+(.*)$ ^libnvidia-encode-390(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-390(?::\w+|)\s+(.*)$ ^nvidia-headless-390(?::\w+|)\s+(.*)$ ^libnvidia-common-390(?::\w+|)\s+(.*)$ ^nvidia-dkms-390(?::\w+|)\s+(.*)$ ^nvidia-libopencl1-384(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-390(?::\w+|)\s+(.*)$ ^nvidia-384(?::\w+|)\s+(.*)$ ^libnvidia-encode-440(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450(?::\w+|)\s+(.*)$ ^libnvidia-compute-440(?::\w+|)\s+(.*)$ ^libnvidia-common-450(?::\w+|)\s+(.*)$ ^libnvidia-encode-450(?::\w+|)\s+(.*)$ ^libnvidia-common-440(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450(?::\w+|)\s+(.*)$ ^nvidia-driver-450(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440(?::\w+|)\s+(.*)$ ^libnvidia-decode-440(?::\w+|)\s+(.*)$ ^nvidia-driver-440(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450(?::\w+|)\s+(.*)$ ^nvidia-utils-440(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450(?::\w+|)\s+(.*)$ ^libnvidia-decode-450(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450(?::\w+|)\s+(.*)$ ^nvidia-headless-440(?::\w+|)\s+(.*)$ ^nvidia-dkms-440(?::\w+|)\s+(.*)$ ^libnvidia-extra-440(?::\w+|)\s+(.*)$ ^libnvidia-gl-450(?::\w+|)\s+(.*)$ ^nvidia-utils-450(?::\w+|)\s+(.*)$ ^nvidia-dkms-450(?::\w+|)\s+(.*)$ ^nvidia-headless-450(?::\w+|)\s+(.*)$ ^libnvidia-compute-450(?::\w+|)\s+(.*)$ ^libnvidia-extra-450(?::\w+|)\s+(.*)$ ^libnvidia-gl-440(?::\w+|)\s+(.*)$ ^libnvidia-common-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-455(?::\w+|)\s+(.*)$ ^nvidia-headless-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-460(?::\w+|)\s+(.*)$ ^libnvidia-common-455(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-455(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-455(?::\w+|)\s+(.*)$ ^nvidia-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-compute-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-455(?::\w+|)\s+(.*)$ ^nvidia-driver-455(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460(?::\w+|)\s+(.*)$ ^nvidia-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-extra-460(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-455(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-455(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-455(?::\w+|)\s+(.*)$ ^libnvidia-decode-455(?::\w+|)\s+(.*)$ ^nvidia-driver-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-455(?::\w+|)\s+(.*)$ ^libnvidia-decode-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460(?::\w+|)\s+(.*)$ ^nvidia-utils-455(?::\w+|)\s+(.*)$ ^libnvidia-gl-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460(?::\w+|)\s+(.*)$ ^nvidia-dkms-455(?::\w+|)\s+(.*)$ ^nvidia-headless-455(?::\w+|)\s+(.*)$ ^libnvidia-extra-455(?::\w+|)\s+(.*)$ ^libnvidia-compute-455(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^nvidia-headless-418-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-418-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-418-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-418-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-418-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-418-server(?::\w+|)\s+(.*)$ ^nvidia-utils-418-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-418-server(?::\w+|)\s+(.*)$ ^libnvidia-common-418-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-418-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-418-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-418-server(?::\w+|)\s+(.*)$ ^nvidia-driver-418-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-418-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-418-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-418-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-418-server(?::\w+|)\s+(.*)$ ^nvidia-headless-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-440-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-450-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-450-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-common-450-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-450-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440-server(?::\w+|)\s+(.*)$ ^nvidia-utils-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-440-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-440-server(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^coturn(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^tar-scripts(?::\w+|)\s+(.*)$ ^tar(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^dnsmasq(?::\w+|)\s+(.*)$ ^dnsmasq-base-lua(?::\w+|)\s+(.*)$ ^dnsmasq-utils(?::\w+|)\s+(.*)$ ^dnsmasq-base(?::\w+|)\s+(.*)$ ^dnsmasq(?::\w+|)\s+(.*)$ ^dnsmasq-utils(?::\w+|)\s+(.*)$ ^dnsmasq-base-lua(?::\w+|)\s+(.*)$ ^dnsmasq-base(?::\w+|)\s+(.*)$ ^liblog4net1.2-cil(?::\w+|)\s+(.*)$ ^liblog4net-cil-dev(?::\w+|)\s+(.*)$ ^mutt(?::\w+|)\s+(.*)$ ^sudo-ldap(?::\w+|)\s+(.*)$ ^sudo(?::\w+|)\s+(.*)$ ^python3-rbd(?::\w+|)\s+(.*)$ ^ceph-mgr-modules-core(?::\w+|)\s+(.*)$ ^ceph-mgr(?::\w+|)\s+(.*)$ ^ceph-mgr-cephadm(?::\w+|)\s+(.*)$ ^ceph(?::\w+|)\s+(.*)$ ^ceph-osd(?::\w+|)\s+(.*)$ ^rbd-mirror(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-local(?::\w+|)\s+(.*)$ ^ceph-mgr-dashboard(?::\w+|)\s+(.*)$ ^librbd-dev(?::\w+|)\s+(.*)$ ^ceph-mgr-rook(?::\w+|)\s+(.*)$ ^rbd-fuse(?::\w+|)\s+(.*)$ ^libradospp-dev(?::\w+|)\s+(.*)$ ^librados-dev(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-cloud(?::\w+|)\s+(.*)$ ^python3-ceph(?::\w+|)\s+(.*)$ ^cephadm(?::\w+|)\s+(.*)$ ^libradosstriper-dev(?::\w+|)\s+(.*)$ ^librados2(?::\w+|)\s+(.*)$ ^ceph-mon(?::\w+|)\s+(.*)$ ^libcephfs2(?::\w+|)\s+(.*)$ ^ceph-immutable-object-cache(?::\w+|)\s+(.*)$ ^librgw2(?::\w+|)\s+(.*)$ ^ceph-mds(?::\w+|)\s+(.*)$ ^radosgw(?::\w+|)\s+(.*)$ ^librbd1(?::\w+|)\s+(.*)$ ^python3-rgw(?::\w+|)\s+(.*)$ ^rbd-nbd(?::\w+|)\s+(.*)$ ^libcephfs-dev(?::\w+|)\s+(.*)$ ^rados-objclass-dev(?::\w+|)\s+(.*)$ ^libradosstriper1(?::\w+|)\s+(.*)$ ^python3-ceph-argparse(?::\w+|)\s+(.*)$ ^python3-ceph-common(?::\w+|)\s+(.*)$ ^librgw-dev(?::\w+|)\s+(.*)$ ^python3-rados(?::\w+|)\s+(.*)$ ^ceph-base(?::\w+|)\s+(.*)$ ^ceph-mgr-k8sevents(?::\w+|)\s+(.*)$ ^python3-cephfs(?::\w+|)\s+(.*)$ ^ceph-fuse(?::\w+|)\s+(.*)$ ^cephfs-shell(?::\w+|)\s+(.*)$ ^ceph-common(?::\w+|)\s+(.*)$ ^libcephfs-java(?::\w+|)\s+(.*)$ ^ceph-resource-agents(?::\w+|)\s+(.*)$ ^libcephfs-jni(?::\w+|)\s+(.*)$ ^tcmu-runner(?::\w+|)\s+(.*)$ ^libtcmu2(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^libxstream-java(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^ca-certificates-udeb(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^libflatpak0(?::\w+|)\s+(.*)$ ^libflatpak-dev(?::\w+|)\s+(.*)$ ^gir1.2-flatpak-1.0(?::\w+|)\s+(.*)$ ^libflatpak-doc(?::\w+|)\s+(.*)$ ^flatpak(?::\w+|)\s+(.*)$ ^flatpak-tests(?::\w+|)\s+(.*)$ ^minidlna(?::\w+|)\s+(.*)$ ^php-pear(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^junit4(?::\w+|)\s+(.*)$ ^junit4-doc(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-dev(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-0(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoar-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-dev(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoargtk-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-doc(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-0(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-dev(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-0(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoar-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-dev(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoargtk-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-doc(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-0(?::\w+|)\s+(.*)$ ^hostapd(?::\w+|)\s+(.*)$ ^wpagui(?::\w+|)\s+(.*)$ ^wpasupplicant(?::\w+|)\s+(.*)$ ^wpasupplicant-udeb(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^libcrypto1.1-udeb(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl1.1-udeb(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^libshiro-java(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-0(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-common(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-0-udeb(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-bin(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-dev(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-doc(?::\w+|)\s+(.*)$ ^gir1.2-gdkpixbuf-2.0(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^xterm(?::\w+|)\s+(.*)$ ^screen(?::\w+|)\s+(.*)$ ^screen-udeb(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^hostapd(?::\w+|)\s+(.*)$ ^wpagui(?::\w+|)\s+(.*)$ ^wpasupplicant(?::\w+|)\s+(.*)$ ^wpasupplicant-udeb(?::\w+|)\s+(.*)$ ^golang-1.14(?::\w+|)\s+(.*)$ ^golang-1.14-doc(?::\w+|)\s+(.*)$ ^golang-1.14-go(?::\w+|)\s+(.*)$ ^golang-1.14-src(?::\w+|)\s+(.*)$ ^libglib2.0-0(?::\w+|)\s+(.*)$ ^libglib2.0-data(?::\w+|)\s+(.*)$ ^libglib2.0-udeb(?::\w+|)\s+(.*)$ ^libglib2.0-tests(?::\w+|)\s+(.*)$ ^libglib2.0-doc(?::\w+|)\s+(.*)$ ^libglib2.0-bin(?::\w+|)\s+(.*)$ ^libglib2.0-dev(?::\w+|)\s+(.*)$ ^libglib2.0-dev-bin(?::\w+|)\s+(.*)$ ^zstd(?::\w+|)\s+(.*)$ ^libzstd-dev(?::\w+|)\s+(.*)$ ^libzstd1(?::\w+|)\s+(.*)$ ^libzstd1-udeb(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^openssh-server-udeb(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^openssh-client-udeb(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^libglib2.0-0(?::\w+|)\s+(.*)$ ^libglib2.0-data(?::\w+|)\s+(.*)$ ^libglib2.0-udeb(?::\w+|)\s+(.*)$ ^libglib2.0-tests(?::\w+|)\s+(.*)$ ^libglib2.0-doc(?::\w+|)\s+(.*)$ ^libglib2.0-bin(?::\w+|)\s+(.*)$ ^libglib2.0-dev(?::\w+|)\s+(.*)$ ^libglib2.0-dev-bin(?::\w+|)\s+(.*)$ ^zabbix-java-gateway(?::\w+|)\s+(.*)$ ^zabbix-frontend-php(?::\w+|)\s+(.*)$ ^zabbix-proxy-mysql(?::\w+|)\s+(.*)$ ^zabbix-server-pgsql(?::\w+|)\s+(.*)$ ^zabbix-server-mysql(?::\w+|)\s+(.*)$ ^zabbix-proxy-pgsql(?::\w+|)\s+(.*)$ ^zabbix-proxy-sqlite3(?::\w+|)\s+(.*)$ ^zabbix-agent(?::\w+|)\s+(.*)$ ^libpmi0-dev(?::\w+|)\s+(.*)$ ^slurmctld(?::\w+|)\s+(.*)$ ^slurm-wlm-basic-plugins-dev(?::\w+|)\s+(.*)$ ^libslurmdb-perl(?::\w+|)\s+(.*)$ ^libpmi0(?::\w+|)\s+(.*)$ ^slurm-wlm(?::\w+|)\s+(.*)$ ^libslurm-dev(?::\w+|)\s+(.*)$ ^slurm-client(?::\w+|)\s+(.*)$ ^libpam-slurm(?::\w+|)\s+(.*)$ ^slurmd(?::\w+|)\s+(.*)$ ^slurm-wlm-torque(?::\w+|)\s+(.*)$ ^slurm-client-emulator(?::\w+|)\s+(.*)$ ^libpam-slurm-adopt(?::\w+|)\s+(.*)$ ^slurm-wlm-emulator(?::\w+|)\s+(.*)$ ^libpmi2-0(?::\w+|)\s+(.*)$ ^slurmdbd(?::\w+|)\s+(.*)$ ^slurm-wlm-doc(?::\w+|)\s+(.*)$ ^libslurm34(?::\w+|)\s+(.*)$ ^libpmi2-0-dev(?::\w+|)\s+(.*)$ ^libslurm-perl(?::\w+|)\s+(.*)$ ^sview(?::\w+|)\s+(.*)$ ^slurm-wlm-basic-plugins(?::\w+|)\s+(.*)$ ^lynx-common(?::\w+|)\s+(.*)$ ^lynx(?::\w+|)\s+(.*)$ ^phpmyadmin(?::\w+|)\s+(.*)$ ^targetcli-fb(?::\w+|)\s+(.*)$ ^axel(?::\w+|)\s+(.*)$ ^ant(?::\w+|)\s+(.*)$ ^ant-doc(?::\w+|)\s+(.*)$ ^ant-optional(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-docker-containerd-dev(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^python-pygments-doc(?::\w+|)\s+(.*)$ ^python3-pygments(?::\w+|)\s+(.*)$ ^python-pygments(?::\w+|)\s+(.*)$ ^privoxy(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^ldb-tools(?::\w+|)\s+(.*)$ ^libldb2(?::\w+|)\s+(.*)$ ^python3-ldb(?::\w+|)\s+(.*)$ ^libldb-dev(?::\w+|)\s+(.*)$ ^python3-ldb-dev(?::\w+|)\s+(.*)$ ^libcrypto1.1-udeb(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl1.1-udeb(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^python3-lxml(?::\w+|)\s+(.*)$ ^python-lxml(?::\w+|)\s+(.*)$ ^python-lxml-doc(?::\w+|)\s+(.*)$ ^python-pygments-doc(?::\w+|)\s+(.*)$ ^python3-pygments(?::\w+|)\s+(.*)$ ^python-pygments(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^spamassassin(?::\w+|)\s+(.*)$ ^sa-compile(?::\w+|)\s+(.*)$ ^spamc(?::\w+|)\s+(.*)$ ^libopenexr-dev(?::\w+|)\s+(.*)$ ^openexr(?::\w+|)\s+(.*)$ ^libopenexr24(?::\w+|)\s+(.*)$ ^openexr-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core-udeb(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^libnettle7(?::\w+|)\s+(.*)$ ^nettle-bin(?::\w+|)\s+(.*)$ ^libhogweed5(?::\w+|)\s+(.*)$ ^nettle-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^libjs-underscore(?::\w+|)\s+(.*)$ ^node-underscore(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libzmq5(?::\w+|)\s+(.*)$ ^libzmq3-dev(?::\w+|)\s+(.*)$ ^caca-utils(?::\w+|)\s+(.*)$ ^libcaca-dev(?::\w+|)\s+(.*)$ ^libcaca0(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^qemu-efi-arm(?::\w+|)\s+(.*)$ ^qemu-efi(?::\w+|)\s+(.*)$ ^qemu-efi-aarch64(?::\w+|)\s+(.*)$ ^ovmf(?::\w+|)\s+(.*)$ ^shibboleth-sp2-common(?::\w+|)\s+(.*)$ ^shibboleth-sp2-utils(?::\w+|)\s+(.*)$ ^libapache2-mod-shib2(?::\w+|)\s+(.*)$ ^libshibsp-plugins(?::\w+|)\s+(.*)$ ^libshibsp8(?::\w+|)\s+(.*)$ ^shibboleth-sp-utils(?::\w+|)\s+(.*)$ ^libshibsp-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-shib(?::\w+|)\s+(.*)$ ^libshibsp-dev(?::\w+|)\s+(.*)$ ^shibboleth-sp-common(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^file-roller(?::\w+|)\s+(.*)$ ^gstreamer1.0-gtk3(?::\w+|)\s+(.*)$ ^gstreamer1.0-pulseaudio(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good-doc(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-dev(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good(?::\w+|)\s+(.*)$ ^gstreamer1.0-qt5(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^openvpn(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-390(?::\w+|)\s+(.*)$ ^libnvidia-decode-390(?::\w+|)\s+(.*)$ ^nvidia-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-gl-390(?::\w+|)\s+(.*)$ ^libnvidia-compute-390(?::\w+|)\s+(.*)$ ^nvidia-driver-390(?::\w+|)\s+(.*)$ ^nvidia-384-dev(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-390(?::\w+|)\s+(.*)$ ^libcuda1-384(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-390(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-390(?::\w+|)\s+(.*)$ ^libnvidia-encode-390(?::\w+|)\s+(.*)$ ^nvidia-opencl-icd-384(?::\w+|)\s+(.*)$ ^nvidia-dkms-390(?::\w+|)\s+(.*)$ ^nvidia-headless-390(?::\w+|)\s+(.*)$ ^libnvidia-common-390(?::\w+|)\s+(.*)$ ^nvidia-libopencl1-384(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-390(?::\w+|)\s+(.*)$ ^nvidia-384(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-418-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-418-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-418-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-418-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-418-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-418-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-418-server(?::\w+|)\s+(.*)$ ^nvidia-driver-418-server(?::\w+|)\s+(.*)$ ^nvidia-utils-418-server(?::\w+|)\s+(.*)$ ^libnvidia-common-418-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-418-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-418-server(?::\w+|)\s+(.*)$ ^nvidia-headless-418-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-418-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-418-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-418-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-418-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-440(?::\w+|)\s+(.*)$ ^nvidia-driver-450-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450(?::\w+|)\s+(.*)$ ^libnvidia-compute-440(?::\w+|)\s+(.*)$ ^libnvidia-decode-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-450-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-common-450(?::\w+|)\s+(.*)$ ^libnvidia-common-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-450(?::\w+|)\s+(.*)$ ^libnvidia-extra-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-440(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-440-server(?::\w+|)\s+(.*)$ ^nvidia-utils-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-450-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450(?::\w+|)\s+(.*)$ ^nvidia-driver-450(?::\w+|)\s+(.*)$ ^nvidia-driver-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440(?::\w+|)\s+(.*)$ ^libnvidia-decode-440(?::\w+|)\s+(.*)$ ^nvidia-driver-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450(?::\w+|)\s+(.*)$ ^libnvidia-decode-450(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-450(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450(?::\w+|)\s+(.*)$ ^nvidia-utils-450(?::\w+|)\s+(.*)$ ^nvidia-headless-440(?::\w+|)\s+(.*)$ ^nvidia-dkms-440(?::\w+|)\s+(.*)$ ^libnvidia-extra-440(?::\w+|)\s+(.*)$ ^libnvidia-gl-450(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-440-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-450(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440(?::\w+|)\s+(.*)$ ^libnvidia-gl-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-450(?::\w+|)\s+(.*)$ ^libnvidia-extra-450(?::\w+|)\s+(.*)$ ^libnvidia-gl-440(?::\w+|)\s+(.*)$ ^libnvidia-common-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-460-server(?::\w+|)\s+(.*)$ ^nvidia-utils-460-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-455(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-455(?::\w+|)\s+(.*)$ ^nvidia-headless-460(?::\w+|)\s+(.*)$ ^libnvidia-compute-460-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-460(?::\w+|)\s+(.*)$ ^libnvidia-common-455(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-455(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-455(?::\w+|)\s+(.*)$ ^nvidia-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-decode-460-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-455(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-extra-460(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-455(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-455(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-455(?::\w+|)\s+(.*)$ ^nvidia-dkms-460-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-455(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-455(?::\w+|)\s+(.*)$ ^libnvidia-decode-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460(?::\w+|)\s+(.*)$ ^nvidia-utils-455(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-455(?::\w+|)\s+(.*)$ ^nvidia-headless-455(?::\w+|)\s+(.*)$ ^libnvidia-extra-455(?::\w+|)\s+(.*)$ ^libnvidia-compute-455(?::\w+|)\s+(.*)$ ^nvidia-driver-460-server(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-dev(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-0(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoar-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-dev(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoargtk-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-doc(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-0(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-dev(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-0(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoar-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-dev(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoargtk-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-doc(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-0(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python-unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^python-yaml(?::\w+|)\s+(.*)$ ^python3-yaml(?::\w+|)\s+(.*)$ ^exiv2(?::\w+|)\s+(.*)$ ^libexiv2-27(?::\w+|)\s+(.*)$ ^libexiv2-doc(?::\w+|)\s+(.*)$ ^libexiv2-dev(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libxstream-java(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libflatpak0(?::\w+|)\s+(.*)$ ^libflatpak-dev(?::\w+|)\s+(.*)$ ^gir1.2-flatpak-1.0(?::\w+|)\s+(.*)$ ^libflatpak-doc(?::\w+|)\s+(.*)$ ^flatpak(?::\w+|)\s+(.*)$ ^flatpak-tests(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^awstats(?::\w+|)\s+(.*)$ ^python-eventlet-doc(?::\w+|)\s+(.*)$ ^python3-eventlet(?::\w+|)\s+(.*)$ ^libdjvulibre21(?::\w+|)\s+(.*)$ ^libdjvulibre-text(?::\w+|)\s+(.*)$ ^djvulibre-desktop(?::\w+|)\s+(.*)$ ^djview3(?::\w+|)\s+(.*)$ ^djvuserve(?::\w+|)\s+(.*)$ ^libdjvulibre-dev(?::\w+|)\s+(.*)$ ^djview(?::\w+|)\s+(.*)$ ^djvulibre-bin(?::\w+|)\s+(.*)$ ^libcaribou-gtk3-module(?::\w+|)\s+(.*)$ ^libcaribou0(?::\w+|)\s+(.*)$ ^libcaribou-dev(?::\w+|)\s+(.*)$ ^gir1.2-caribou-1.0(?::\w+|)\s+(.*)$ ^libcaribou-gtk-module(?::\w+|)\s+(.*)$ ^caribou-antler(?::\w+|)\s+(.*)$ ^libcaribou-common(?::\w+|)\s+(.*)$ ^caribou(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-base1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-x(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base-doc(?::\w+|)\s+(.*)$ ^libgstreamer-gl1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-gl(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-base1.0-dev(?::\w+|)\s+(.*)$ ^gir1.2-gst-plugins-base-1.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-alsa(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base-apps(?::\w+|)\s+(.*)$ ^golang-github-opencontainers-runc-dev(?::\w+|)\s+(.*)$ ^runc(?::\w+|)\s+(.*)$ ^python-pip-whl(?::\w+|)\s+(.*)$ ^python3-pip(?::\w+|)\s+(.*)$ ^python-babel-localedata(?::\w+|)\s+(.*)$ ^python-babel-doc(?::\w+|)\s+(.*)$ ^python-babel(?::\w+|)\s+(.*)$ ^python3-babel(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^exiv2(?::\w+|)\s+(.*)$ ^libexiv2-27(?::\w+|)\s+(.*)$ ^libexiv2-doc(?::\w+|)\s+(.*)$ ^libexiv2-dev(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^libx11-6(?::\w+|)\s+(.*)$ ^libx11-data(?::\w+|)\s+(.*)$ ^libx11-xcb-dev(?::\w+|)\s+(.*)$ ^libx11-xcb1(?::\w+|)\s+(.*)$ ^libx11-doc(?::\w+|)\s+(.*)$ ^libx11-6-udeb(?::\w+|)\s+(.*)$ ^libx11-dev(?::\w+|)\s+(.*)$ ^libnginx-mod-stream(?::\w+|)\s+(.*)$ ^libnginx-mod-http-subs-filter(?::\w+|)\s+(.*)$ ^nginx-doc(?::\w+|)\s+(.*)$ ^libnginx-mod-mail(?::\w+|)\s+(.*)$ ^libnginx-mod-http-image-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-echo(?::\w+|)\s+(.*)$ ^libnginx-mod-rtmp(?::\w+|)\s+(.*)$ ^libnginx-mod-nchan(?::\w+|)\s+(.*)$ ^nginx-common(?::\w+|)\s+(.*)$ ^libnginx-mod-http-fancyindex(?::\w+|)\s+(.*)$ ^libnginx-mod-http-auth-pam(?::\w+|)\s+(.*)$ ^nginx-light(?::\w+|)\s+(.*)$ ^libnginx-mod-http-headers-more-filter(?::\w+|)\s+(.*)$ ^nginx-extras(?::\w+|)\s+(.*)$ ^libnginx-mod-http-upstream-fair(?::\w+|)\s+(.*)$ ^libnginx-mod-http-xslt-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-lua(?::\w+|)\s+(.*)$ ^libnginx-mod-http-perl(?::\w+|)\s+(.*)$ ^nginx-core(?::\w+|)\s+(.*)$ ^libnginx-mod-http-dav-ext(?::\w+|)\s+(.*)$ ^nginx(?::\w+|)\s+(.*)$ ^libnginx-mod-http-ndk(?::\w+|)\s+(.*)$ ^libnginx-mod-http-uploadprogress(?::\w+|)\s+(.*)$ ^libnginx-mod-http-cache-purge(?::\w+|)\s+(.*)$ ^nginx-full(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip2(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip(?::\w+|)\s+(.*)$ ^liblz4-tool(?::\w+|)\s+(.*)$ ^lz4(?::\w+|)\s+(.*)$ ^liblz4-dev(?::\w+|)\s+(.*)$ ^liblz4-1(?::\w+|)\s+(.*)$ ^isc-dhcp-relay(?::\w+|)\s+(.*)$ ^isc-dhcp-client-ddns(?::\w+|)\s+(.*)$ ^isc-dhcp-dev(?::\w+|)\s+(.*)$ ^isc-dhcp-client(?::\w+|)\s+(.*)$ ^isc-dhcp-common(?::\w+|)\s+(.*)$ ^isc-dhcp-server(?::\w+|)\s+(.*)$ ^isc-dhcp-client-udeb(?::\w+|)\s+(.*)$ ^isc-dhcp-server-ldap(?::\w+|)\s+(.*)$ ^gir1.2-gupnp-1.2(?::\w+|)\s+(.*)$ ^libgupnp-doc(?::\w+|)\s+(.*)$ ^libgupnp-1.2-dev(?::\w+|)\s+(.*)$ ^libgupnp-1.2-0(?::\w+|)\s+(.*)$ ^webp(?::\w+|)\s+(.*)$ ^libwebp6(?::\w+|)\s+(.*)$ ^libwebpmux3(?::\w+|)\s+(.*)$ ^libwebp-dev(?::\w+|)\s+(.*)$ ^libwebpdemux2(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^liblasso-perl(?::\w+|)\s+(.*)$ ^liblasso3(?::\w+|)\s+(.*)$ ^python3-lasso(?::\w+|)\s+(.*)$ ^liblasso3-dev(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^dnsmasq(?::\w+|)\s+(.*)$ ^dnsmasq-base-lua(?::\w+|)\s+(.*)$ ^dnsmasq-utils(?::\w+|)\s+(.*)$ ^dnsmasq-base(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^policykit-1-doc(?::\w+|)\s+(.*)$ ^libpolkit-gobject-1-dev(?::\w+|)\s+(.*)$ ^libpolkit-agent-1-0(?::\w+|)\s+(.*)$ ^libpolkit-agent-1-dev(?::\w+|)\s+(.*)$ ^policykit-1(?::\w+|)\s+(.*)$ ^gir1.2-polkit-1.0(?::\w+|)\s+(.*)$ ^libpolkit-gobject-1-0(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^libimage-exiftool-perl(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libbluetooth3(?::\w+|)\s+(.*)$ ^bluez-tests(?::\w+|)\s+(.*)$ ^bluez-obexd(?::\w+|)\s+(.*)$ ^bluetooth(?::\w+|)\s+(.*)$ ^bluez(?::\w+|)\s+(.*)$ ^bluez-hcidump(?::\w+|)\s+(.*)$ ^bluez-cups(?::\w+|)\s+(.*)$ ^libbluetooth-dev(?::\w+|)\s+(.*)$ ^libnettle7(?::\w+|)\s+(.*)$ ^nettle-bin(?::\w+|)\s+(.*)$ ^libhogweed5(?::\w+|)\s+(.*)$ ^nettle-dev(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed(?::\w+|)\s+(.*)$ ^grub-efi-arm64-bin(?::\w+|)\s+(.*)$ ^grub-efi-amd64(?::\w+|)\s+(.*)$ ^grub-efi-amd64-bin(?::\w+|)\s+(.*)$ ^grub-efi-arm64(?::\w+|)\s+(.*)$ ^dovecot-auth-lua(?::\w+|)\s+(.*)$ ^dovecot-pgsql(?::\w+|)\s+(.*)$ ^dovecot-mysql(?::\w+|)\s+(.*)$ ^dovecot-core(?::\w+|)\s+(.*)$ ^dovecot-sieve(?::\w+|)\s+(.*)$ ^dovecot-ldap(?::\w+|)\s+(.*)$ ^dovecot-sqlite(?::\w+|)\s+(.*)$ ^dovecot-dev(?::\w+|)\s+(.*)$ ^dovecot-pop3d(?::\w+|)\s+(.*)$ ^dovecot-imapd(?::\w+|)\s+(.*)$ ^dovecot-managesieved(?::\w+|)\s+(.*)$ ^dovecot-lucene(?::\w+|)\s+(.*)$ ^mail-stack-delivery(?::\w+|)\s+(.*)$ ^dovecot-gssapi(?::\w+|)\s+(.*)$ ^dovecot-lmtpd(?::\w+|)\s+(.*)$ ^dovecot-submissiond(?::\w+|)\s+(.*)$ ^dovecot-solr(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^python3-rbd(?::\w+|)\s+(.*)$ ^ceph-mgr-modules-core(?::\w+|)\s+(.*)$ ^ceph-mgr(?::\w+|)\s+(.*)$ ^ceph-mgr-cephadm(?::\w+|)\s+(.*)$ ^ceph(?::\w+|)\s+(.*)$ ^rbd-mirror(?::\w+|)\s+(.*)$ ^ceph-mgr-dashboard(?::\w+|)\s+(.*)$ ^librbd-dev(?::\w+|)\s+(.*)$ ^ceph-mgr-rook(?::\w+|)\s+(.*)$ ^rbd-fuse(?::\w+|)\s+(.*)$ ^libradospp-dev(?::\w+|)\s+(.*)$ ^librados-dev(?::\w+|)\s+(.*)$ ^librbd1(?::\w+|)\s+(.*)$ ^python3-ceph(?::\w+|)\s+(.*)$ ^cephadm(?::\w+|)\s+(.*)$ ^libradosstriper-dev(?::\w+|)\s+(.*)$ ^librados2(?::\w+|)\s+(.*)$ ^ceph-mon(?::\w+|)\s+(.*)$ ^libcephfs2(?::\w+|)\s+(.*)$ ^ceph-immutable-object-cache(?::\w+|)\s+(.*)$ ^librgw2(?::\w+|)\s+(.*)$ ^ceph-mds(?::\w+|)\s+(.*)$ ^radosgw(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-local(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-cloud(?::\w+|)\s+(.*)$ ^python3-rgw(?::\w+|)\s+(.*)$ ^rbd-nbd(?::\w+|)\s+(.*)$ ^libcephfs-dev(?::\w+|)\s+(.*)$ ^rados-objclass-dev(?::\w+|)\s+(.*)$ ^libradosstriper1(?::\w+|)\s+(.*)$ ^ceph-osd(?::\w+|)\s+(.*)$ ^python3-ceph-argparse(?::\w+|)\s+(.*)$ ^python3-ceph-common(?::\w+|)\s+(.*)$ ^librgw-dev(?::\w+|)\s+(.*)$ ^python3-rados(?::\w+|)\s+(.*)$ ^ceph-base(?::\w+|)\s+(.*)$ ^ceph-mgr-k8sevents(?::\w+|)\s+(.*)$ ^python3-cephfs(?::\w+|)\s+(.*)$ ^ceph-fuse(?::\w+|)\s+(.*)$ ^cephfs-shell(?::\w+|)\s+(.*)$ ^ceph-common(?::\w+|)\s+(.*)$ ^libcephfs-java(?::\w+|)\s+(.*)$ ^ceph-resource-agents(?::\w+|)\s+(.*)$ ^libcephfs-jni(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^rabbitmq-server(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^libuv1-dev(?::\w+|)\s+(.*)$ ^libuv1(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd-dev(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-0(?::\w+|)\s+(.*)$ ^libavahi-core7-udeb(?::\w+|)\s+(.*)$ ^libavahi-core7(?::\w+|)\s+(.*)$ ^libavahi-client3(?::\w+|)\s+(.*)$ ^libavahi-core-dev(?::\w+|)\s+(.*)$ ^libavahi-client-dev(?::\w+|)\s+(.*)$ ^avahi-ui-utils(?::\w+|)\s+(.*)$ ^libavahi-gobject-dev(?::\w+|)\s+(.*)$ ^avahi-dnsconfd(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd1(?::\w+|)\s+(.*)$ ^libavahi-common3(?::\w+|)\s+(.*)$ ^avahi-daemon(?::\w+|)\s+(.*)$ ^avahi-discover(?::\w+|)\s+(.*)$ ^libavahi-common-dev(?::\w+|)\s+(.*)$ ^libavahi-common-data(?::\w+|)\s+(.*)$ ^avahi-utils(?::\w+|)\s+(.*)$ ^libavahi-common3-udeb(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-dev(?::\w+|)\s+(.*)$ ^libavahi-glib-dev(?::\w+|)\s+(.*)$ ^libavahi-gobject0(?::\w+|)\s+(.*)$ ^gir1.2-avahi-0.6(?::\w+|)\s+(.*)$ ^avahi-autoipd(?::\w+|)\s+(.*)$ ^python-avahi(?::\w+|)\s+(.*)$ ^libavahi-glib1(?::\w+|)\s+(.*)$ ^libslirp0(?::\w+|)\s+(.*)$ ^libslirp-dev(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-docker-containerd-dev(?::\w+|)\s+(.*)$ ^golang-github-containerd-containerd-dev(?::\w+|)\s+(.*)$ ^systemd-tests(?::\w+|)\s+(.*)$ ^systemd-coredump(?::\w+|)\s+(.*)$ ^systemd(?::\w+|)\s+(.*)$ ^udev-udeb(?::\w+|)\s+(.*)$ ^libsystemd0(?::\w+|)\s+(.*)$ ^systemd-container(?::\w+|)\s+(.*)$ ^libnss-myhostname(?::\w+|)\s+(.*)$ ^libudev1-udeb(?::\w+|)\s+(.*)$ ^libudev1(?::\w+|)\s+(.*)$ ^systemd-timesyncd(?::\w+|)\s+(.*)$ ^libsystemd-dev(?::\w+|)\s+(.*)$ ^libnss-systemd(?::\w+|)\s+(.*)$ ^systemd-journal-remote(?::\w+|)\s+(.*)$ ^libpam-systemd(?::\w+|)\s+(.*)$ ^libnss-mymachines(?::\w+|)\s+(.*)$ ^libnss-resolve(?::\w+|)\s+(.*)$ ^systemd-sysv(?::\w+|)\s+(.*)$ ^udev(?::\w+|)\s+(.*)$ ^libudev-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-390(?::\w+|)\s+(.*)$ ^libnvidia-decode-390(?::\w+|)\s+(.*)$ ^nvidia-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-gl-390(?::\w+|)\s+(.*)$ ^libnvidia-compute-390(?::\w+|)\s+(.*)$ ^nvidia-driver-390(?::\w+|)\s+(.*)$ ^nvidia-384-dev(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-390(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-390(?::\w+|)\s+(.*)$ ^nvidia-384(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-390(?::\w+|)\s+(.*)$ ^libnvidia-encode-390(?::\w+|)\s+(.*)$ ^nvidia-opencl-icd-384(?::\w+|)\s+(.*)$ ^nvidia-headless-390(?::\w+|)\s+(.*)$ ^libnvidia-common-390(?::\w+|)\s+(.*)$ ^libcuda1-384(?::\w+|)\s+(.*)$ ^nvidia-libopencl1-384(?::\w+|)\s+(.*)$ ^nvidia-dkms-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-390(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-390(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-418-server(?::\w+|)\s+(.*)$ ^nvidia-headless-418-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-418-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-418-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-418-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-418-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-418-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-418-server(?::\w+|)\s+(.*)$ ^nvidia-driver-418-server(?::\w+|)\s+(.*)$ ^nvidia-utils-418-server(?::\w+|)\s+(.*)$ ^libnvidia-common-418-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-418-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-418-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-418-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-418-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-418-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-418-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-450-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-450-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-common-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-440-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-440-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-440-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-460-server(?::\w+|)\s+(.*)$ ^nvidia-utils-460-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-455(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-455(?::\w+|)\s+(.*)$ ^nvidia-headless-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-460-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-460(?::\w+|)\s+(.*)$ ^libnvidia-common-450(?::\w+|)\s+(.*)$ ^libnvidia-common-455(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-450(?::\w+|)\s+(.*)$ ^libnvidia-gl-455(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-455(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450(?::\w+|)\s+(.*)$ ^nvidia-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-decode-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-450(?::\w+|)\s+(.*)$ ^libnvidia-compute-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450(?::\w+|)\s+(.*)$ ^nvidia-driver-455(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450(?::\w+|)\s+(.*)$ ^libnvidia-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-extra-460(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-455(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-455(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450(?::\w+|)\s+(.*)$ ^libnvidia-decode-450(?::\w+|)\s+(.*)$ ^nvidia-dkms-460-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-455(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450(?::\w+|)\s+(.*)$ ^libnvidia-decode-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-455(?::\w+|)\s+(.*)$ ^nvidia-utils-450(?::\w+|)\s+(.*)$ ^nvidia-utils-455(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-460-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-450(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460(?::\w+|)\s+(.*)$ ^nvidia-dkms-450(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-455(?::\w+|)\s+(.*)$ ^nvidia-headless-450(?::\w+|)\s+(.*)$ ^nvidia-headless-455(?::\w+|)\s+(.*)$ ^libnvidia-compute-450(?::\w+|)\s+(.*)$ ^libnvidia-extra-455(?::\w+|)\s+(.*)$ ^libnvidia-compute-455(?::\w+|)\s+(.*)$ ^libnvidia-extra-450(?::\w+|)\s+(.*)$ ^nvidia-driver-460-server(?::\w+|)\s+(.*)$ ^libnvidia-common-465(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-470(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-470(?::\w+|)\s+(.*)$ ^nvidia-headless-465(?::\w+|)\s+(.*)$ ^libnvidia-gl-470(?::\w+|)\s+(.*)$ ^libnvidia-gl-465(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-470(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-465(?::\w+|)\s+(.*)$ ^nvidia-headless-470(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-465(?::\w+|)\s+(.*)$ ^libnvidia-compute-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-465(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-465(?::\w+|)\s+(.*)$ ^nvidia-utils-465(?::\w+|)\s+(.*)$ ^libnvidia-encode-465(?::\w+|)\s+(.*)$ ^libnvidia-compute-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-470(?::\w+|)\s+(.*)$ ^nvidia-utils-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-465(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-465(?::\w+|)\s+(.*)$ ^libnvidia-encode-470(?::\w+|)\s+(.*)$ ^nvidia-dkms-465(?::\w+|)\s+(.*)$ ^libnvidia-extra-465(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-470(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-470(?::\w+|)\s+(.*)$ ^nvidia-driver-470(?::\w+|)\s+(.*)$ ^nvidia-dkms-470(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-465(?::\w+|)\s+(.*)$ ^libnvidia-extra-470(?::\w+|)\s+(.*)$ ^nvidia-driver-465(?::\w+|)\s+(.*)$ ^libnvidia-decode-465(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-470(?::\w+|)\s+(.*)$ ^libnvidia-common-470(?::\w+|)\s+(.*)$ ^libnvidia-decode-470(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-465(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^libaspell15(?::\w+|)\s+(.*)$ ^aspell-doc(?::\w+|)\s+(.*)$ ^aspell(?::\w+|)\s+(.*)$ ^libpspell-dev(?::\w+|)\s+(.*)$ ^libaspell-dev(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^libsndfile1(?::\w+|)\s+(.*)$ ^libsndfile1-dev(?::\w+|)\s+(.*)$ ^sndfile-programs(?::\w+|)\s+(.*)$ ^libqpdf-dev(?::\w+|)\s+(.*)$ ^qpdf(?::\w+|)\s+(.*)$ ^libqpdf26(?::\w+|)\s+(.*)$ ^php-pear(?::\w+|)\s+(.*)$ ^exiv2(?::\w+|)\s+(.*)$ ^libexiv2-27(?::\w+|)\s+(.*)$ ^libexiv2-doc(?::\w+|)\s+(.*)$ ^libexiv2-dev(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^libdbi-perl(?::\w+|)\s+(.*)$ ^golang-github-docker-docker-dev(?::\w+|)\s+(.*)$ ^docker.io(?::\w+|)\s+(.*)$ ^golang-docker-dev(?::\w+|)\s+(.*)$ ^vim-syntax-docker(?::\w+|)\s+(.*)$ ^docker-doc(?::\w+|)\s+(.*)$ ^libc-ares2(?::\w+|)\s+(.*)$ ^libc-ares-dev(?::\w+|)\s+(.*)$ ^libgps26(?::\w+|)\s+(.*)$ ^libqgpsmm-dev(?::\w+|)\s+(.*)$ ^libgps-dev(?::\w+|)\s+(.*)$ ^gpsd(?::\w+|)\s+(.*)$ ^python3-gps(?::\w+|)\s+(.*)$ ^gpsd-clients(?::\w+|)\s+(.*)$ ^libqgpsmm26(?::\w+|)\s+(.*)$ ^tor(?::\w+|)\s+(.*)$ ^tor-geoipdb(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^exiv2(?::\w+|)\s+(.*)$ ^libexiv2-27(?::\w+|)\s+(.*)$ ^libexiv2-doc(?::\w+|)\s+(.*)$ ^libexiv2-dev(?::\w+|)\s+(.*)$ ^exiv2(?::\w+|)\s+(.*)$ ^libexiv2-27(?::\w+|)\s+(.*)$ ^libexiv2-doc(?::\w+|)\s+(.*)$ ^libexiv2-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^inetutils-tools(?::\w+|)\s+(.*)$ ^inetutils-ftpd(?::\w+|)\s+(.*)$ ^inetutils-talkd(?::\w+|)\s+(.*)$ ^inetutils-traceroute(?::\w+|)\s+(.*)$ ^inetutils-talk(?::\w+|)\s+(.*)$ ^inetutils-telnetd(?::\w+|)\s+(.*)$ ^inetutils-inetd(?::\w+|)\s+(.*)$ ^inetutils-ping(?::\w+|)\s+(.*)$ ^inetutils-syslogd(?::\w+|)\s+(.*)$ ^inetutils-ftp(?::\w+|)\s+(.*)$ ^inetutils-telnet(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^mongodb-server(?::\w+|)\s+(.*)$ ^mongodb(?::\w+|)\s+(.*)$ ^mongodb-clients(?::\w+|)\s+(.*)$ ^mongodb-server-core(?::\w+|)\s+(.*)$ ^libssh-gcrypt-dev(?::\w+|)\s+(.*)$ ^libssh-doc(?::\w+|)\s+(.*)$ ^libssh-gcrypt-4(?::\w+|)\s+(.*)$ ^libssh-dev(?::\w+|)\s+(.*)$ ^libssh-4(?::\w+|)\s+(.*)$ ^gir1.2-grilo-0.3(?::\w+|)\s+(.*)$ ^libgrilo-0.3-bin(?::\w+|)\s+(.*)$ ^libgrilo-0.3-0(?::\w+|)\s+(.*)$ ^libgrilo-0.3-dev(?::\w+|)\s+(.*)$ ^libgrilo-0.3-doc(?::\w+|)\s+(.*)$ ^squashfs-tools(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^ntfs-3g(?::\w+|)\s+(.*)$ ^libntfs-3g883(?::\w+|)\s+(.*)$ ^ntfs-3g-dev(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^cpio(?::\w+|)\s+(.*)$ ^cpio-win32(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^python-pysaml2-doc(?::\w+|)\s+(.*)$ ^python3-pysaml2(?::\w+|)\s+(.*)$ ^libsss-certmap-dev(?::\w+|)\s+(.*)$ ^libipa-hbac-dev(?::\w+|)\s+(.*)$ ^sssd-ad(?::\w+|)\s+(.*)$ ^libsss-sudo(?::\w+|)\s+(.*)$ ^libsss-nss-idmap0(?::\w+|)\s+(.*)$ ^libnss-sss(?::\w+|)\s+(.*)$ ^sssd-ipa(?::\w+|)\s+(.*)$ ^libsss-simpleifp0(?::\w+|)\s+(.*)$ ^libsss-idmap-dev(?::\w+|)\s+(.*)$ ^python3-libsss-nss-idmap(?::\w+|)\s+(.*)$ ^libsss-certmap0(?::\w+|)\s+(.*)$ ^python3-sss(?::\w+|)\s+(.*)$ ^libpam-sss(?::\w+|)\s+(.*)$ ^sssd(?::\w+|)\s+(.*)$ ^libsss-idmap0(?::\w+|)\s+(.*)$ ^sssd-ldap(?::\w+|)\s+(.*)$ ^libsss-nss-idmap-dev(?::\w+|)\s+(.*)$ ^libsss-simpleifp-dev(?::\w+|)\s+(.*)$ ^sssd-kcm(?::\w+|)\s+(.*)$ ^libwbclient-sssd(?::\w+|)\s+(.*)$ ^libwbclient-sssd-dev(?::\w+|)\s+(.*)$ ^sssd-common(?::\w+|)\s+(.*)$ ^python3-libipa-hbac(?::\w+|)\s+(.*)$ ^libipa-hbac0(?::\w+|)\s+(.*)$ ^sssd-tools(?::\w+|)\s+(.*)$ ^sssd-ad-common(?::\w+|)\s+(.*)$ ^sssd-krb5-common(?::\w+|)\s+(.*)$ ^sssd-dbus(?::\w+|)\s+(.*)$ ^sssd-krb5(?::\w+|)\s+(.*)$ ^sssd-proxy(?::\w+|)\s+(.*)$ ^libgd3(?::\w+|)\s+(.*)$ ^libgd-tools(?::\w+|)\s+(.*)$ ^libgd-dev(?::\w+|)\s+(.*)$ ^libapache2-mod-auth-mellon(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^squashfs-tools(?::\w+|)\s+(.*)$ ^squashfs-tools(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libgcrypt20(?::\w+|)\s+(.*)$ ^libgcrypt-mingw-w64-dev(?::\w+|)\s+(.*)$ ^libgcrypt20-doc(?::\w+|)\s+(.*)$ ^libgcrypt20-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^qemu-efi-arm(?::\w+|)\s+(.*)$ ^qemu-efi(?::\w+|)\s+(.*)$ ^qemu-efi-aarch64(?::\w+|)\s+(.*)$ ^ovmf(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^libcommons-io-java-doc(?::\w+|)\s+(.*)$ ^libcommons-io-java(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^ledgersmb(?::\w+|)\s+(.*)$ ^libimlib2-dev(?::\w+|)\s+(.*)$ ^libimlib2(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-docker-containerd-dev(?::\w+|)\s+(.*)$ ^golang-github-containerd-containerd-dev(?::\w+|)\s+(.*)$ ^mongodb-server(?::\w+|)\s+(.*)$ ^mongodb(?::\w+|)\s+(.*)$ ^mongodb-clients(?::\w+|)\s+(.*)$ ^mongodb-server-core(?::\w+|)\s+(.*)$ ^golang-github-docker-docker-dev(?::\w+|)\s+(.*)$ ^docker.io(?::\w+|)\s+(.*)$ ^golang-docker-dev(?::\w+|)\s+(.*)$ ^vim-syntax-docker(?::\w+|)\s+(.*)$ ^docker-doc(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^python3-bottle(?::\w+|)\s+(.*)$ ^python-bottle-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libntlm0(?::\w+|)\s+(.*)$ ^libntlm0-dev(?::\w+|)\s+(.*)$ ^ardour-video-timeline(?::\w+|)\s+(.*)$ ^ardour(?::\w+|)\s+(.*)$ ^ardour-data(?::\w+|)\s+(.*)$ ^strongswan-nm(?::\w+|)\s+(.*)$ ^strongswan-scepclient(?::\w+|)\s+(.*)$ ^libcharon-extra-plugins(?::\w+|)\s+(.*)$ ^libcharon-standard-plugins(?::\w+|)\s+(.*)$ ^libstrongswan-extra-plugins(?::\w+|)\s+(.*)$ ^strongswan-charon(?::\w+|)\s+(.*)$ ^libstrongswan(?::\w+|)\s+(.*)$ ^strongswan-swanctl(?::\w+|)\s+(.*)$ ^libstrongswan-standard-plugins(?::\w+|)\s+(.*)$ ^strongswan-starter(?::\w+|)\s+(.*)$ ^libcharon-extauth-plugins(?::\w+|)\s+(.*)$ ^charon-systemd(?::\w+|)\s+(.*)$ ^strongswan(?::\w+|)\s+(.*)$ ^strongswan-tnc-server(?::\w+|)\s+(.*)$ ^strongswan-tnc-client(?::\w+|)\s+(.*)$ ^strongswan-tnc-base(?::\w+|)\s+(.*)$ ^charon-cmd(?::\w+|)\s+(.*)$ ^strongswan-libcharon(?::\w+|)\s+(.*)$ ^strongswan-pki(?::\w+|)\s+(.*)$ ^strongswan-tnc-ifmap(?::\w+|)\s+(.*)$ ^strongswan-tnc-pdp(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-azure|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^caca-utils(?::\w+|)\s+(.*)$ ^libcaca-dev(?::\w+|)\s+(.*)$ ^libcaca0(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^mailman(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^golang-github-docker-docker-dev(?::\w+|)\s+(.*)$ ^docker.io(?::\w+|)\s+(.*)$ ^golang-docker-dev(?::\w+|)\s+(.*)$ ^vim-syntax-docker(?::\w+|)\s+(.*)$ ^docker-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-azure|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^pypy-py(?::\w+|)\s+(.*)$ ^python3-py(?::\w+|)\s+(.*)$ ^python-py(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^firejail(?::\w+|)\s+(.*)$ ^firejail-profiles(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^libhivex-bin(?::\w+|)\s+(.*)$ ^libhivex-ocaml-dev(?::\w+|)\s+(.*)$ ^libhivex-dev(?::\w+|)\s+(.*)$ ^libhivex0(?::\w+|)\s+(.*)$ ^python3-hivex(?::\w+|)\s+(.*)$ ^libwin-hivex-perl(?::\w+|)\s+(.*)$ ^libhivex-ocaml(?::\w+|)\s+(.*)$ ^ruby-hivex(?::\w+|)\s+(.*)$ ^accountsservice(?::\w+|)\s+(.*)$ ^gir1.2-accountsservice-1.0(?::\w+|)\s+(.*)$ ^libaccountsservice-doc(?::\w+|)\s+(.*)$ ^libaccountsservice-dev(?::\w+|)\s+(.*)$ ^libaccountsservice0(?::\w+|)\s+(.*)$ ^mailman(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^libbluetooth3(?::\w+|)\s+(.*)$ ^bluez-tests(?::\w+|)\s+(.*)$ ^bluez-obexd(?::\w+|)\s+(.*)$ ^bluetooth(?::\w+|)\s+(.*)$ ^bluez(?::\w+|)\s+(.*)$ ^bluez-hcidump(?::\w+|)\s+(.*)$ ^bluez-cups(?::\w+|)\s+(.*)$ ^libbluetooth-dev(?::\w+|)\s+(.*)$ ^icu-devtools(?::\w+|)\s+(.*)$ ^libicu66(?::\w+|)\s+(.*)$ ^libicu-dev(?::\w+|)\s+(.*)$ ^icu-doc(?::\w+|)\s+(.*)$ ^python3-django-postorius(?::\w+|)\s+(.*)$ ^mc-data(?::\w+|)\s+(.*)$ ^mc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws|-azure|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^oddjob(?::\w+|)\s+(.*)$ ^oddjob-mkhomedir(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^ntp(?::\w+|)\s+(.*)$ ^sntp(?::\w+|)\s+(.*)$ ^ntp-doc(?::\w+|)\s+(.*)$ ^ntpdate(?::\w+|)\s+(.*)$ ^inetutils-tools(?::\w+|)\s+(.*)$ ^inetutils-ftpd(?::\w+|)\s+(.*)$ ^inetutils-talkd(?::\w+|)\s+(.*)$ ^inetutils-traceroute(?::\w+|)\s+(.*)$ ^inetutils-talk(?::\w+|)\s+(.*)$ ^inetutils-telnetd(?::\w+|)\s+(.*)$ ^inetutils-inetd(?::\w+|)\s+(.*)$ ^inetutils-ping(?::\w+|)\s+(.*)$ ^inetutils-syslogd(?::\w+|)\s+(.*)$ ^inetutils-ftp(?::\w+|)\s+(.*)$ ^inetutils-telnet(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^busybox(?::\w+|)\s+(.*)$ ^busybox-syslogd(?::\w+|)\s+(.*)$ ^udhcpd(?::\w+|)\s+(.*)$ ^busybox-initramfs(?::\w+|)\s+(.*)$ ^udhcpc(?::\w+|)\s+(.*)$ ^busybox-static(?::\w+|)\s+(.*)$ ^node-jquery-ui(?::\w+|)\s+(.*)$ ^libjs-jquery-ui(?::\w+|)\s+(.*)$ ^libjs-jquery-ui-docs(?::\w+|)\s+(.*)$ ^roundcube-pgsql(?::\w+|)\s+(.*)$ ^roundcube-mysql(?::\w+|)\s+(.*)$ ^roundcube-plugins(?::\w+|)\s+(.*)$ ^roundcube(?::\w+|)\s+(.*)$ ^roundcube-core(?::\w+|)\s+(.*)$ ^roundcube-sqlite3(?::\w+|)\s+(.*)$ ^libmysofa-utils(?::\w+|)\s+(.*)$ ^libmysofa-dev(?::\w+|)\s+(.*)$ ^libmysofa1(?::\w+|)\s+(.*)$ ^libmatio-doc(?::\w+|)\s+(.*)$ ^libmatio9(?::\w+|)\s+(.*)$ ^libmatio-dev(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^glances(?::\w+|)\s+(.*)$ ^glances-doc(?::\w+|)\s+(.*)$ ^keepalived(?::\w+|)\s+(.*)$ ^libgraphics-magick-perl(?::\w+|)\s+(.*)$ ^libgraphicsmagick-q16-3(?::\w+|)\s+(.*)$ ^libgraphicsmagick1-dev(?::\w+|)\s+(.*)$ ^graphicsmagick(?::\w+|)\s+(.*)$ ^graphicsmagick-imagemagick-compat(?::\w+|)\s+(.*)$ ^graphicsmagick-libmagick-dev-compat(?::\w+|)\s+(.*)$ ^libgraphicsmagick++1-dev(?::\w+|)\s+(.*)$ ^libgraphicsmagick++-q16-12(?::\w+|)\s+(.*)$ ^libflatpak0(?::\w+|)\s+(.*)$ ^libflatpak-dev(?::\w+|)\s+(.*)$ ^gir1.2-flatpak-1.0(?::\w+|)\s+(.*)$ ^libflatpak-doc(?::\w+|)\s+(.*)$ ^flatpak(?::\w+|)\s+(.*)$ ^flatpak-tests(?::\w+|)\s+(.*)$ ^liblog4j2-java(?::\w+|)\s+(.*)$ ^liblog4j2-java-doc(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^libolm-dev(?::\w+|)\s+(.*)$ ^python3-olm(?::\w+|)\s+(.*)$ ^libolm3(?::\w+|)\s+(.*)$ ^mumble(?::\w+|)\s+(.*)$ ^mumble-server(?::\w+|)\s+(.*)$ ^liblog4j2-java(?::\w+|)\s+(.*)$ ^liblog4j2-java-doc(?::\w+|)\s+(.*)$ ^htmldoc(?::\w+|)\s+(.*)$ ^htmldoc-common(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^python3.9-venv(?::\w+|)\s+(.*)$ ^python3.9-doc(?::\w+|)\s+(.*)$ ^idle-python3.9(?::\w+|)\s+(.*)$ ^python3.9-minimal(?::\w+|)\s+(.*)$ ^python3.9-full(?::\w+|)\s+(.*)$ ^libpython3.9-dev(?::\w+|)\s+(.*)$ ^python3.9(?::\w+|)\s+(.*)$ ^libpython3.9-testsuite(?::\w+|)\s+(.*)$ ^python3.9-dev(?::\w+|)\s+(.*)$ ^libpython3.9-minimal(?::\w+|)\s+(.*)$ ^python3.9-examples(?::\w+|)\s+(.*)$ ^libpython3.9(?::\w+|)\s+(.*)$ ^libpython3.9-stdlib(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^liblog4j2-java(?::\w+|)\s+(.*)$ ^liblog4j2-java-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^tcpreplay(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws|-azure|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^cacti(?::\w+|)\s+(.*)$ ^python3-nltk(?::\w+|)\s+(.*)$ ^node-hosted-git-info(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws|-azure|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^composer(?::\w+|)\s+(.*)$ ^redis-sentinel(?::\w+|)\s+(.*)$ ^redis-server(?::\w+|)\s+(.*)$ ^redis(?::\w+|)\s+(.*)$ ^redis-tools(?::\w+|)\s+(.*)$ ^liblog4j2-java(?::\w+|)\s+(.*)$ ^liblog4j2-java-doc(?::\w+|)\s+(.*)$ ^liblog4j1.2-java-doc(?::\w+|)\s+(.*)$ ^liblog4j1.2-java(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^python3-lxml(?::\w+|)\s+(.*)$ ^python-lxml(?::\w+|)\s+(.*)$ ^python-lxml-doc(?::\w+|)\s+(.*)$ ^systemd-tests(?::\w+|)\s+(.*)$ ^systemd-coredump(?::\w+|)\s+(.*)$ ^systemd(?::\w+|)\s+(.*)$ ^libsystemd0(?::\w+|)\s+(.*)$ ^systemd-container(?::\w+|)\s+(.*)$ ^libnss-myhostname(?::\w+|)\s+(.*)$ ^libudev1(?::\w+|)\s+(.*)$ ^systemd-timesyncd(?::\w+|)\s+(.*)$ ^libsystemd-dev(?::\w+|)\s+(.*)$ ^libnss-systemd(?::\w+|)\s+(.*)$ ^systemd-journal-remote(?::\w+|)\s+(.*)$ ^libpam-systemd(?::\w+|)\s+(.*)$ ^libnss-mymachines(?::\w+|)\s+(.*)$ ^libnss-resolve(?::\w+|)\s+(.*)$ ^systemd-sysv(?::\w+|)\s+(.*)$ ^udev(?::\w+|)\s+(.*)$ ^libudev-dev(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^cpanminus(?::\w+|)\s+(.*)$ ^389-ds-base(?::\w+|)\s+(.*)$ ^cockpit-389-ds(?::\w+|)\s+(.*)$ ^389-ds-base-libs(?::\w+|)\s+(.*)$ ^python3-lib389(?::\w+|)\s+(.*)$ ^389-ds-base-dev(?::\w+|)\s+(.*)$ ^389-ds(?::\w+|)\s+(.*)$ ^fail2ban(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libmediainfo-dev(?::\w+|)\s+(.*)$ ^python3-mediainfodll(?::\w+|)\s+(.*)$ ^libmediainfo0v5(?::\w+|)\s+(.*)$ ^libmediainfo-doc(?::\w+|)\s+(.*)$ ^libpostgresql-jdbc-java(?::\w+|)\s+(.*)$ ^libpostgresql-jdbc-java-doc(?::\w+|)\s+(.*)$ ^libhttpmime-java(?::\w+|)\s+(.*)$ ^libhttpclient-java(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws|-azure|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^aide-dynamic(?::\w+|)\s+(.*)$ ^aide-common(?::\w+|)\s+(.*)$ ^aide-xen(?::\w+|)\s+(.*)$ ^aide(?::\w+|)\s+(.*)$ ^dbus-1-doc(?::\w+|)\s+(.*)$ ^dbus(?::\w+|)\s+(.*)$ ^libdbus-1-dev(?::\w+|)\s+(.*)$ ^dbus-user-session(?::\w+|)\s+(.*)$ ^dbus-x11(?::\w+|)\s+(.*)$ ^dbus-tests(?::\w+|)\s+(.*)$ ^libdbus-1-3(?::\w+|)\s+(.*)$ ^maven(?::\w+|)\s+(.*)$ ^libmaven3-core-java(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^usbview(?::\w+|)\s+(.*)$ ^strongswan-nm(?::\w+|)\s+(.*)$ ^strongswan-scepclient(?::\w+|)\s+(.*)$ ^libcharon-extra-plugins(?::\w+|)\s+(.*)$ ^libcharon-standard-plugins(?::\w+|)\s+(.*)$ ^libstrongswan-extra-plugins(?::\w+|)\s+(.*)$ ^strongswan-charon(?::\w+|)\s+(.*)$ ^libstrongswan(?::\w+|)\s+(.*)$ ^strongswan-swanctl(?::\w+|)\s+(.*)$ ^libstrongswan-standard-plugins(?::\w+|)\s+(.*)$ ^strongswan-starter(?::\w+|)\s+(.*)$ ^libcharon-extauth-plugins(?::\w+|)\s+(.*)$ ^charon-systemd(?::\w+|)\s+(.*)$ ^strongswan(?::\w+|)\s+(.*)$ ^strongswan-tnc-server(?::\w+|)\s+(.*)$ ^strongswan-tnc-client(?::\w+|)\s+(.*)$ ^strongswan-tnc-base(?::\w+|)\s+(.*)$ ^charon-cmd(?::\w+|)\s+(.*)$ ^strongswan-libcharon(?::\w+|)\s+(.*)$ ^strongswan-pki(?::\w+|)\s+(.*)$ ^strongswan-tnc-ifmap(?::\w+|)\s+(.*)$ ^strongswan-tnc-pdp(?::\w+|)\s+(.*)$ ^libgegl-dev(?::\w+|)\s+(.*)$ ^gir1.2-gegl-0.4(?::\w+|)\s+(.*)$ ^gegl(?::\w+|)\s+(.*)$ ^libgegl-doc(?::\w+|)\s+(.*)$ ^libgegl-common(?::\w+|)\s+(.*)$ ^libgegl-0.4-0(?::\w+|)\s+(.*)$ ^policykit-1-doc(?::\w+|)\s+(.*)$ ^libpolkit-gobject-1-dev(?::\w+|)\s+(.*)$ ^libpolkit-agent-1-0(?::\w+|)\s+(.*)$ ^libpolkit-agent-1-dev(?::\w+|)\s+(.*)$ ^policykit-1(?::\w+|)\s+(.*)$ ^gir1.2-polkit-1.0(?::\w+|)\s+(.*)$ ^libpolkit-gobject-1-0(?::\w+|)\s+(.*)$ ^ruby-rack(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^liburiparser-doc(?::\w+|)\s+(.*)$ ^liburiparser-dev(?::\w+|)\s+(.*)$ ^liburiparser1(?::\w+|)\s+(.*)$ ^libldns-dev(?::\w+|)\s+(.*)$ ^libldns2(?::\w+|)\s+(.*)$ ^python3-ldns(?::\w+|)\s+(.*)$ ^ldnsutils(?::\w+|)\s+(.*)$ ^python-ldns(?::\w+|)\s+(.*)$ ^weechat-python(?::\w+|)\s+(.*)$ ^weechat-dev(?::\w+|)\s+(.*)$ ^weechat-plugins(?::\w+|)\s+(.*)$ ^weechat-guile(?::\w+|)\s+(.*)$ ^weechat-core(?::\w+|)\s+(.*)$ ^weechat-tcl(?::\w+|)\s+(.*)$ ^weechat-ruby(?::\w+|)\s+(.*)$ ^weechat-curses(?::\w+|)\s+(.*)$ ^weechat-doc(?::\w+|)\s+(.*)$ ^weechat-php(?::\w+|)\s+(.*)$ ^weechat-perl(?::\w+|)\s+(.*)$ ^weechat(?::\w+|)\s+(.*)$ ^weechat-lua(?::\w+|)\s+(.*)$ ^weechat-headless(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^adminer(?::\w+|)\s+(.*)$ ^libhdf5-103(?::\w+|)\s+(.*)$ ^libhdf5-doc(?::\w+|)\s+(.*)$ ^hdf5-helpers(?::\w+|)\s+(.*)$ ^libhdf5-cpp-103(?::\w+|)\s+(.*)$ ^libhdf5-jni(?::\w+|)\s+(.*)$ ^libhdf5-dev(?::\w+|)\s+(.*)$ ^libhdf5-mpich-103(?::\w+|)\s+(.*)$ ^libhdf5-openmpi-dev(?::\w+|)\s+(.*)$ ^libhdf5-mpich-dev(?::\w+|)\s+(.*)$ ^libhdf5-openmpi-103(?::\w+|)\s+(.*)$ ^libhdf5-java(?::\w+|)\s+(.*)$ ^libhdf5-mpi-dev(?::\w+|)\s+(.*)$ ^hdf5-tools(?::\w+|)\s+(.*)$ ^debugedit(?::\w+|)\s+(.*)$ ^rpm-i18n(?::\w+|)\s+(.*)$ ^python-rpm(?::\w+|)\s+(.*)$ ^rpm-common(?::\w+|)\s+(.*)$ ^rpm(?::\w+|)\s+(.*)$ ^librpm-dev(?::\w+|)\s+(.*)$ ^rpm2cpio(?::\w+|)\s+(.*)$ ^librpmio8(?::\w+|)\s+(.*)$ ^python3-rpm(?::\w+|)\s+(.*)$ ^librpm8(?::\w+|)\s+(.*)$ ^librpmsign8(?::\w+|)\s+(.*)$ ^librpmbuild8(?::\w+|)\s+(.*)$ ^libsdl2-dev(?::\w+|)\s+(.*)$ ^libsdl2-doc(?::\w+|)\s+(.*)$ ^libsdl2-2.0-0(?::\w+|)\s+(.*)$ ^libbluetooth3(?::\w+|)\s+(.*)$ ^bluez-tests(?::\w+|)\s+(.*)$ ^bluez-obexd(?::\w+|)\s+(.*)$ ^bluetooth(?::\w+|)\s+(.*)$ ^bluez(?::\w+|)\s+(.*)$ ^bluez-hcidump(?::\w+|)\s+(.*)$ ^bluez-cups(?::\w+|)\s+(.*)$ ^libbluetooth-dev(?::\w+|)\s+(.*)$ ^libnvidia-compute-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-450-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-450-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-common-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-440-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-440-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-440-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-440-server(?::\w+|)\s+(.*)$ ^libnvidia-common-465(?::\w+|)\s+(.*)$ ^nvidia-driver-470-server(?::\w+|)\s+(.*)$ ^libnvidia-common-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-460-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-470-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-470(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-470-server(?::\w+|)\s+(.*)$ ^nvidia-utils-460-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-470(?::\w+|)\s+(.*)$ ^nvidia-headless-465(?::\w+|)\s+(.*)$ ^nvidia-headless-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-470(?::\w+|)\s+(.*)$ ^libnvidia-compute-460-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-470-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-465(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-470(?::\w+|)\s+(.*)$ ^nvidia-utils-470-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-465(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460(?::\w+|)\s+(.*)$ ^nvidia-headless-470(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-compute-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-465(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-465(?::\w+|)\s+(.*)$ ^nvidia-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-465(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-470-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-460-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-460(?::\w+|)\s+(.*)$ ^libnvidia-compute-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-470(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-470(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460-server(?::\w+|)\s+(.*)$ ^nvidia-utils-470(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-470-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-470-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-470-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-465(?::\w+|)\s+(.*)$ ^libnvidia-encode-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-470-server(?::\w+|)\s+(.*)$ ^libnvidia-common-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-465(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-470-server(?::\w+|)\s+(.*)$ ^libnvidia-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-470-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-470(?::\w+|)\s+(.*)$ ^nvidia-dkms-465(?::\w+|)\s+(.*)$ ^libnvidia-extra-465(?::\w+|)\s+(.*)$ ^libnvidia-extra-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-470(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-470(?::\w+|)\s+(.*)$ ^nvidia-dkms-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-470(?::\w+|)\s+(.*)$ ^libnvidia-extra-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-470(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-465(?::\w+|)\s+(.*)$ ^libnvidia-compute-470-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-470(?::\w+|)\s+(.*)$ ^nvidia-utils-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-460(?::\w+|)\s+(.*)$ ^libnvidia-decode-465(?::\w+|)\s+(.*)$ ^nvidia-driver-465(?::\w+|)\s+(.*)$ ^libnvidia-decode-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-470(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-470-server(?::\w+|)\s+(.*)$ ^libnvidia-common-470(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-470(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-465(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-470-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-510(?::\w+|)\s+(.*)$ ^libnvidia-common-510(?::\w+|)\s+(.*)$ ^nvidia-utils-495(?::\w+|)\s+(.*)$ ^libnvidia-decode-495(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-495(?::\w+|)\s+(.*)$ ^libnvidia-compute-495(?::\w+|)\s+(.*)$ ^nvidia-headless-495(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-510(?::\w+|)\s+(.*)$ ^nvidia-dkms-495(?::\w+|)\s+(.*)$ ^libnvidia-encode-510(?::\w+|)\s+(.*)$ ^libnvidia-extra-495(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-495(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-495(?::\w+|)\s+(.*)$ ^nvidia-driver-510(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-510(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-510(?::\w+|)\s+(.*)$ ^nvidia-utils-510(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-510(?::\w+|)\s+(.*)$ ^libnvidia-decode-510(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-495(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-510(?::\w+|)\s+(.*)$ ^libnvidia-gl-495(?::\w+|)\s+(.*)$ ^libnvidia-gl-510(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-510(?::\w+|)\s+(.*)$ ^libnvidia-common-495(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-495(?::\w+|)\s+(.*)$ ^libnvidia-encode-495(?::\w+|)\s+(.*)$ ^libnvidia-compute-510(?::\w+|)\s+(.*)$ ^nvidia-dkms-510(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-495(?::\w+|)\s+(.*)$ ^libnvidia-extra-510(?::\w+|)\s+(.*)$ ^nvidia-driver-495(?::\w+|)\s+(.*)$ ^nvidia-headless-510(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-495(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^bsdutils(?::\w+|)\s+(.*)$ ^libfdisk-dev(?::\w+|)\s+(.*)$ ^libblkid1(?::\w+|)\s+(.*)$ ^libmount-dev(?::\w+|)\s+(.*)$ ^rfkill(?::\w+|)\s+(.*)$ ^mount(?::\w+|)\s+(.*)$ ^libsmartcols1(?::\w+|)\s+(.*)$ ^util-linux-locales(?::\w+|)\s+(.*)$ ^libfdisk1(?::\w+|)\s+(.*)$ ^libmount1(?::\w+|)\s+(.*)$ ^libsmartcols-dev(?::\w+|)\s+(.*)$ ^uuid-dev(?::\w+|)\s+(.*)$ ^libblkid-dev(?::\w+|)\s+(.*)$ ^fdisk(?::\w+|)\s+(.*)$ ^uuid-runtime(?::\w+|)\s+(.*)$ ^util-linux(?::\w+|)\s+(.*)$ ^libuuid1(?::\w+|)\s+(.*)$ ^speex(?::\w+|)\s+(.*)$ ^libspeexdsp-dev(?::\w+|)\s+(.*)$ ^libspeex-dev(?::\w+|)\s+(.*)$ ^libspeexdsp1(?::\w+|)\s+(.*)$ ^speex-doc(?::\w+|)\s+(.*)$ ^libspeex1(?::\w+|)\s+(.*)$ ^opensc-pkcs11(?::\w+|)\s+(.*)$ ^opensc(?::\w+|)\s+(.*)$ ^pdfresurrect(?::\w+|)\s+(.*)$ ^node-tar(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^cryptsetup(?::\w+|)\s+(.*)$ ^cryptsetup-run(?::\w+|)\s+(.*)$ ^libcryptsetup12(?::\w+|)\s+(.*)$ ^libcryptsetup-dev(?::\w+|)\s+(.*)$ ^cryptsetup-bin(?::\w+|)\s+(.*)$ ^cryptsetup-initramfs(?::\w+|)\s+(.*)$ ^expat(?::\w+|)\s+(.*)$ ^libexpat1-dev(?::\w+|)\s+(.*)$ ^libexpat1(?::\w+|)\s+(.*)$ ^php-symfony-framework-bundle(?::\w+|)\s+(.*)$ ^php-symfony-security-core(?::\w+|)\s+(.*)$ ^php-symfony-ldap(?::\w+|)\s+(.*)$ ^php-symfony-browser-kit(?::\w+|)\s+(.*)$ ^php-symfony-filesystem(?::\w+|)\s+(.*)$ ^php-symfony-twig-bundle(?::\w+|)\s+(.*)$ ^php-symfony-mailchimp-mailer(?::\w+|)\s+(.*)$ ^php-symfony-web-profiler-bundle(?::\w+|)\s+(.*)$ ^php-symfony-asset(?::\w+|)\s+(.*)$ ^php-symfony-var-exporter(?::\w+|)\s+(.*)$ ^php-symfony-sendgrid-mailer(?::\w+|)\s+(.*)$ ^php-symfony-security-http(?::\w+|)\s+(.*)$ ^php-symfony-phpunit-bridge(?::\w+|)\s+(.*)$ ^php-symfony-http-client(?::\w+|)\s+(.*)$ ^php-symfony-web-server-bundle(?::\w+|)\s+(.*)$ ^php-symfony-http-kernel(?::\w+|)\s+(.*)$ ^php-symfony-templating(?::\w+|)\s+(.*)$ ^php-symfony-property-access(?::\w+|)\s+(.*)$ ^php-symfony-amazon-mailer(?::\w+|)\s+(.*)$ ^php-symfony-doctrine-bridge(?::\w+|)\s+(.*)$ ^php-symfony-intl(?::\w+|)\s+(.*)$ ^php-symfony-twig-bridge(?::\w+|)\s+(.*)$ ^php-symfony-security-guard(?::\w+|)\s+(.*)$ ^php-symfony-mailer(?::\w+|)\s+(.*)$ ^php-symfony-postmark-mailer(?::\w+|)\s+(.*)$ ^php-symfony-serializer(?::\w+|)\s+(.*)$ ^php-symfony-dependency-injection(?::\w+|)\s+(.*)$ ^php-symfony-yaml(?::\w+|)\s+(.*)$ ^php-symfony-debug-bundle(?::\w+|)\s+(.*)$ ^php-symfony-css-selector(?::\w+|)\s+(.*)$ ^php-symfony-expression-language(?::\w+|)\s+(.*)$ ^php-symfony-process(?::\w+|)\s+(.*)$ ^php-symfony-var-dumper(?::\w+|)\s+(.*)$ ^php-symfony-property-info(?::\w+|)\s+(.*)$ ^php-symfony-routing(?::\w+|)\s+(.*)$ ^php-symfony-security-bundle(?::\w+|)\s+(.*)$ ^php-symfony-finder(?::\w+|)\s+(.*)$ ^php-symfony-google-mailer(?::\w+|)\s+(.*)$ ^php-symfony-lock(?::\w+|)\s+(.*)$ ^php-symfony-validator(?::\w+|)\s+(.*)$ ^php-symfony-debug(?::\w+|)\s+(.*)$ ^php-symfony-inflector(?::\w+|)\s+(.*)$ ^php-symfony-cache(?::\w+|)\s+(.*)$ ^php-symfony-monolog-bridge(?::\w+|)\s+(.*)$ ^php-symfony(?::\w+|)\s+(.*)$ ^php-symfony-mime(?::\w+|)\s+(.*)$ ^php-symfony-workflow(?::\w+|)\s+(.*)$ ^php-symfony-form(?::\w+|)\s+(.*)$ ^php-symfony-proxy-manager-bridge(?::\w+|)\s+(.*)$ ^php-symfony-http-foundation(?::\w+|)\s+(.*)$ ^php-symfony-event-dispatcher(?::\w+|)\s+(.*)$ ^php-symfony-options-resolver(?::\w+|)\s+(.*)$ ^php-symfony-dotenv(?::\w+|)\s+(.*)$ ^php-symfony-web-link(?::\w+|)\s+(.*)$ ^php-symfony-messenger(?::\w+|)\s+(.*)$ ^php-symfony-mailgun-mailer(?::\w+|)\s+(.*)$ ^php-symfony-translation(?::\w+|)\s+(.*)$ ^php-symfony-dom-crawler(?::\w+|)\s+(.*)$ ^php-symfony-security(?::\w+|)\s+(.*)$ ^php-symfony-console(?::\w+|)\s+(.*)$ ^php-symfony-stopwatch(?::\w+|)\s+(.*)$ ^php-symfony-config(?::\w+|)\s+(.*)$ ^php-symfony-security-csrf(?::\w+|)\s+(.*)$ ^libarchive-dev(?::\w+|)\s+(.*)$ ^libarchive-tools(?::\w+|)\s+(.*)$ ^libarchive13(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^libc3p0-java-doc(?::\w+|)\s+(.*)$ ^libc3p0-java(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^libsasl2-2(?::\w+|)\s+(.*)$ ^libsasl2-modules-gssapi-heimdal(?::\w+|)\s+(.*)$ ^sasl2-bin(?::\w+|)\s+(.*)$ ^libsasl2-modules-db(?::\w+|)\s+(.*)$ ^libsasl2-modules-gssapi-mit(?::\w+|)\s+(.*)$ ^libsasl2-dev(?::\w+|)\s+(.*)$ ^libsasl2-modules-sql(?::\w+|)\s+(.*)$ ^libsasl2-modules(?::\w+|)\s+(.*)$ ^libsasl2-modules-otp(?::\w+|)\s+(.*)$ ^libsasl2-modules-ldap(?::\w+|)\s+(.*)$ ^cyrus-sasl2-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^policykit-1-doc(?::\w+|)\s+(.*)$ ^libpolkit-gobject-1-dev(?::\w+|)\s+(.*)$ ^libpolkit-agent-1-0(?::\w+|)\s+(.*)$ ^libpolkit-agent-1-dev(?::\w+|)\s+(.*)$ ^policykit-1(?::\w+|)\s+(.*)$ ^gir1.2-polkit-1.0(?::\w+|)\s+(.*)$ ^libpolkit-gobject-1-0(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^libvirglrenderer1(?::\w+|)\s+(.*)$ ^virgl-server(?::\w+|)\s+(.*)$ ^libvirglrenderer-dev(?::\w+|)\s+(.*)$ ^libc6-i386(?::\w+|)\s+(.*)$ ^nscd(?::\w+|)\s+(.*)$ ^libc6-dev-s390(?::\w+|)\s+(.*)$ ^glibc-source(?::\w+|)\s+(.*)$ ^libc-bin(?::\w+|)\s+(.*)$ ^libc6-x32(?::\w+|)\s+(.*)$ ^libc6-s390(?::\w+|)\s+(.*)$ ^libc6-armel(?::\w+|)\s+(.*)$ ^libc6-pic(?::\w+|)\s+(.*)$ ^libc6-dev-armel(?::\w+|)\s+(.*)$ ^glibc-doc(?::\w+|)\s+(.*)$ ^libc6-dev(?::\w+|)\s+(.*)$ ^libc6-amd64(?::\w+|)\s+(.*)$ ^libc6-dev-amd64(?::\w+|)\s+(.*)$ ^libc6(?::\w+|)\s+(.*)$ ^locales-all(?::\w+|)\s+(.*)$ ^libc6-dev-x32(?::\w+|)\s+(.*)$ ^locales(?::\w+|)\s+(.*)$ ^libc6-lse(?::\w+|)\s+(.*)$ ^libc6-dev-i386(?::\w+|)\s+(.*)$ ^libc-dev-bin(?::\w+|)\s+(.*)$ ^libc6-prof(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-containerd-containerd-dev(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-containerd-containerd-dev(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^ansible(?::\w+|)\s+(.*)$ ^ansible-doc(?::\w+|)\s+(.*)$ ^redis(?::\w+|)\s+(.*)$ ^redis-server(?::\w+|)\s+(.*)$ ^redis-sentinel(?::\w+|)\s+(.*)$ ^redis-tools(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws|-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^expat(?::\w+|)\s+(.*)$ ^libexpat1-dev(?::\w+|)\s+(.*)$ ^libexpat1(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^nbd-server(?::\w+|)\s+(.*)$ ^nbd-client(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^zsh-static(?::\w+|)\s+(.*)$ ^zsh-common(?::\w+|)\s+(.*)$ ^zsh-dev(?::\w+|)\s+(.*)$ ^zsh(?::\w+|)\s+(.*)$ ^zsh-doc(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^tar-scripts(?::\w+|)\s+(.*)$ ^tar(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^tcpdump(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^ckeditor(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^openvpn(?::\w+|)\s+(.*)$ ^smarty3(?::\w+|)\s+(.*)$ ^python3-paramiko(?::\w+|)\s+(.*)$ ^paramiko-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^twisted-doc(?::\w+|)\s+(.*)$ ^python3-twisted-bin(?::\w+|)\s+(.*)$ ^python3-twisted(?::\w+|)\s+(.*)$ ^libx32z1-dev(?::\w+|)\s+(.*)$ ^lib64z1(?::\w+|)\s+(.*)$ ^libx32z1(?::\w+|)\s+(.*)$ ^lib64z1-dev(?::\w+|)\s+(.*)$ ^lib32z1(?::\w+|)\s+(.*)$ ^zlib1g(?::\w+|)\s+(.*)$ ^lib32z1-dev(?::\w+|)\s+(.*)$ ^zlib1g-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^rsync(?::\w+|)\s+(.*)$ ^tomcat9-docs(?::\w+|)\s+(.*)$ ^libtomcat9-embed-java(?::\w+|)\s+(.*)$ ^tomcat9-admin(?::\w+|)\s+(.*)$ ^tomcat9-common(?::\w+|)\s+(.*)$ ^libtomcat9-java(?::\w+|)\s+(.*)$ ^tomcat9-user(?::\w+|)\s+(.*)$ ^tomcat9(?::\w+|)\s+(.*)$ ^tomcat9-examples(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-intel)(?::\w+|)\s+(.*)$ ^python-waitress-doc(?::\w+|)\s+(.*)$ ^python3-waitress(?::\w+|)\s+(.*)$ ^libh2-java(?::\w+|)\s+(.*)$ ^libh2-java-doc(?::\w+|)\s+(.*)$ ^libfribidi-bin(?::\w+|)\s+(.*)$ ^libfribidi0(?::\w+|)\s+(.*)$ ^libfribidi-dev(?::\w+|)\s+(.*)$ ^fish(?::\w+|)\s+(.*)$ ^fish-common(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^python-oslo.utils-doc(?::\w+|)\s+(.*)$ ^python3-oslo.utils(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libnginx-mod-stream(?::\w+|)\s+(.*)$ ^libnginx-mod-http-subs-filter(?::\w+|)\s+(.*)$ ^nginx-doc(?::\w+|)\s+(.*)$ ^libnginx-mod-mail(?::\w+|)\s+(.*)$ ^libnginx-mod-http-image-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-echo(?::\w+|)\s+(.*)$ ^libnginx-mod-rtmp(?::\w+|)\s+(.*)$ ^libnginx-mod-nchan(?::\w+|)\s+(.*)$ ^nginx-common(?::\w+|)\s+(.*)$ ^libnginx-mod-http-fancyindex(?::\w+|)\s+(.*)$ ^libnginx-mod-http-auth-pam(?::\w+|)\s+(.*)$ ^nginx-light(?::\w+|)\s+(.*)$ ^libnginx-mod-http-headers-more-filter(?::\w+|)\s+(.*)$ ^nginx-extras(?::\w+|)\s+(.*)$ ^libnginx-mod-http-upstream-fair(?::\w+|)\s+(.*)$ ^libnginx-mod-http-xslt-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-lua(?::\w+|)\s+(.*)$ ^libnginx-mod-http-perl(?::\w+|)\s+(.*)$ ^nginx-core(?::\w+|)\s+(.*)$ ^libnginx-mod-http-dav-ext(?::\w+|)\s+(.*)$ ^nginx(?::\w+|)\s+(.*)$ ^libnginx-mod-http-ndk(?::\w+|)\s+(.*)$ ^libnginx-mod-http-uploadprogress(?::\w+|)\s+(.*)$ ^libnginx-mod-http-cache-purge(?::\w+|)\s+(.*)$ ^nginx-full(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip2(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip(?::\w+|)\s+(.*)$ ^libsvn-dev(?::\w+|)\s+(.*)$ ^ruby-svn(?::\w+|)\s+(.*)$ ^subversion-tools(?::\w+|)\s+(.*)$ ^libapache2-mod-svn(?::\w+|)\s+(.*)$ ^python-subversion(?::\w+|)\s+(.*)$ ^libsvn1(?::\w+|)\s+(.*)$ ^subversion(?::\w+|)\s+(.*)$ ^libsvn-doc(?::\w+|)\s+(.*)$ ^libsvn-java(?::\w+|)\s+(.*)$ ^libsvn-perl(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^libarchive-dev(?::\w+|)\s+(.*)$ ^libarchive-tools(?::\w+|)\s+(.*)$ ^libarchive13(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^gzip(?::\w+|)\s+(.*)$ ^gzip-win32(?::\w+|)\s+(.*)$ ^liblzma5(?::\w+|)\s+(.*)$ ^liblzma-doc(?::\w+|)\s+(.*)$ ^liblzma-dev(?::\w+|)\s+(.*)$ ^xz-utils(?::\w+|)\s+(.*)$ ^xzdec(?::\w+|)\s+(.*)$ ^klibc-utils(?::\w+|)\s+(.*)$ ^libklibc(?::\w+|)\s+(.*)$ ^libklibc-dev(?::\w+|)\s+(.*)$ ^bash-builtins(?::\w+|)\s+(.*)$ ^bash-doc(?::\w+|)\s+(.*)$ ^bash(?::\w+|)\s+(.*)$ ^bash-static(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^libinput-dev(?::\w+|)\s+(.*)$ ^libinput-bin(?::\w+|)\s+(.*)$ ^libinput10(?::\w+|)\s+(.*)$ ^libinput-tools(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-intel)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^python3-aiohttp(?::\w+|)\s+(.*)$ ^barbican-keystone-listener(?::\w+|)\s+(.*)$ ^barbican-api(?::\w+|)\s+(.*)$ ^barbican-worker(?::\w+|)\s+(.*)$ ^barbican-common(?::\w+|)\s+(.*)$ ^python3-barbican(?::\w+|)\s+(.*)$ ^barbican-doc(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^libsepol1(?::\w+|)\s+(.*)$ ^libsepol1-dev(?::\w+|)\s+(.*)$ ^sepol-utils(?::\w+|)\s+(.*)$ ^mutt(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^networkd-dispatcher(?::\w+|)\s+(.*)$ ^networkd-dispatcher(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libvirt0(?::\w+|)\s+(.*)$ ^libvirt-dev(?::\w+|)\s+(.*)$ ^libnss-libvirt(?::\w+|)\s+(.*)$ ^libvirt-daemon(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-systemd(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-xen(?::\w+|)\s+(.*)$ ^libvirt-sanlock(?::\w+|)\s+(.*)$ ^libvirt-wireshark(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-vbox(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-qemu(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-gluster(?::\w+|)\s+(.*)$ ^libvirt-doc(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-rbd(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-sysv(?::\w+|)\s+(.*)$ ^libvirt-daemon-system(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-lxc(?::\w+|)\s+(.*)$ ^libvirt-clients(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-zfs(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-memif20.0(?::\w+|)\s+(.*)$ ^dpdk-igb-uio-dkms(?::\w+|)\s+(.*)$ ^librte-pmd-iavf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-af-packet20.0(?::\w+|)\s+(.*)$ ^librte-pmd-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-event20.0(?::\w+|)\s+(.*)$ ^librte-bus-ifpga20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-stack0.200(?::\w+|)\s+(.*)$ ^librte-pmd-e1000-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-null20.0(?::\w+|)\s+(.*)$ ^librte-pipeline20.0(?::\w+|)\s+(.*)$ ^librte-sched20.0(?::\w+|)\s+(.*)$ ^librte-distributor20.0(?::\w+|)\s+(.*)$ ^librte-efd20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ark20.0(?::\w+|)\s+(.*)$ ^librte-gro20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sfc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-failsafe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pcap20.0(?::\w+|)\s+(.*)$ ^librte-rawdev20.0(?::\w+|)\s+(.*)$ ^librte-meter20.0(?::\w+|)\s+(.*)$ ^librte-hash20.0(?::\w+|)\s+(.*)$ ^librte-ring20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-telemetry0.200(?::\w+|)\s+(.*)$ ^librte-rawdev-skeleton20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bond20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ioat20.0(?::\w+|)\s+(.*)$ ^librte-pmd-skeleton-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-mlx5-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-cmdif20.0(?::\w+|)\s+(.*)$ ^librte-pmd-fm10k20.0(?::\w+|)\s+(.*)$ ^librte-cryptodev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-i40e20.0(?::\w+|)\s+(.*)$ ^librte-cmdline20.0(?::\w+|)\s+(.*)$ ^librte-jobstats20.0(?::\w+|)\s+(.*)$ ^dpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-ccp20.0(?::\w+|)\s+(.*)$ ^librte-pmd-atlantic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sw-event20.0(?::\w+|)\s+(.*)$ ^librte-ip-frag20.0(?::\w+|)\s+(.*)$ ^librte-pmd-isal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dsw-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nitrox20.0(?::\w+|)\s+(.*)$ ^librte-pmd-kni20.0(?::\w+|)\s+(.*)$ ^librte-mempool-bucket20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-event20.0(?::\w+|)\s+(.*)$ ^librte-gso20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vdev-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-openssl20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnx2x20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-compress20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hinic20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-latencystats20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-kvargs20.0(?::\w+|)\s+(.*)$ ^librte-bus-fslmc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-avp20.0(?::\w+|)\s+(.*)$ ^librte-pdump20.0(?::\w+|)\s+(.*)$ ^librte-metrics20.0(?::\w+|)\s+(.*)$ ^librte-bbdev0.200(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-sec20.0(?::\w+|)\s+(.*)$ ^librte-bus-vmbus20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnxt20.0(?::\w+|)\s+(.*)$ ^librte-timer20.0(?::\w+|)\s+(.*)$ ^librte-cfgfile20.0(?::\w+|)\s+(.*)$ ^librte-rcu0.200(?::\w+|)\s+(.*)$ ^librte-pmd-qat20.0(?::\w+|)\s+(.*)$ ^librte-mempool20.0(?::\w+|)\s+(.*)$ ^libdpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-null20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio20.0(?::\w+|)\s+(.*)$ ^librte-pmd-axgbe20.0(?::\w+|)\s+(.*)$ ^librte-port20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-mb20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ntb20.0(?::\w+|)\s+(.*)$ ^librte-pmd-softnic20.0(?::\w+|)\s+(.*)$ ^dpdk-doc(?::\w+|)\s+(.*)$ ^librte-pmd-mlx4-20.0(?::\w+|)\s+(.*)$ ^librte-net20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-fpga-lte-fec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-null-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ena20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ice20.0(?::\w+|)\s+(.*)$ ^librte-common-dpaax20.0(?::\w+|)\s+(.*)$ ^librte-member20.0(?::\w+|)\s+(.*)$ ^librte-bus-pci20.0(?::\w+|)\s+(.*)$ ^librte-kni20.0(?::\w+|)\s+(.*)$ ^librte-pmd-thunderx20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx20.0(?::\w+|)\s+(.*)$ ^dpdk(?::\w+|)\s+(.*)$ ^librte-pmd-ifc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-opdl-event20.0(?::\w+|)\s+(.*)$ ^librte-pci20.0(?::\w+|)\s+(.*)$ ^librte-eal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-turbo-sw20.0(?::\w+|)\s+(.*)$ ^librte-ethdev20.0(?::\w+|)\s+(.*)$ ^librte-table20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hns3-20.0(?::\w+|)\s+(.*)$ ^librte-ipsec0.200(?::\w+|)\s+(.*)$ ^librte-pmd-zlib20.0(?::\w+|)\s+(.*)$ ^librte-bitratestats20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-sec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-caam-jr20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-octeontx2-dma20.0(?::\w+|)\s+(.*)$ ^librte-mbuf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-event20.0(?::\w+|)\s+(.*)$ ^librte-mempool-stack20.0(?::\w+|)\s+(.*)$ ^librte-power20.0(?::\w+|)\s+(.*)$ ^librte-pmd-liquidio20.0(?::\w+|)\s+(.*)$ ^librte-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio-crypto20.0(?::\w+|)\s+(.*)$ ^librte-reorder20.0(?::\w+|)\s+(.*)$ ^librte-pmd-qede20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pfe20.0(?::\w+|)\s+(.*)$ ^librte-flow-classify0.200(?::\w+|)\s+(.*)$ ^librte-rib0.200(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-cxgbe20.0(?::\w+|)\s+(.*)$ ^librte-mempool-ring20.0(?::\w+|)\s+(.*)$ ^librte-acl20.0(?::\w+|)\s+(.*)$ ^librte-common-cpt20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-gcm20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-qdma20.0(?::\w+|)\s+(.*)$ ^librte-lpm20.0(?::\w+|)\s+(.*)$ ^librte-pmd-tap20.0(?::\w+|)\s+(.*)$ ^librte-eventdev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nfp20.0(?::\w+|)\s+(.*)$ ^librte-bus-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ring20.0(?::\w+|)\s+(.*)$ ^librte-bus-vdev20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ixgbe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vmxnet3-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-crypto-scheduler20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enetc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-crypto20.0(?::\w+|)\s+(.*)$ ^librte-security20.0(?::\w+|)\s+(.*)$ ^librte-compressdev0.200(?::\w+|)\s+(.*)$ ^librte-fib0.200(?::\w+|)\s+(.*)$ ^librte-bpf0.200(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^rsyslog-gssapi(?::\w+|)\s+(.*)$ ^rsyslog-czmq(?::\w+|)\s+(.*)$ ^rsyslog-pgsql(?::\w+|)\s+(.*)$ ^rsyslog-hiredis(?::\w+|)\s+(.*)$ ^rsyslog-mysql(?::\w+|)\s+(.*)$ ^rsyslog-gnutls(?::\w+|)\s+(.*)$ ^rsyslog-openssl(?::\w+|)\s+(.*)$ ^rsyslog(?::\w+|)\s+(.*)$ ^rsyslog-relp(?::\w+|)\s+(.*)$ ^rsyslog-mongodb(?::\w+|)\s+(.*)$ ^rsyslog-elasticsearch(?::\w+|)\s+(.*)$ ^rsyslog-kafka(?::\w+|)\s+(.*)$ ^dnsmasq(?::\w+|)\s+(.*)$ ^dnsmasq-base-lua(?::\w+|)\s+(.*)$ ^dnsmasq-utils(?::\w+|)\s+(.*)$ ^dnsmasq-base(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^pcregrep(?::\w+|)\s+(.*)$ ^libpcre3-dev(?::\w+|)\s+(.*)$ ^libpcre3(?::\w+|)\s+(.*)$ ^libpcrecpp0v5(?::\w+|)\s+(.*)$ ^libpcre16-3(?::\w+|)\s+(.*)$ ^libpcre32-3(?::\w+|)\s+(.*)$ ^needrestart(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^htmldoc(?::\w+|)\s+(.*)$ ^htmldoc-common(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^libsvn-dev(?::\w+|)\s+(.*)$ ^ruby-svn(?::\w+|)\s+(.*)$ ^subversion-tools(?::\w+|)\s+(.*)$ ^libapache2-mod-svn(?::\w+|)\s+(.*)$ ^python-subversion(?::\w+|)\s+(.*)$ ^libsvn1(?::\w+|)\s+(.*)$ ^subversion(?::\w+|)\s+(.*)$ ^libsvn-doc(?::\w+|)\s+(.*)$ ^libsvn-java(?::\w+|)\s+(.*)$ ^libsvn-perl(?::\w+|)\s+(.*)$ ^dpkg-dev(?::\w+|)\s+(.*)$ ^dselect(?::\w+|)\s+(.*)$ ^dpkg(?::\w+|)\s+(.*)$ ^libdpkg-dev(?::\w+|)\s+(.*)$ ^libdpkg-perl(?::\w+|)\s+(.*)$ ^golang-github-influxdb-influxdb-dev(?::\w+|)\s+(.*)$ ^influxdb(?::\w+|)\s+(.*)$ ^influxdb-client(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^libxmltok1(?::\w+|)\s+(.*)$ ^libxmltok1-dev(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^cifs-utils(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ntfs-3g(?::\w+|)\s+(.*)$ ^libntfs-3g883(?::\w+|)\s+(.*)$ ^ntfs-3g-dev(?::\w+|)\s+(.*)$ ^libss2(?::\w+|)\s+(.*)$ ^e2fslibs-dev(?::\w+|)\s+(.*)$ ^libcomerr2(?::\w+|)\s+(.*)$ ^libcom-err2(?::\w+|)\s+(.*)$ ^e2fsprogs(?::\w+|)\s+(.*)$ ^e2fsck-static(?::\w+|)\s+(.*)$ ^logsave(?::\w+|)\s+(.*)$ ^e2fslibs(?::\w+|)\s+(.*)$ ^e2fsprogs-l10n(?::\w+|)\s+(.*)$ ^libext2fs-dev(?::\w+|)\s+(.*)$ ^libext2fs2(?::\w+|)\s+(.*)$ ^fuse2fs(?::\w+|)\s+(.*)$ ^ss-dev(?::\w+|)\s+(.*)$ ^comerr-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-intel)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^varnish(?::\w+|)\s+(.*)$ ^varnish-doc(?::\w+|)\s+(.*)$ ^libvarnishapi-dev(?::\w+|)\s+(.*)$ ^libvarnishapi2(?::\w+|)\s+(.*)$ ^varnish(?::\w+|)\s+(.*)$ ^varnish-doc(?::\w+|)\s+(.*)$ ^libvarnishapi-dev(?::\w+|)\s+(.*)$ ^libvarnishapi2(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^liblouis-dev(?::\w+|)\s+(.*)$ ^python3-louis(?::\w+|)\s+(.*)$ ^liblouis-data(?::\w+|)\s+(.*)$ ^liblouis20(?::\w+|)\s+(.*)$ ^liblouis-bin(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^libbluetooth3(?::\w+|)\s+(.*)$ ^bluez-tests(?::\w+|)\s+(.*)$ ^bluez-obexd(?::\w+|)\s+(.*)$ ^bluetooth(?::\w+|)\s+(.*)$ ^bluez(?::\w+|)\s+(.*)$ ^bluez-hcidump(?::\w+|)\s+(.*)$ ^bluez-cups(?::\w+|)\s+(.*)$ ^libbluetooth-dev(?::\w+|)\s+(.*)$ ^spip(?::\w+|)\s+(.*)$ ^libexempi8(?::\w+|)\s+(.*)$ ^exempi(?::\w+|)\s+(.*)$ ^libexempi-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-intel)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^cloud-init(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^dirmngr(?::\w+|)\s+(.*)$ ^gpgv-static(?::\w+|)\s+(.*)$ ^gpgv-win32(?::\w+|)\s+(.*)$ ^scdaemon(?::\w+|)\s+(.*)$ ^gpgsm(?::\w+|)\s+(.*)$ ^gpgv(?::\w+|)\s+(.*)$ ^gpg(?::\w+|)\s+(.*)$ ^gnupg-agent(?::\w+|)\s+(.*)$ ^gnupg2(?::\w+|)\s+(.*)$ ^gpgconf(?::\w+|)\s+(.*)$ ^gpgv2(?::\w+|)\s+(.*)$ ^gnupg-utils(?::\w+|)\s+(.*)$ ^gpg-wks-server(?::\w+|)\s+(.*)$ ^gpg-agent(?::\w+|)\s+(.*)$ ^gnupg(?::\w+|)\s+(.*)$ ^gpg-wks-client(?::\w+|)\s+(.*)$ ^gnupg-l10n(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^python3-pyldap(?::\w+|)\s+(.*)$ ^python3-ldap(?::\w+|)\s+(.*)$ ^dovecot-auth-lua(?::\w+|)\s+(.*)$ ^dovecot-pgsql(?::\w+|)\s+(.*)$ ^dovecot-mysql(?::\w+|)\s+(.*)$ ^dovecot-core(?::\w+|)\s+(.*)$ ^dovecot-sieve(?::\w+|)\s+(.*)$ ^dovecot-ldap(?::\w+|)\s+(.*)$ ^dovecot-sqlite(?::\w+|)\s+(.*)$ ^dovecot-dev(?::\w+|)\s+(.*)$ ^dovecot-pop3d(?::\w+|)\s+(.*)$ ^dovecot-imapd(?::\w+|)\s+(.*)$ ^dovecot-managesieved(?::\w+|)\s+(.*)$ ^dovecot-lucene(?::\w+|)\s+(.*)$ ^mail-stack-delivery(?::\w+|)\s+(.*)$ ^dovecot-gssapi(?::\w+|)\s+(.*)$ ^dovecot-solr(?::\w+|)\s+(.*)$ ^dovecot-submissiond(?::\w+|)\s+(.*)$ ^dovecot-lmtpd(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^libhttp-daemon-perl(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^gir1.2-harfbuzz-0.0(?::\w+|)\s+(.*)$ ^libharfbuzz-gobject0(?::\w+|)\s+(.*)$ ^libharfbuzz-dev(?::\w+|)\s+(.*)$ ^libharfbuzz-icu0(?::\w+|)\s+(.*)$ ^libharfbuzz0b(?::\w+|)\s+(.*)$ ^libharfbuzz-bin(?::\w+|)\s+(.*)$ ^libharfbuzz-doc(?::\w+|)\s+(.*)$ ^libxml-security-java-doc(?::\w+|)\s+(.*)$ ^libxml-security-java(?::\w+|)\s+(.*)$ ^python3-jwt(?::\w+|)\s+(.*)$ ^freetype2-doc(?::\w+|)\s+(.*)$ ^libfreetype6-dev(?::\w+|)\s+(.*)$ ^libfreetype-dev(?::\w+|)\s+(.*)$ ^freetype2-demos(?::\w+|)\s+(.*)$ ^libfreetype6(?::\w+|)\s+(.*)$ ^libprotobuf-c-dev(?::\w+|)\s+(.*)$ ^protobuf-c-compiler(?::\w+|)\s+(.*)$ ^libprotobuf-c1(?::\w+|)\s+(.*)$ ^python3-bottle(?::\w+|)\s+(.*)$ ^python-bottle-doc(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^libtirpc3(?::\w+|)\s+(.*)$ ^libtirpc-common(?::\w+|)\s+(.*)$ ^libtirpc-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^snmptrapd(?::\w+|)\s+(.*)$ ^libsnmp-dev(?::\w+|)\s+(.*)$ ^libsnmp-base(?::\w+|)\s+(.*)$ ^snmp(?::\w+|)\s+(.*)$ ^libsnmp-perl(?::\w+|)\s+(.*)$ ^tkmib(?::\w+|)\s+(.*)$ ^snmpd(?::\w+|)\s+(.*)$ ^libsnmp35(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-390(?::\w+|)\s+(.*)$ ^libnvidia-decode-390(?::\w+|)\s+(.*)$ ^nvidia-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-gl-390(?::\w+|)\s+(.*)$ ^libnvidia-compute-390(?::\w+|)\s+(.*)$ ^nvidia-384-dev(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-390(?::\w+|)\s+(.*)$ ^libcuda1-384(?::\w+|)\s+(.*)$ ^nvidia-384(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-390(?::\w+|)\s+(.*)$ ^libnvidia-encode-390(?::\w+|)\s+(.*)$ ^nvidia-opencl-icd-384(?::\w+|)\s+(.*)$ ^libnvidia-common-390(?::\w+|)\s+(.*)$ ^nvidia-dkms-390(?::\w+|)\s+(.*)$ ^nvidia-libopencl1-384(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-390(?::\w+|)\s+(.*)$ ^nvidia-driver-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-390(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-390(?::\w+|)\s+(.*)$ ^nvidia-headless-390(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-390(?::\w+|)\s+(.*)$ ^libnvidia-compute-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-450-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-450-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-common-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-440-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-440-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-440-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440-server(?::\w+|)\s+(.*)$ ^libnvidia-common-465(?::\w+|)\s+(.*)$ ^libnvidia-common-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-460-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-470-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-470(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-470-server(?::\w+|)\s+(.*)$ ^nvidia-utils-460-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-470(?::\w+|)\s+(.*)$ ^nvidia-headless-465(?::\w+|)\s+(.*)$ ^nvidia-headless-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-470(?::\w+|)\s+(.*)$ ^libnvidia-compute-460-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-470-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-465(?::\w+|)\s+(.*)$ ^nvidia-utils-470-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-465(?::\w+|)\s+(.*)$ ^libnvidia-compute-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-470(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-compute-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-465(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-465(?::\w+|)\s+(.*)$ ^libnvidia-encode-465(?::\w+|)\s+(.*)$ ^libnvidia-decode-460-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-460(?::\w+|)\s+(.*)$ ^libnvidia-compute-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-470(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-470(?::\w+|)\s+(.*)$ ^nvidia-utils-470(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-470-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-470-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-470-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-470-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-465(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-470-server(?::\w+|)\s+(.*)$ ^nvidia-driver-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-460-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460-server(?::\w+|)\s+(.*)$ ^libnvidia-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-470-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-470(?::\w+|)\s+(.*)$ ^nvidia-dkms-465(?::\w+|)\s+(.*)$ ^libnvidia-extra-465(?::\w+|)\s+(.*)$ ^libnvidia-extra-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-470(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-470(?::\w+|)\s+(.*)$ ^nvidia-driver-470-server(?::\w+|)\s+(.*)$ ^nvidia-driver-470(?::\w+|)\s+(.*)$ ^libnvidia-extra-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-470(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-465(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460(?::\w+|)\s+(.*)$ ^libnvidia-extra-470(?::\w+|)\s+(.*)$ ^nvidia-utils-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-460(?::\w+|)\s+(.*)$ ^nvidia-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-decode-465(?::\w+|)\s+(.*)$ ^nvidia-driver-465(?::\w+|)\s+(.*)$ ^libnvidia-decode-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-470(?::\w+|)\s+(.*)$ ^nvidia-headless-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-470-server(?::\w+|)\s+(.*)$ ^libnvidia-common-470-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-465(?::\w+|)\s+(.*)$ ^libnvidia-common-470(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-470(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-465(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-470-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-510(?::\w+|)\s+(.*)$ ^libnvidia-common-510(?::\w+|)\s+(.*)$ ^nvidia-utils-495(?::\w+|)\s+(.*)$ ^libnvidia-decode-495(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-495(?::\w+|)\s+(.*)$ ^libnvidia-compute-495(?::\w+|)\s+(.*)$ ^nvidia-headless-495(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-510(?::\w+|)\s+(.*)$ ^nvidia-dkms-495(?::\w+|)\s+(.*)$ ^libnvidia-encode-510(?::\w+|)\s+(.*)$ ^nvidia-driver-510-server(?::\w+|)\s+(.*)$ ^libnvidia-common-510-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-495(?::\w+|)\s+(.*)$ ^libnvidia-gl-510-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-495(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-495(?::\w+|)\s+(.*)$ ^nvidia-driver-510(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-510-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-510-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-510-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-510(?::\w+|)\s+(.*)$ ^libnvidia-compute-510-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-510(?::\w+|)\s+(.*)$ ^libnvidia-gl-510(?::\w+|)\s+(.*)$ ^nvidia-utils-510(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-510-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-510-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-510-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-510(?::\w+|)\s+(.*)$ ^nvidia-headless-510-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-510(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-495(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-510(?::\w+|)\s+(.*)$ ^libnvidia-decode-510-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-495(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-510-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-510(?::\w+|)\s+(.*)$ ^nvidia-dkms-510-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-510-server(?::\w+|)\s+(.*)$ ^libnvidia-common-495(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-510-server(?::\w+|)\s+(.*)$ ^nvidia-utils-510-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-495(?::\w+|)\s+(.*)$ ^libnvidia-compute-510(?::\w+|)\s+(.*)$ ^nvidia-dkms-510(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-495(?::\w+|)\s+(.*)$ ^libnvidia-extra-510(?::\w+|)\s+(.*)$ ^libnvidia-gl-495(?::\w+|)\s+(.*)$ ^nvidia-driver-495(?::\w+|)\s+(.*)$ ^nvidia-headless-510(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-495(?::\w+|)\s+(.*)$ ^nvidia-dkms-515-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-515(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-515(?::\w+|)\s+(.*)$ ^libnvidia-compute-515-server(?::\w+|)\s+(.*)$ ^nvidia-utils-515-server(?::\w+|)\s+(.*)$ ^libnvidia-common-515(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-515(?::\w+|)\s+(.*)$ ^libnvidia-encode-515-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-515(?::\w+|)\s+(.*)$ ^libnvidia-decode-515-server(?::\w+|)\s+(.*)$ ^nvidia-driver-515(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-515-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-515-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-515(?::\w+|)\s+(.*)$ ^nvidia-utils-515(?::\w+|)\s+(.*)$ ^libnvidia-extra-515-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-515(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-515-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-515-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-515-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-515(?::\w+|)\s+(.*)$ ^nvidia-headless-515-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-515(?::\w+|)\s+(.*)$ ^libnvidia-gl-515(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-515(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-515-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-515(?::\w+|)\s+(.*)$ ^libnvidia-gl-515-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-515(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-515-server(?::\w+|)\s+(.*)$ ^libnvidia-common-515-server(?::\w+|)\s+(.*)$ ^nvidia-driver-515-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-515(?::\w+|)\s+(.*)$ ^nvidia-headless-515(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^libapache2-mod-wsgi(?::\w+|)\s+(.*)$ ^libapache2-mod-wsgi-py3(?::\w+|)\s+(.*)$ ^phpliteadmin-themes(?::\w+|)\s+(.*)$ ^phpliteadmin(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-0(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-common(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-bin(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-dev(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-doc(?::\w+|)\s+(.*)$ ^gir1.2-gdkpixbuf-2.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-gtk3(?::\w+|)\s+(.*)$ ^gstreamer1.0-pulseaudio(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good-doc(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-dev(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good(?::\w+|)\s+(.*)$ ^gstreamer1.0-qt5(?::\w+|)\s+(.*)$ ^booth(?::\w+|)\s+(.*)$ ^booth-pacemaker(?::\w+|)\s+(.*)$ ^node-moment(?::\w+|)\s+(.*)$ ^libjs-moment(?::\w+|)\s+(.*)$ ^epiphany-browser(?::\w+|)\s+(.*)$ ^epiphany-browser-data(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python-unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^libx32z1-dev(?::\w+|)\s+(.*)$ ^lib64z1(?::\w+|)\s+(.*)$ ^libx32z1(?::\w+|)\s+(.*)$ ^lib64z1-dev(?::\w+|)\s+(.*)$ ^lib32z1(?::\w+|)\s+(.*)$ ^zlib1g(?::\w+|)\s+(.*)$ ^lib32z1-dev(?::\w+|)\s+(.*)$ ^zlib1g-dev(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^rsync(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^libxslt1-dev(?::\w+|)\s+(.*)$ ^libxslt1.1(?::\w+|)\s+(.*)$ ^xsltproc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^open-vm-tools(?::\w+|)\s+(.*)$ ^open-vm-tools-dev(?::\w+|)\s+(.*)$ ^open-vm-tools-desktop(?::\w+|)\s+(.*)$ ^open-vm-tools-sdmp(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^schroot(?::\w+|)\s+(.*)$ ^schroot-common(?::\w+|)\s+(.*)$ ^python3-notebook(?::\w+|)\s+(.*)$ ^python-notebook-doc(?::\w+|)\s+(.*)$ ^jupyter-notebook(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^libpoppler97(?::\w+|)\s+(.*)$ ^poppler-utils(?::\w+|)\s+(.*)$ ^libpoppler-cpp-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-doc(?::\w+|)\s+(.*)$ ^gir1.2-poppler-0.18(?::\w+|)\s+(.*)$ ^libpoppler-cpp0v5(?::\w+|)\s+(.*)$ ^libpoppler-glib8(?::\w+|)\s+(.*)$ ^libpoppler-private-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-dev(?::\w+|)\s+(.*)$ ^libpoppler-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-1(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-0(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-common(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-bin(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-dev(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-doc(?::\w+|)\s+(.*)$ ^gir1.2-gdkpixbuf-2.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-memif20.0(?::\w+|)\s+(.*)$ ^dpdk-igb-uio-dkms(?::\w+|)\s+(.*)$ ^librte-pmd-iavf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-af-packet20.0(?::\w+|)\s+(.*)$ ^librte-pmd-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-event20.0(?::\w+|)\s+(.*)$ ^librte-bus-ifpga20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-stack0.200(?::\w+|)\s+(.*)$ ^librte-pmd-e1000-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-null20.0(?::\w+|)\s+(.*)$ ^librte-pipeline20.0(?::\w+|)\s+(.*)$ ^librte-sched20.0(?::\w+|)\s+(.*)$ ^librte-distributor20.0(?::\w+|)\s+(.*)$ ^librte-efd20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ark20.0(?::\w+|)\s+(.*)$ ^librte-gro20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sfc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-failsafe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pcap20.0(?::\w+|)\s+(.*)$ ^librte-rawdev20.0(?::\w+|)\s+(.*)$ ^librte-meter20.0(?::\w+|)\s+(.*)$ ^librte-hash20.0(?::\w+|)\s+(.*)$ ^librte-ring20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-telemetry0.200(?::\w+|)\s+(.*)$ ^librte-rawdev-skeleton20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bond20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ioat20.0(?::\w+|)\s+(.*)$ ^librte-pmd-skeleton-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-mlx5-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-cmdif20.0(?::\w+|)\s+(.*)$ ^librte-pmd-fm10k20.0(?::\w+|)\s+(.*)$ ^librte-cryptodev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-i40e20.0(?::\w+|)\s+(.*)$ ^librte-cmdline20.0(?::\w+|)\s+(.*)$ ^librte-jobstats20.0(?::\w+|)\s+(.*)$ ^dpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-ccp20.0(?::\w+|)\s+(.*)$ ^librte-pmd-atlantic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sw-event20.0(?::\w+|)\s+(.*)$ ^librte-ip-frag20.0(?::\w+|)\s+(.*)$ ^librte-pmd-isal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dsw-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nitrox20.0(?::\w+|)\s+(.*)$ ^librte-pmd-kni20.0(?::\w+|)\s+(.*)$ ^librte-mempool-bucket20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-event20.0(?::\w+|)\s+(.*)$ ^librte-gso20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vdev-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-openssl20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnx2x20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-compress20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hinic20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-latencystats20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-kvargs20.0(?::\w+|)\s+(.*)$ ^librte-bus-fslmc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-avp20.0(?::\w+|)\s+(.*)$ ^librte-pdump20.0(?::\w+|)\s+(.*)$ ^librte-metrics20.0(?::\w+|)\s+(.*)$ ^librte-bbdev0.200(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-sec20.0(?::\w+|)\s+(.*)$ ^librte-bus-vmbus20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnxt20.0(?::\w+|)\s+(.*)$ ^librte-timer20.0(?::\w+|)\s+(.*)$ ^librte-cfgfile20.0(?::\w+|)\s+(.*)$ ^librte-rcu0.200(?::\w+|)\s+(.*)$ ^librte-pmd-qat20.0(?::\w+|)\s+(.*)$ ^librte-mempool20.0(?::\w+|)\s+(.*)$ ^libdpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-null20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio20.0(?::\w+|)\s+(.*)$ ^librte-pmd-axgbe20.0(?::\w+|)\s+(.*)$ ^librte-port20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-mb20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ntb20.0(?::\w+|)\s+(.*)$ ^librte-pmd-softnic20.0(?::\w+|)\s+(.*)$ ^dpdk-doc(?::\w+|)\s+(.*)$ ^librte-pmd-mlx4-20.0(?::\w+|)\s+(.*)$ ^librte-net20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-fpga-lte-fec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-null-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ena20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ice20.0(?::\w+|)\s+(.*)$ ^librte-common-dpaax20.0(?::\w+|)\s+(.*)$ ^librte-member20.0(?::\w+|)\s+(.*)$ ^librte-bus-pci20.0(?::\w+|)\s+(.*)$ ^librte-kni20.0(?::\w+|)\s+(.*)$ ^librte-pmd-thunderx20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx20.0(?::\w+|)\s+(.*)$ ^dpdk(?::\w+|)\s+(.*)$ ^librte-pmd-ifc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-opdl-event20.0(?::\w+|)\s+(.*)$ ^librte-pci20.0(?::\w+|)\s+(.*)$ ^librte-eal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-turbo-sw20.0(?::\w+|)\s+(.*)$ ^librte-ethdev20.0(?::\w+|)\s+(.*)$ ^librte-table20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hns3-20.0(?::\w+|)\s+(.*)$ ^librte-ipsec0.200(?::\w+|)\s+(.*)$ ^librte-pmd-zlib20.0(?::\w+|)\s+(.*)$ ^librte-bitratestats20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-sec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-caam-jr20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-octeontx2-dma20.0(?::\w+|)\s+(.*)$ ^librte-mbuf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-event20.0(?::\w+|)\s+(.*)$ ^librte-mempool-stack20.0(?::\w+|)\s+(.*)$ ^librte-power20.0(?::\w+|)\s+(.*)$ ^librte-pmd-liquidio20.0(?::\w+|)\s+(.*)$ ^librte-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio-crypto20.0(?::\w+|)\s+(.*)$ ^librte-reorder20.0(?::\w+|)\s+(.*)$ ^librte-pmd-qede20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pfe20.0(?::\w+|)\s+(.*)$ ^librte-flow-classify0.200(?::\w+|)\s+(.*)$ ^librte-rib0.200(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-cxgbe20.0(?::\w+|)\s+(.*)$ ^librte-mempool-ring20.0(?::\w+|)\s+(.*)$ ^librte-acl20.0(?::\w+|)\s+(.*)$ ^librte-common-cpt20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-gcm20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-qdma20.0(?::\w+|)\s+(.*)$ ^librte-lpm20.0(?::\w+|)\s+(.*)$ ^librte-pmd-tap20.0(?::\w+|)\s+(.*)$ ^librte-eventdev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nfp20.0(?::\w+|)\s+(.*)$ ^librte-bus-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ring20.0(?::\w+|)\s+(.*)$ ^librte-bus-vdev20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ixgbe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vmxnet3-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-crypto-scheduler20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enetc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-crypto20.0(?::\w+|)\s+(.*)$ ^librte-security20.0(?::\w+|)\s+(.*)$ ^librte-compressdev0.200(?::\w+|)\s+(.*)$ ^librte-fib0.200(?::\w+|)\s+(.*)$ ^librte-bpf0.200(?::\w+|)\s+(.*)$ ^librust-regex-dev(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^libwayland-egl1(?::\w+|)\s+(.*)$ ^libwayland-bin(?::\w+|)\s+(.*)$ ^libwayland-dev(?::\w+|)\s+(.*)$ ^libwayland-cursor0(?::\w+|)\s+(.*)$ ^libwayland-egl-backend-dev(?::\w+|)\s+(.*)$ ^libwayland-server0(?::\w+|)\s+(.*)$ ^libwayland-doc(?::\w+|)\s+(.*)$ ^libwayland-client0(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^libxencall1(?::\w+|)\s+(.*)$ ^libxengnttab1(?::\w+|)\s+(.*)$ ^libxentoollog1(?::\w+|)\s+(.*)$ ^xen-hypervisor-common(?::\w+|)\s+(.*)$ ^xen-system-arm64(?::\w+|)\s+(.*)$ ^xen-hypervisor-4.11-armhf(?::\w+|)\s+(.*)$ ^libxenstore3.0(?::\w+|)\s+(.*)$ ^xen-hypervisor-4.9-armhf(?::\w+|)\s+(.*)$ ^xen-system-amd64(?::\w+|)\s+(.*)$ ^libxenmisc4.11(?::\w+|)\s+(.*)$ ^libxendevicemodel1(?::\w+|)\s+(.*)$ ^xenstore-utils(?::\w+|)\s+(.*)$ ^libxentoolcore1(?::\w+|)\s+(.*)$ ^xen-utils-4.11(?::\w+|)\s+(.*)$ ^libxenforeignmemory1(?::\w+|)\s+(.*)$ ^xen-doc(?::\w+|)\s+(.*)$ ^xen-hypervisor-4.9-amd64(?::\w+|)\s+(.*)$ ^xen-hypervisor-4.11-arm64(?::\w+|)\s+(.*)$ ^xen-hypervisor-4.9-arm64(?::\w+|)\s+(.*)$ ^xen-utils-common(?::\w+|)\s+(.*)$ ^libxen-dev(?::\w+|)\s+(.*)$ ^xen-hypervisor-4.11-amd64(?::\w+|)\s+(.*)$ ^libxenevtchn1(?::\w+|)\s+(.*)$ ^xen-system-armhf(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^libopenexr-dev(?::\w+|)\s+(.*)$ ^openexr(?::\w+|)\s+(.*)$ ^libopenexr24(?::\w+|)\s+(.*)$ ^openexr-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^python-mako(?::\w+|)\s+(.*)$ ^python-mako-doc(?::\w+|)\s+(.*)$ ^python3-mako(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^libpcre2-16-0(?::\w+|)\s+(.*)$ ^libpcre2-32-0(?::\w+|)\s+(.*)$ ^libpcre2-posix2(?::\w+|)\s+(.*)$ ^pcre2-utils(?::\w+|)\s+(.*)$ ^libpcre2-dev(?::\w+|)\s+(.*)$ ^libpcre2-8-0(?::\w+|)\s+(.*)$ ^etcd-server(?::\w+|)\s+(.*)$ ^golang-etcd-server-dev(?::\w+|)\s+(.*)$ ^etcd-client(?::\w+|)\s+(.*)$ ^etcd(?::\w+|)\s+(.*)$ ^libturbojpeg0-dev(?::\w+|)\s+(.*)$ ^libjpeg-turbo8-dev(?::\w+|)\s+(.*)$ ^libjpeg-turbo-progs(?::\w+|)\s+(.*)$ ^libturbojpeg(?::\w+|)\s+(.*)$ ^libjpeg-turbo8(?::\w+|)\s+(.*)$ ^libjpeg-turbo-test(?::\w+|)\s+(.*)$ ^sosreport(?::\w+|)\s+(.*)$ ^expat(?::\w+|)\s+(.*)$ ^libexpat1-dev(?::\w+|)\s+(.*)$ ^libexpat1(?::\w+|)\s+(.*)$ ^expat(?::\w+|)\s+(.*)$ ^libexpat1-dev(?::\w+|)\s+(.*)$ ^libexpat1(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^strongswan-nm(?::\w+|)\s+(.*)$ ^strongswan-scepclient(?::\w+|)\s+(.*)$ ^libcharon-extra-plugins(?::\w+|)\s+(.*)$ ^libcharon-standard-plugins(?::\w+|)\s+(.*)$ ^libstrongswan-extra-plugins(?::\w+|)\s+(.*)$ ^strongswan-tnc-pdp(?::\w+|)\s+(.*)$ ^strongswan-charon(?::\w+|)\s+(.*)$ ^libstrongswan(?::\w+|)\s+(.*)$ ^libstrongswan-standard-plugins(?::\w+|)\s+(.*)$ ^libcharon-extauth-plugins(?::\w+|)\s+(.*)$ ^charon-systemd(?::\w+|)\s+(.*)$ ^strongswan(?::\w+|)\s+(.*)$ ^strongswan-tnc-server(?::\w+|)\s+(.*)$ ^strongswan-tnc-client(?::\w+|)\s+(.*)$ ^strongswan-tnc-base(?::\w+|)\s+(.*)$ ^charon-cmd(?::\w+|)\s+(.*)$ ^strongswan-libcharon(?::\w+|)\s+(.*)$ ^strongswan-pki(?::\w+|)\s+(.*)$ ^strongswan-tnc-ifmap(?::\w+|)\s+(.*)$ ^strongswan-starter(?::\w+|)\s+(.*)$ ^strongswan-swanctl(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^isc-dhcp-dev(?::\w+|)\s+(.*)$ ^isc-dhcp-client-ddns(?::\w+|)\s+(.*)$ ^isc-dhcp-relay(?::\w+|)\s+(.*)$ ^isc-dhcp-client(?::\w+|)\s+(.*)$ ^isc-dhcp-common(?::\w+|)\s+(.*)$ ^isc-dhcp-server(?::\w+|)\s+(.*)$ ^isc-dhcp-server-ldap(?::\w+|)\s+(.*)$ ^kitty-terminfo(?::\w+|)\s+(.*)$ ^kitty(?::\w+|)\s+(.*)$ ^kitty-doc(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libgmp10-doc(?::\w+|)\s+(.*)$ ^libgmpxx4ldbl(?::\w+|)\s+(.*)$ ^libgmp3-dev(?::\w+|)\s+(.*)$ ^libgmp10(?::\w+|)\s+(.*)$ ^libgmp-dev(?::\w+|)\s+(.*)$ ^unzip(?::\w+|)\s+(.*)$ ^libhcrypto4-heimdal(?::\w+|)\s+(.*)$ ^libwind0-heimdal(?::\w+|)\s+(.*)$ ^libroken18-heimdal(?::\w+|)\s+(.*)$ ^libgssapi3-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kcm(?::\w+|)\s+(.*)$ ^libhdb9-heimdal(?::\w+|)\s+(.*)$ ^libasn1-8-heimdal(?::\w+|)\s+(.*)$ ^libsl0-heimdal(?::\w+|)\s+(.*)$ ^libkadm5clnt7-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kdc(?::\w+|)\s+(.*)$ ^libkdc2-heimdal(?::\w+|)\s+(.*)$ ^heimdal-servers(?::\w+|)\s+(.*)$ ^libheimntlm0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-docs(?::\w+|)\s+(.*)$ ^libheimbase1-heimdal(?::\w+|)\s+(.*)$ ^libkrb5-26-heimdal(?::\w+|)\s+(.*)$ ^libotp0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-dev(?::\w+|)\s+(.*)$ ^libkafs0-heimdal(?::\w+|)\s+(.*)$ ^libhx509-5-heimdal(?::\w+|)\s+(.*)$ ^heimdal-multidev(?::\w+|)\s+(.*)$ ^libkadm5srv8-heimdal(?::\w+|)\s+(.*)$ ^heimdal-clients(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^gthumb-dev(?::\w+|)\s+(.*)$ ^gthumb-data(?::\w+|)\s+(.*)$ ^gthumb(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^libksba-mingw-w64-dev(?::\w+|)\s+(.*)$ ^libksba8(?::\w+|)\s+(.*)$ ^libksba-dev(?::\w+|)\s+(.*)$ ^perl-modules-5.30(?::\w+|)\s+(.*)$ ^libperl-dev(?::\w+|)\s+(.*)$ ^perl-doc(?::\w+|)\s+(.*)$ ^perl(?::\w+|)\s+(.*)$ ^perl-base(?::\w+|)\s+(.*)$ ^libperl5.30(?::\w+|)\s+(.*)$ ^perl-debug(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^barbican-keystone-listener(?::\w+|)\s+(.*)$ ^barbican-api(?::\w+|)\s+(.*)$ ^barbican-worker(?::\w+|)\s+(.*)$ ^barbican-common(?::\w+|)\s+(.*)$ ^python3-barbican(?::\w+|)\s+(.*)$ ^barbican-doc(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^dbus-1-doc(?::\w+|)\s+(.*)$ ^dbus(?::\w+|)\s+(.*)$ ^libdbus-1-dev(?::\w+|)\s+(.*)$ ^dbus-user-session(?::\w+|)\s+(.*)$ ^dbus-x11(?::\w+|)\s+(.*)$ ^dbus-tests(?::\w+|)\s+(.*)$ ^libdbus-1-3(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^backport-iwlwifi-dkms(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^ntfs-3g(?::\w+|)\s+(.*)$ ^libntfs-3g883(?::\w+|)\s+(.*)$ ^ntfs-3g-dev(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^libraw-doc(?::\w+|)\s+(.*)$ ^libraw-bin(?::\w+|)\s+(.*)$ ^libraw19(?::\w+|)\s+(.*)$ ^libraw-dev(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^libpixman-1-0(?::\w+|)\s+(.*)$ ^libpixman-1-dev(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^libnginx-mod-stream(?::\w+|)\s+(.*)$ ^libnginx-mod-http-subs-filter(?::\w+|)\s+(.*)$ ^nginx-doc(?::\w+|)\s+(.*)$ ^libnginx-mod-mail(?::\w+|)\s+(.*)$ ^libnginx-mod-http-image-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-echo(?::\w+|)\s+(.*)$ ^libnginx-mod-nchan(?::\w+|)\s+(.*)$ ^nginx-common(?::\w+|)\s+(.*)$ ^libnginx-mod-http-fancyindex(?::\w+|)\s+(.*)$ ^libnginx-mod-http-auth-pam(?::\w+|)\s+(.*)$ ^nginx-light(?::\w+|)\s+(.*)$ ^libnginx-mod-http-headers-more-filter(?::\w+|)\s+(.*)$ ^nginx-extras(?::\w+|)\s+(.*)$ ^libnginx-mod-http-upstream-fair(?::\w+|)\s+(.*)$ ^libnginx-mod-http-xslt-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-lua(?::\w+|)\s+(.*)$ ^libnginx-mod-http-perl(?::\w+|)\s+(.*)$ ^nginx-core(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip(?::\w+|)\s+(.*)$ ^libnginx-mod-http-dav-ext(?::\w+|)\s+(.*)$ ^nginx(?::\w+|)\s+(.*)$ ^libnginx-mod-http-ndk(?::\w+|)\s+(.*)$ ^libnginx-mod-http-uploadprogress(?::\w+|)\s+(.*)$ ^libnginx-mod-http-cache-purge(?::\w+|)\s+(.*)$ ^nginx-full(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip2(?::\w+|)\s+(.*)$ ^libnginx-mod-rtmp(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^golang-1.13-doc(?::\w+|)\s+(.*)$ ^golang-1.13-src(?::\w+|)\s+(.*)$ ^golang-1.13(?::\w+|)\s+(.*)$ ^golang-1.13-go(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^kpartx-boot(?::\w+|)\s+(.*)$ ^multipath-tools-boot(?::\w+|)\s+(.*)$ ^kpartx(?::\w+|)\s+(.*)$ ^multipath-tools(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python-unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^libflac-doc(?::\w+|)\s+(.*)$ ^libflac-dev(?::\w+|)\s+(.*)$ ^libflac++-dev(?::\w+|)\s+(.*)$ ^flac(?::\w+|)\s+(.*)$ ^libflac++6v5(?::\w+|)\s+(.*)$ ^libflac8(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^jbigkit-bin(?::\w+|)\s+(.*)$ ^libjbig-dev(?::\w+|)\s+(.*)$ ^libjbig0(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^passwd(?::\w+|)\s+(.*)$ ^login(?::\w+|)\s+(.*)$ ^uidmap(?::\w+|)\s+(.*)$ ^passwd(?::\w+|)\s+(.*)$ ^login(?::\w+|)\s+(.*)$ ^uidmap(?::\w+|)\s+(.*)$ ^isag(?::\w+|)\s+(.*)$ ^sysstat(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^libbpf-dev(?::\w+|)\s+(.*)$ ^libbpf0(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^python-numpy-doc(?::\w+|)\s+(.*)$ ^python3-numpy(?::\w+|)\s+(.*)$ ^u-boot(?::\w+|)\s+(.*)$ ^u-boot-qemu(?::\w+|)\s+(.*)$ ^u-boot-sifive(?::\w+|)\s+(.*)$ ^u-boot-amlogic(?::\w+|)\s+(.*)$ ^u-boot-tools(?::\w+|)\s+(.*)$ ^u-boot-imx(?::\w+|)\s+(.*)$ ^u-boot-tegra(?::\w+|)\s+(.*)$ ^u-boot-sunxi(?::\w+|)\s+(.*)$ ^u-boot-qcom(?::\w+|)\s+(.*)$ ^u-boot-rpi(?::\w+|)\s+(.*)$ ^u-boot-omap(?::\w+|)\s+(.*)$ ^u-boot-mvebu(?::\w+|)\s+(.*)$ ^u-boot-rockchip(?::\w+|)\s+(.*)$ ^u-boot-exynos(?::\w+|)\s+(.*)$ ^libhcrypto4-heimdal(?::\w+|)\s+(.*)$ ^libwind0-heimdal(?::\w+|)\s+(.*)$ ^libroken18-heimdal(?::\w+|)\s+(.*)$ ^libgssapi3-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kcm(?::\w+|)\s+(.*)$ ^libhdb9-heimdal(?::\w+|)\s+(.*)$ ^libasn1-8-heimdal(?::\w+|)\s+(.*)$ ^libsl0-heimdal(?::\w+|)\s+(.*)$ ^libkadm5clnt7-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kdc(?::\w+|)\s+(.*)$ ^libkdc2-heimdal(?::\w+|)\s+(.*)$ ^heimdal-servers(?::\w+|)\s+(.*)$ ^libheimntlm0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-docs(?::\w+|)\s+(.*)$ ^libheimbase1-heimdal(?::\w+|)\s+(.*)$ ^libkrb5-26-heimdal(?::\w+|)\s+(.*)$ ^libotp0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-dev(?::\w+|)\s+(.*)$ ^libkafs0-heimdal(?::\w+|)\s+(.*)$ ^libhx509-5-heimdal(?::\w+|)\s+(.*)$ ^heimdal-multidev(?::\w+|)\s+(.*)$ ^libkadm5srv8-heimdal(?::\w+|)\s+(.*)$ ^heimdal-clients(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-containerd-containerd-dev(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^python-pil(?::\w+|)\s+(.*)$ ^python-pil.imagetk(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libusbredirparser-dev(?::\w+|)\s+(.*)$ ^libusbredirhost-dev(?::\w+|)\s+(.*)$ ^usbredirserver(?::\w+|)\s+(.*)$ ^libusbredirhost1(?::\w+|)\s+(.*)$ ^libusbredirparser1(?::\w+|)\s+(.*)$ ^freeradius-ldap(?::\w+|)\s+(.*)$ ^freeradius-redis(?::\w+|)\s+(.*)$ ^libfreeradius3(?::\w+|)\s+(.*)$ ^freeradius-yubikey(?::\w+|)\s+(.*)$ ^freeradius-memcached(?::\w+|)\s+(.*)$ ^freeradius-postgresql(?::\w+|)\s+(.*)$ ^freeradius-mysql(?::\w+|)\s+(.*)$ ^libfreeradius-dev(?::\w+|)\s+(.*)$ ^freeradius-dhcp(?::\w+|)\s+(.*)$ ^freeradius-python3(?::\w+|)\s+(.*)$ ^freeradius(?::\w+|)\s+(.*)$ ^freeradius-iodbc(?::\w+|)\s+(.*)$ ^freeradius-common(?::\w+|)\s+(.*)$ ^freeradius-rest(?::\w+|)\s+(.*)$ ^freeradius-utils(?::\w+|)\s+(.*)$ ^freeradius-config(?::\w+|)\s+(.*)$ ^freeradius-krb5(?::\w+|)\s+(.*)$ ^nautilus-data(?::\w+|)\s+(.*)$ ^gir1.2-nautilus-3.0(?::\w+|)\s+(.*)$ ^nautilus(?::\w+|)\s+(.*)$ ^libnautilus-extension-dev(?::\w+|)\s+(.*)$ ^libnautilus-extension1a(?::\w+|)\s+(.*)$ ^libksba-mingw-w64-dev(?::\w+|)\s+(.*)$ ^libksba8(?::\w+|)\s+(.*)$ ^libksba-dev(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^snmptrapd(?::\w+|)\s+(.*)$ ^libsnmp-dev(?::\w+|)\s+(.*)$ ^libsnmp-base(?::\w+|)\s+(.*)$ ^snmp(?::\w+|)\s+(.*)$ ^libsnmp-perl(?::\w+|)\s+(.*)$ ^tkmib(?::\w+|)\s+(.*)$ ^snmpd(?::\w+|)\s+(.*)$ ^libsnmp35(?::\w+|)\s+(.*)$ ^w3m-img(?::\w+|)\s+(.*)$ ^w3m(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^libhcrypto4-heimdal(?::\w+|)\s+(.*)$ ^libwind0-heimdal(?::\w+|)\s+(.*)$ ^libroken18-heimdal(?::\w+|)\s+(.*)$ ^libgssapi3-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kcm(?::\w+|)\s+(.*)$ ^libhdb9-heimdal(?::\w+|)\s+(.*)$ ^libasn1-8-heimdal(?::\w+|)\s+(.*)$ ^libsl0-heimdal(?::\w+|)\s+(.*)$ ^libkadm5clnt7-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kdc(?::\w+|)\s+(.*)$ ^libkdc2-heimdal(?::\w+|)\s+(.*)$ ^heimdal-servers(?::\w+|)\s+(.*)$ ^libheimntlm0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-docs(?::\w+|)\s+(.*)$ ^libheimbase1-heimdal(?::\w+|)\s+(.*)$ ^libkrb5-26-heimdal(?::\w+|)\s+(.*)$ ^libotp0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-dev(?::\w+|)\s+(.*)$ ^libkafs0-heimdal(?::\w+|)\s+(.*)$ ^libhx509-5-heimdal(?::\w+|)\s+(.*)$ ^heimdal-multidev(?::\w+|)\s+(.*)$ ^libkadm5srv8-heimdal(?::\w+|)\s+(.*)$ ^heimdal-clients(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^xpmutils(?::\w+|)\s+(.*)$ ^libxpm-dev(?::\w+|)\s+(.*)$ ^libxpm4(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^sudo-ldap(?::\w+|)\s+(.*)$ ^sudo(?::\w+|)\s+(.*)$ ^python3-urllib3(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^python-setuptools(?::\w+|)\s+(.*)$ ^pypy-setuptools(?::\w+|)\s+(.*)$ ^pypy-pkg-resources(?::\w+|)\s+(.*)$ ^python-pkg-resources(?::\w+|)\s+(.*)$ ^python-setuptools-doc(?::\w+|)\s+(.*)$ ^python3-pkg-resources(?::\w+|)\s+(.*)$ ^python3-setuptools(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^exuberant-ctags(?::\w+|)\s+(.*)$ ^python-wheel-common(?::\w+|)\s+(.*)$ ^python3-wheel(?::\w+|)\s+(.*)$ ^python-pip-whl(?::\w+|)\s+(.*)$ ^python3-pip(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^libpam-runtime(?::\w+|)\s+(.*)$ ^libpam0g-dev(?::\w+|)\s+(.*)$ ^libpam-modules(?::\w+|)\s+(.*)$ ^libpam-modules-bin(?::\w+|)\s+(.*)$ ^libpam-doc(?::\w+|)\s+(.*)$ ^libpam-cracklib(?::\w+|)\s+(.*)$ ^libpam0g(?::\w+|)\s+(.*)$ ^libpam-runtime(?::\w+|)\s+(.*)$ ^libpam0g-dev(?::\w+|)\s+(.*)$ ^libpam-modules(?::\w+|)\s+(.*)$ ^libpam-modules-bin(?::\w+|)\s+(.*)$ ^libpam-doc(?::\w+|)\s+(.*)$ ^libpam-cracklib(?::\w+|)\s+(.*)$ ^libpam0g(?::\w+|)\s+(.*)$ ^privoxy(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^libk5crypto3(?::\w+|)\s+(.*)$ ^krb5-kpropd(?::\w+|)\s+(.*)$ ^krb5-user(?::\w+|)\s+(.*)$ ^libgssrpc4(?::\w+|)\s+(.*)$ ^libkrb5support0(?::\w+|)\s+(.*)$ ^krb5-doc(?::\w+|)\s+(.*)$ ^libkrb5-dev(?::\w+|)\s+(.*)$ ^krb5-pkinit(?::\w+|)\s+(.*)$ ^libkrb5-3(?::\w+|)\s+(.*)$ ^krb5-kdc-ldap(?::\w+|)\s+(.*)$ ^krb5-otp(?::\w+|)\s+(.*)$ ^krb5-gss-samples(?::\w+|)\s+(.*)$ ^libkdb5-9(?::\w+|)\s+(.*)$ ^krb5-locales(?::\w+|)\s+(.*)$ ^libgssapi-krb5-2(?::\w+|)\s+(.*)$ ^krb5-kdc(?::\w+|)\s+(.*)$ ^libkrad-dev(?::\w+|)\s+(.*)$ ^krb5-k5tls(?::\w+|)\s+(.*)$ ^libkrad0(?::\w+|)\s+(.*)$ ^krb5-multidev(?::\w+|)\s+(.*)$ ^libkadm5srv-mit11(?::\w+|)\s+(.*)$ ^libkadm5clnt-mit11(?::\w+|)\s+(.*)$ ^krb5-admin-server(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^python-future-doc(?::\w+|)\s+(.*)$ ^python3-future(?::\w+|)\s+(.*)$ ^cinder-backup(?::\w+|)\s+(.*)$ ^cinder-api(?::\w+|)\s+(.*)$ ^cinder-volume(?::\w+|)\s+(.*)$ ^cinder-common(?::\w+|)\s+(.*)$ ^python3-cinder(?::\w+|)\s+(.*)$ ^cinder-scheduler(?::\w+|)\s+(.*)$ ^python3-glance(?::\w+|)\s+(.*)$ ^glance-api(?::\w+|)\s+(.*)$ ^glance(?::\w+|)\s+(.*)$ ^glance-common(?::\w+|)\s+(.*)$ ^python-glance-doc(?::\w+|)\s+(.*)$ ^nova-api(?::\w+|)\s+(.*)$ ^nova-common(?::\w+|)\s+(.*)$ ^nova-compute-xen(?::\w+|)\s+(.*)$ ^nova-api-os-compute(?::\w+|)\s+(.*)$ ^nova-novncproxy(?::\w+|)\s+(.*)$ ^nova-serialproxy(?::\w+|)\s+(.*)$ ^nova-api-os-volume(?::\w+|)\s+(.*)$ ^nova-compute-lxc(?::\w+|)\s+(.*)$ ^nova-api-metadata(?::\w+|)\s+(.*)$ ^nova-ajax-console-proxy(?::\w+|)\s+(.*)$ ^nova-compute-kvm(?::\w+|)\s+(.*)$ ^nova-doc(?::\w+|)\s+(.*)$ ^nova-conductor(?::\w+|)\s+(.*)$ ^nova-volume(?::\w+|)\s+(.*)$ ^nova-compute-vmware(?::\w+|)\s+(.*)$ ^python3-nova(?::\w+|)\s+(.*)$ ^nova-spiceproxy(?::\w+|)\s+(.*)$ ^nova-scheduler(?::\w+|)\s+(.*)$ ^nova-compute-libvirt(?::\w+|)\s+(.*)$ ^nova-compute(?::\w+|)\s+(.*)$ ^nova-compute-qemu(?::\w+|)\s+(.*)$ ^nova-cells(?::\w+|)\s+(.*)$ ^cinder-backup(?::\w+|)\s+(.*)$ ^cinder-api(?::\w+|)\s+(.*)$ ^cinder-volume(?::\w+|)\s+(.*)$ ^cinder-common(?::\w+|)\s+(.*)$ ^python3-cinder(?::\w+|)\s+(.*)$ ^cinder-scheduler(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^advancecomp(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^lrzip(?::\w+|)\s+(.*)$ ^editorconfig-doc(?::\w+|)\s+(.*)$ ^libeditorconfig0(?::\w+|)\s+(.*)$ ^editorconfig(?::\w+|)\s+(.*)$ ^libeditorconfig-dev(?::\w+|)\s+(.*)$ ^tmux(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^grunt(?::\w+|)\s+(.*)$ ^libhcrypto4-heimdal(?::\w+|)\s+(.*)$ ^libwind0-heimdal(?::\w+|)\s+(.*)$ ^libroken18-heimdal(?::\w+|)\s+(.*)$ ^libgssapi3-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kcm(?::\w+|)\s+(.*)$ ^libhdb9-heimdal(?::\w+|)\s+(.*)$ ^libasn1-8-heimdal(?::\w+|)\s+(.*)$ ^libsl0-heimdal(?::\w+|)\s+(.*)$ ^libkadm5clnt7-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kdc(?::\w+|)\s+(.*)$ ^libkdc2-heimdal(?::\w+|)\s+(.*)$ ^heimdal-servers(?::\w+|)\s+(.*)$ ^libheimntlm0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-docs(?::\w+|)\s+(.*)$ ^libheimbase1-heimdal(?::\w+|)\s+(.*)$ ^libkrb5-26-heimdal(?::\w+|)\s+(.*)$ ^libotp0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-dev(?::\w+|)\s+(.*)$ ^libkafs0-heimdal(?::\w+|)\s+(.*)$ ^libhx509-5-heimdal(?::\w+|)\s+(.*)$ ^heimdal-multidev(?::\w+|)\s+(.*)$ ^libkadm5srv8-heimdal(?::\w+|)\s+(.*)$ ^heimdal-clients(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^swift-account(?::\w+|)\s+(.*)$ ^swift-doc(?::\w+|)\s+(.*)$ ^swift-proxy(?::\w+|)\s+(.*)$ ^python3-swift(?::\w+|)\s+(.*)$ ^swift-container(?::\w+|)\s+(.*)$ ^swift(?::\w+|)\s+(.*)$ ^swift-object-expirer(?::\w+|)\s+(.*)$ ^swift-object(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^fig2dev(?::\w+|)\s+(.*)$ ^nova-api(?::\w+|)\s+(.*)$ ^nova-common(?::\w+|)\s+(.*)$ ^nova-compute-xen(?::\w+|)\s+(.*)$ ^nova-api-os-compute(?::\w+|)\s+(.*)$ ^nova-novncproxy(?::\w+|)\s+(.*)$ ^nova-serialproxy(?::\w+|)\s+(.*)$ ^nova-api-os-volume(?::\w+|)\s+(.*)$ ^nova-compute-lxc(?::\w+|)\s+(.*)$ ^nova-api-metadata(?::\w+|)\s+(.*)$ ^nova-compute-libvirt(?::\w+|)\s+(.*)$ ^nova-compute-kvm(?::\w+|)\s+(.*)$ ^nova-doc(?::\w+|)\s+(.*)$ ^nova-conductor(?::\w+|)\s+(.*)$ ^nova-volume(?::\w+|)\s+(.*)$ ^nova-compute-vmware(?::\w+|)\s+(.*)$ ^python3-nova(?::\w+|)\s+(.*)$ ^nova-spiceproxy(?::\w+|)\s+(.*)$ ^nova-scheduler(?::\w+|)\s+(.*)$ ^nova-ajax-console-proxy(?::\w+|)\s+(.*)$ ^nova-compute(?::\w+|)\s+(.*)$ ^nova-compute-qemu(?::\w+|)\s+(.*)$ ^nova-cells(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^libaprutil1-dbd-odbc(?::\w+|)\s+(.*)$ ^libaprutil1(?::\w+|)\s+(.*)$ ^libaprutil1-dbd-mysql(?::\w+|)\s+(.*)$ ^libaprutil1-ldap(?::\w+|)\s+(.*)$ ^libaprutil1-dbd-sqlite3(?::\w+|)\s+(.*)$ ^libaprutil1-dbd-pgsql(?::\w+|)\s+(.*)$ ^libaprutil1-dev(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^golang-golang-x-text-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libdcmtk14(?::\w+|)\s+(.*)$ ^dcmtk(?::\w+|)\s+(.*)$ ^dcmtk-doc(?::\w+|)\s+(.*)$ ^libdcmtk-dev(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^python3.9-dev(?::\w+|)\s+(.*)$ ^python3.9-examples(?::\w+|)\s+(.*)$ ^libpython3.9-minimal(?::\w+|)\s+(.*)$ ^python3.9-full(?::\w+|)\s+(.*)$ ^python3.9-venv(?::\w+|)\s+(.*)$ ^python3.9-doc(?::\w+|)\s+(.*)$ ^libpython3.9-dev(?::\w+|)\s+(.*)$ ^libpython3.9(?::\w+|)\s+(.*)$ ^python3.9-minimal(?::\w+|)\s+(.*)$ ^idle-python3.9(?::\w+|)\s+(.*)$ ^libpython3.9-testsuite(?::\w+|)\s+(.*)$ ^libpython3.9-stdlib(?::\w+|)\s+(.*)$ ^python3.9(?::\w+|)\s+(.*)$ ^zoneminder-doc(?::\w+|)\s+(.*)$ ^zoneminder(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^mplayer-doc(?::\w+|)\s+(.*)$ ^mplayer-gui(?::\w+|)\s+(.*)$ ^mplayer(?::\w+|)\s+(.*)$ ^mencoder(?::\w+|)\s+(.*)$ ^ruby-rack(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^awstats(?::\w+|)\s+(.*)$ ^tar-scripts(?::\w+|)\s+(.*)$ ^tar(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^lighttpd-doc(?::\w+|)\s+(.*)$ ^lighttpd-mod-authn-sasl(?::\w+|)\s+(.*)$ ^lighttpd-mod-magnet(?::\w+|)\s+(.*)$ ^lighttpd-dev(?::\w+|)\s+(.*)$ ^lighttpd-mod-authn-pam(?::\w+|)\s+(.*)$ ^lighttpd(?::\w+|)\s+(.*)$ ^lighttpd-mod-maxminddb(?::\w+|)\s+(.*)$ ^lighttpd-mod-vhostdb-dbi(?::\w+|)\s+(.*)$ ^lighttpd-modules-ldap(?::\w+|)\s+(.*)$ ^lighttpd-mod-cml(?::\w+|)\s+(.*)$ ^lighttpd-mod-vhostdb-pgsql(?::\w+|)\s+(.*)$ ^lighttpd-mod-geoip(?::\w+|)\s+(.*)$ ^lighttpd-mod-authn-gssapi(?::\w+|)\s+(.*)$ ^lighttpd-mod-webdav(?::\w+|)\s+(.*)$ ^lighttpd-mod-trigger-b4-dl(?::\w+|)\s+(.*)$ ^lighttpd-modules-mysql(?::\w+|)\s+(.*)$ ^libsox-fmt-mp3(?::\w+|)\s+(.*)$ ^libsox-fmt-pulse(?::\w+|)\s+(.*)$ ^libsox-fmt-ao(?::\w+|)\s+(.*)$ ^sox(?::\w+|)\s+(.*)$ ^libsox3(?::\w+|)\s+(.*)$ ^libsox-fmt-base(?::\w+|)\s+(.*)$ ^libsox-fmt-all(?::\w+|)\s+(.*)$ ^libsox-dev(?::\w+|)\s+(.*)$ ^libsox-fmt-alsa(?::\w+|)\s+(.*)$ ^libsox-fmt-oss(?::\w+|)\s+(.*)$ ^libsox-fmt-mp3(?::\w+|)\s+(.*)$ ^libsox-fmt-pulse(?::\w+|)\s+(.*)$ ^libsox-fmt-ao(?::\w+|)\s+(.*)$ ^sox(?::\w+|)\s+(.*)$ ^libsox3(?::\w+|)\s+(.*)$ ^libsox-fmt-base(?::\w+|)\s+(.*)$ ^libsox-fmt-all(?::\w+|)\s+(.*)$ ^libsox-dev(?::\w+|)\s+(.*)$ ^libsox-fmt-alsa(?::\w+|)\s+(.*)$ ^libsox-fmt-oss(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^libc-ares2(?::\w+|)\s+(.*)$ ^libc-ares-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^ruby-rack(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^rsync(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^systemd-tests(?::\w+|)\s+(.*)$ ^systemd-coredump(?::\w+|)\s+(.*)$ ^systemd(?::\w+|)\s+(.*)$ ^libsystemd0(?::\w+|)\s+(.*)$ ^systemd-container(?::\w+|)\s+(.*)$ ^libnss-myhostname(?::\w+|)\s+(.*)$ ^libudev1(?::\w+|)\s+(.*)$ ^systemd-timesyncd(?::\w+|)\s+(.*)$ ^libsystemd-dev(?::\w+|)\s+(.*)$ ^libnss-systemd(?::\w+|)\s+(.*)$ ^systemd-journal-remote(?::\w+|)\s+(.*)$ ^libpam-systemd(?::\w+|)\s+(.*)$ ^libnss-mymachines(?::\w+|)\s+(.*)$ ^libnss-resolve(?::\w+|)\s+(.*)$ ^systemd-sysv(?::\w+|)\s+(.*)$ ^udev(?::\w+|)\s+(.*)$ ^libudev-dev(?::\w+|)\s+(.*)$ ^sofia-sip-doc(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-glib3(?::\w+|)\s+(.*)$ ^libsofia-sip-ua0(?::\w+|)\s+(.*)$ ^sofia-sip-bin(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-glib-dev(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^libopusfile-doc(?::\w+|)\s+(.*)$ ^libopusfile-dev(?::\w+|)\s+(.*)$ ^libopusfile0(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^libyaml-snake-java(?::\w+|)\s+(.*)$ ^libyaml-snake-java-doc(?::\w+|)\s+(.*)$ ^libprotobuf17(?::\w+|)\s+(.*)$ ^libprotoc17(?::\w+|)\s+(.*)$ ^libprotoc-dev(?::\w+|)\s+(.*)$ ^python-protobuf(?::\w+|)\s+(.*)$ ^libprotobuf-lite17(?::\w+|)\s+(.*)$ ^ruby-google-protobuf(?::\w+|)\s+(.*)$ ^libprotobuf-dev(?::\w+|)\s+(.*)$ ^python3-protobuf(?::\w+|)\s+(.*)$ ^libprotobuf-java(?::\w+|)\s+(.*)$ ^protobuf-compiler(?::\w+|)\s+(.*)$ ^libxstream-java(?::\w+|)\s+(.*)$ ^php-twig-inky-extra(?::\w+|)\s+(.*)$ ^php-twig-cssinliner-extra(?::\w+|)\s+(.*)$ ^php-twig-intl-extra(?::\w+|)\s+(.*)$ ^php-twig-extra-bundle(?::\w+|)\s+(.*)$ ^php-twig-html-extra(?::\w+|)\s+(.*)$ ^php-twig-doc(?::\w+|)\s+(.*)$ ^php-twig-markdown-extra(?::\w+|)\s+(.*)$ ^php-twig(?::\w+|)\s+(.*)$ ^python3-werkzeug(?::\w+|)\s+(.*)$ ^python-werkzeug-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^python-ipython-doc(?::\w+|)\s+(.*)$ ^python3-ipython(?::\w+|)\s+(.*)$ ^ipython3(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libphp-phpmailer(?::\w+|)\s+(.*)$ ^librecad-data(?::\w+|)\s+(.*)$ ^librecad(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^libk5crypto3(?::\w+|)\s+(.*)$ ^krb5-kpropd(?::\w+|)\s+(.*)$ ^krb5-user(?::\w+|)\s+(.*)$ ^libgssrpc4(?::\w+|)\s+(.*)$ ^libkrb5support0(?::\w+|)\s+(.*)$ ^krb5-doc(?::\w+|)\s+(.*)$ ^libkrb5-dev(?::\w+|)\s+(.*)$ ^krb5-pkinit(?::\w+|)\s+(.*)$ ^libkrb5-3(?::\w+|)\s+(.*)$ ^krb5-kdc-ldap(?::\w+|)\s+(.*)$ ^krb5-otp(?::\w+|)\s+(.*)$ ^krb5-gss-samples(?::\w+|)\s+(.*)$ ^libkdb5-9(?::\w+|)\s+(.*)$ ^krb5-locales(?::\w+|)\s+(.*)$ ^libgssapi-krb5-2(?::\w+|)\s+(.*)$ ^krb5-kdc(?::\w+|)\s+(.*)$ ^libkrad-dev(?::\w+|)\s+(.*)$ ^krb5-k5tls(?::\w+|)\s+(.*)$ ^libkrad0(?::\w+|)\s+(.*)$ ^krb5-multidev(?::\w+|)\s+(.*)$ ^libkadm5srv-mit11(?::\w+|)\s+(.*)$ ^libkadm5clnt-mit11(?::\w+|)\s+(.*)$ ^krb5-admin-server(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^abcm2ps(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^tigervnc-xorg-extension(?::\w+|)\s+(.*)$ ^tigervnc-common(?::\w+|)\s+(.*)$ ^tigervnc-standalone-server(?::\w+|)\s+(.*)$ ^tigervnc-scraping-server(?::\w+|)\s+(.*)$ ^tigervnc-viewer(?::\w+|)\s+(.*)$ ^amanda-client(?::\w+|)\s+(.*)$ ^amanda-common(?::\w+|)\s+(.*)$ ^amanda-server(?::\w+|)\s+(.*)$ ^amanda-client(?::\w+|)\s+(.*)$ ^amanda-common(?::\w+|)\s+(.*)$ ^amanda-server(?::\w+|)\s+(.*)$ ^amanda-client(?::\w+|)\s+(.*)$ ^amanda-common(?::\w+|)\s+(.*)$ ^amanda-server(?::\w+|)\s+(.*)$ ^node-object-path(?::\w+|)\s+(.*)$ ^python-git-doc(?::\w+|)\s+(.*)$ ^python3-git(?::\w+|)\s+(.*)$ ^gif2apng(?::\w+|)\s+(.*)$ ^libgv-perl(?::\w+|)\s+(.*)$ ^python3-gv(?::\w+|)\s+(.*)$ ^libcgraph6(?::\w+|)\s+(.*)$ ^libgv-tcl(?::\w+|)\s+(.*)$ ^liblab-gamut1(?::\w+|)\s+(.*)$ ^libgvc6(?::\w+|)\s+(.*)$ ^libxdot4(?::\w+|)\s+(.*)$ ^libgv-php7(?::\w+|)\s+(.*)$ ^graphviz-doc(?::\w+|)\s+(.*)$ ^graphviz(?::\w+|)\s+(.*)$ ^libgv-lua(?::\w+|)\s+(.*)$ ^libpathplan4(?::\w+|)\s+(.*)$ ^libcdt5(?::\w+|)\s+(.*)$ ^libgvpr2(?::\w+|)\s+(.*)$ ^libgraphviz-dev(?::\w+|)\s+(.*)$ ^libgvc6-plugins-gtk(?::\w+|)\s+(.*)$ ^libgv-guile(?::\w+|)\s+(.*)$ ^libgv-ruby(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^node-url-parse(?::\w+|)\s+(.*)$ ^libgraphics-magick-perl(?::\w+|)\s+(.*)$ ^libgraphicsmagick-q16-3(?::\w+|)\s+(.*)$ ^libgraphicsmagick1-dev(?::\w+|)\s+(.*)$ ^graphicsmagick(?::\w+|)\s+(.*)$ ^graphicsmagick-imagemagick-compat(?::\w+|)\s+(.*)$ ^graphicsmagick-libmagick-dev-compat(?::\w+|)\s+(.*)$ ^libgraphicsmagick++-q16-12(?::\w+|)\s+(.*)$ ^libgraphicsmagick++1-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^xcftools(?::\w+|)\s+(.*)$ ^musl-dev(?::\w+|)\s+(.*)$ ^musl-tools(?::\w+|)\s+(.*)$ ^musl(?::\w+|)\s+(.*)$ ^ldb-tools(?::\w+|)\s+(.*)$ ^libldb2(?::\w+|)\s+(.*)$ ^python3-ldb(?::\w+|)\s+(.*)$ ^libldb-dev(?::\w+|)\s+(.*)$ ^python3-ldb-dev(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^liblouis-dev(?::\w+|)\s+(.*)$ ^python3-louis(?::\w+|)\s+(.*)$ ^liblouis-data(?::\w+|)\s+(.*)$ ^liblouis20(?::\w+|)\s+(.*)$ ^liblouis-bin(?::\w+|)\s+(.*)$ ^ipmitool(?::\w+|)\s+(.*)$ ^liblog4j1.2-java-doc(?::\w+|)\s+(.*)$ ^liblog4j1.2-java(?::\w+|)\s+(.*)$ ^node-trim-newlines(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^sudo-ldap(?::\w+|)\s+(.*)$ ^sudo(?::\w+|)\s+(.*)$ ^libexo-2-dev(?::\w+|)\s+(.*)$ ^libexo-helpers(?::\w+|)\s+(.*)$ ^libexo-common(?::\w+|)\s+(.*)$ ^libexo-1-0(?::\w+|)\s+(.*)$ ^exo-utils(?::\w+|)\s+(.*)$ ^libexo-1-dev(?::\w+|)\s+(.*)$ ^libexo-2-0(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libjson-smart-java(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^node-thenify(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^python3-flask-cors(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^kamailio-radius-modules(?::\w+|)\s+(.*)$ ^kamailio-lua-modules(?::\w+|)\s+(.*)$ ^kamailio-postgres-modules(?::\w+|)\s+(.*)$ ^kamailio-perl-modules(?::\w+|)\s+(.*)$ ^kamailio-ruby-modules(?::\w+|)\s+(.*)$ ^kamailio-mysql-modules(?::\w+|)\s+(.*)$ ^kamailio-utils-modules(?::\w+|)\s+(.*)$ ^kamailio-extra-modules(?::\w+|)\s+(.*)$ ^kamailio(?::\w+|)\s+(.*)$ ^kamailio-cpl-modules(?::\w+|)\s+(.*)$ ^kamailio-mono-modules(?::\w+|)\s+(.*)$ ^kamailio-kazoo-modules(?::\w+|)\s+(.*)$ ^kamailio-rabbitmq-modules(?::\w+|)\s+(.*)$ ^kamailio-cnxcc-modules(?::\w+|)\s+(.*)$ ^kamailio-snmpstats-modules(?::\w+|)\s+(.*)$ ^kamailio-tls-modules(?::\w+|)\s+(.*)$ ^kamailio-xmpp-modules(?::\w+|)\s+(.*)$ ^kamailio-presence-modules(?::\w+|)\s+(.*)$ ^kamailio-json-modules(?::\w+|)\s+(.*)$ ^kamailio-sctp-modules(?::\w+|)\s+(.*)$ ^kamailio-mongodb-modules(?::\w+|)\s+(.*)$ ^kamailio-geoip-modules(?::\w+|)\s+(.*)$ ^kamailio-sqlite-modules(?::\w+|)\s+(.*)$ ^kamailio-ldap-modules(?::\w+|)\s+(.*)$ ^kamailio-websocket-modules(?::\w+|)\s+(.*)$ ^kamailio-ims-modules(?::\w+|)\s+(.*)$ ^kamailio-phonenum-modules(?::\w+|)\s+(.*)$ ^kamailio-redis-modules(?::\w+|)\s+(.*)$ ^kamailio-python3-modules(?::\w+|)\s+(.*)$ ^kamailio-erlang-modules(?::\w+|)\s+(.*)$ ^kamailio-autheph-modules(?::\w+|)\s+(.*)$ ^kamailio-outbound-modules(?::\w+|)\s+(.*)$ ^kamailio-systemd-modules(?::\w+|)\s+(.*)$ ^kamailio-berkeley-modules(?::\w+|)\s+(.*)$ ^kamailio-geoip2-modules(?::\w+|)\s+(.*)$ ^kamailio-unixodbc-modules(?::\w+|)\s+(.*)$ ^kamailio-xml-modules(?::\w+|)\s+(.*)$ ^kamailio-berkeley-bin(?::\w+|)\s+(.*)$ ^kamailio-memcached-modules(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^dnsmasq(?::\w+|)\s+(.*)$ ^dnsmasq-base-lua(?::\w+|)\s+(.*)$ ^dnsmasq-utils(?::\w+|)\s+(.*)$ ^dnsmasq-base(?::\w+|)\s+(.*)$ ^libcommons-net-java-doc(?::\w+|)\s+(.*)$ ^libcommons-net-java(?::\w+|)\s+(.*)$ ^golang-1.18-go(?::\w+|)\s+(.*)$ ^golang-1.18-src(?::\w+|)\s+(.*)$ ^golang-1.18(?::\w+|)\s+(.*)$ ^golang-1.18-doc(?::\w+|)\s+(.*)$ ^golang-1.13(?::\w+|)\s+(.*)$ ^golang-1.13-doc(?::\w+|)\s+(.*)$ ^golang-1.13-go(?::\w+|)\s+(.*)$ ^golang-1.13-src(?::\w+|)\s+(.*)$ ^golang-1.16(?::\w+|)\s+(.*)$ ^golang-1.16-doc(?::\w+|)\s+(.*)$ ^golang-1.16-go(?::\w+|)\s+(.*)$ ^golang-1.16-src(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^cloud-init(?::\w+|)\s+(.*)$ ^cloud-init(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^openssl-ibmca(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libzen-dev(?::\w+|)\s+(.*)$ ^libzen-doc(?::\w+|)\s+(.*)$ ^libzen0v5(?::\w+|)\s+(.*)$ ^libnetty-java(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^erlang-x11(?::\w+|)\s+(.*)$ ^erlang-jinterface(?::\w+|)\s+(.*)$ ^erlang-asn1(?::\w+|)\s+(.*)$ ^erlang-inets(?::\w+|)\s+(.*)$ ^erlang-snmp(?::\w+|)\s+(.*)$ ^erlang-mode(?::\w+|)\s+(.*)$ ^erlang-odbc(?::\w+|)\s+(.*)$ ^erlang-common-test(?::\w+|)\s+(.*)$ ^erlang-examples(?::\w+|)\s+(.*)$ ^erlang-wx(?::\w+|)\s+(.*)$ ^erlang-ftp(?::\w+|)\s+(.*)$ ^erlang-observer(?::\w+|)\s+(.*)$ ^erlang-os-mon(?::\w+|)\s+(.*)$ ^erlang-syntax-tools(?::\w+|)\s+(.*)$ ^erlang-ssl(?::\w+|)\s+(.*)$ ^erlang-dev(?::\w+|)\s+(.*)$ ^erlang-ssh(?::\w+|)\s+(.*)$ ^erlang-megaco(?::\w+|)\s+(.*)$ ^erlang-manpages(?::\w+|)\s+(.*)$ ^erlang(?::\w+|)\s+(.*)$ ^erlang-tftp(?::\w+|)\s+(.*)$ ^erlang-runtime-tools(?::\w+|)\s+(.*)$ ^erlang-eunit(?::\w+|)\s+(.*)$ ^erlang-tools(?::\w+|)\s+(.*)$ ^erlang-debugger(?::\w+|)\s+(.*)$ ^erlang-parsetools(?::\w+|)\s+(.*)$ ^erlang-public-key(?::\w+|)\s+(.*)$ ^erlang-diameter(?::\w+|)\s+(.*)$ ^erlang-doc(?::\w+|)\s+(.*)$ ^erlang-reltool(?::\w+|)\s+(.*)$ ^erlang-xmerl(?::\w+|)\s+(.*)$ ^erlang-nox(?::\w+|)\s+(.*)$ ^erlang-eldap(?::\w+|)\s+(.*)$ ^erlang-src(?::\w+|)\s+(.*)$ ^erlang-edoc(?::\w+|)\s+(.*)$ ^erlang-mnesia(?::\w+|)\s+(.*)$ ^erlang-base-hipe(?::\w+|)\s+(.*)$ ^erlang-crypto(?::\w+|)\s+(.*)$ ^erlang-erl-docgen(?::\w+|)\s+(.*)$ ^erlang-base(?::\w+|)\s+(.*)$ ^erlang-et(?::\w+|)\s+(.*)$ ^erlang-dialyzer(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^freetype2-doc(?::\w+|)\s+(.*)$ ^libfreetype6-dev(?::\w+|)\s+(.*)$ ^libfreetype-dev(?::\w+|)\s+(.*)$ ^freetype2-demos(?::\w+|)\s+(.*)$ ^libfreetype6(?::\w+|)\s+(.*)$ ^python3-rbd(?::\w+|)\s+(.*)$ ^ceph-mgr-modules-core(?::\w+|)\s+(.*)$ ^ceph-mgr(?::\w+|)\s+(.*)$ ^ceph-mgr-cephadm(?::\w+|)\s+(.*)$ ^ceph(?::\w+|)\s+(.*)$ ^rbd-mirror(?::\w+|)\s+(.*)$ ^ceph-mgr-dashboard(?::\w+|)\s+(.*)$ ^librbd-dev(?::\w+|)\s+(.*)$ ^ceph-mgr-rook(?::\w+|)\s+(.*)$ ^rbd-fuse(?::\w+|)\s+(.*)$ ^libradospp-dev(?::\w+|)\s+(.*)$ ^rbd-nbd(?::\w+|)\s+(.*)$ ^librados-dev(?::\w+|)\s+(.*)$ ^librbd1(?::\w+|)\s+(.*)$ ^python3-ceph(?::\w+|)\s+(.*)$ ^cephadm(?::\w+|)\s+(.*)$ ^libradosstriper-dev(?::\w+|)\s+(.*)$ ^librados2(?::\w+|)\s+(.*)$ ^ceph-mon(?::\w+|)\s+(.*)$ ^libcephfs2(?::\w+|)\s+(.*)$ ^ceph-immutable-object-cache(?::\w+|)\s+(.*)$ ^librgw2(?::\w+|)\s+(.*)$ ^ceph-mds(?::\w+|)\s+(.*)$ ^radosgw(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-local(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-cloud(?::\w+|)\s+(.*)$ ^python3-rgw(?::\w+|)\s+(.*)$ ^python3-ceph-common(?::\w+|)\s+(.*)$ ^libcephfs-dev(?::\w+|)\s+(.*)$ ^rados-objclass-dev(?::\w+|)\s+(.*)$ ^libradosstriper1(?::\w+|)\s+(.*)$ ^ceph-osd(?::\w+|)\s+(.*)$ ^python3-ceph-argparse(?::\w+|)\s+(.*)$ ^librgw-dev(?::\w+|)\s+(.*)$ ^python3-rados(?::\w+|)\s+(.*)$ ^ceph-base(?::\w+|)\s+(.*)$ ^ceph-mgr-k8sevents(?::\w+|)\s+(.*)$ ^python3-cephfs(?::\w+|)\s+(.*)$ ^ceph-fuse(?::\w+|)\s+(.*)$ ^cephfs-shell(?::\w+|)\s+(.*)$ ^ceph-common(?::\w+|)\s+(.*)$ ^libcephfs-java(?::\w+|)\s+(.*)$ ^ceph-resource-agents(?::\w+|)\s+(.*)$ ^libcephfs-jni(?::\w+|)\s+(.*)$ ^sqlformat(?::\w+|)\s+(.*)$ ^python3-sqlparse(?::\w+|)\s+(.*)$ ^python-sqlparse-doc(?::\w+|)\s+(.*)$ ^pypy-sqlparse(?::\w+|)\s+(.*)$ ^node-css-what(?::\w+|)\s+(.*)$ ^python3-heat(?::\w+|)\s+(.*)$ ^heat-api-cfn(?::\w+|)\s+(.*)$ ^heat-engine(?::\w+|)\s+(.*)$ ^heat-api(?::\w+|)\s+(.*)$ ^heat-common(?::\w+|)\s+(.*)$ ^neutron-linuxbridge-agent(?::\w+|)\s+(.*)$ ^neutron-metering-agent(?::\w+|)\s+(.*)$ ^neutron-plugin-ml2(?::\w+|)\s+(.*)$ ^neutron-server(?::\w+|)\s+(.*)$ ^neutron-ovn-metadata-agent(?::\w+|)\s+(.*)$ ^python3-neutron(?::\w+|)\s+(.*)$ ^neutron-l3-agent(?::\w+|)\s+(.*)$ ^neutron-metadata-agent(?::\w+|)\s+(.*)$ ^neutron-dhcp-agent(?::\w+|)\s+(.*)$ ^neutron-sriov-agent(?::\w+|)\s+(.*)$ ^neutron-openvswitch-agent(?::\w+|)\s+(.*)$ ^neutron-common(?::\w+|)\s+(.*)$ ^neutron-macvtap-agent(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^python3-cinder(?::\w+|)\s+(.*)$ ^cinder-api(?::\w+|)\s+(.*)$ ^cinder-volume(?::\w+|)\s+(.*)$ ^cinder-common(?::\w+|)\s+(.*)$ ^cinder-backup(?::\w+|)\s+(.*)$ ^cinder-scheduler(?::\w+|)\s+(.*)$ ^python-glance-store-doc(?::\w+|)\s+(.*)$ ^python3-glance-store(?::\w+|)\s+(.*)$ ^nova-api(?::\w+|)\s+(.*)$ ^nova-common(?::\w+|)\s+(.*)$ ^nova-compute-xen(?::\w+|)\s+(.*)$ ^nova-api-os-compute(?::\w+|)\s+(.*)$ ^nova-novncproxy(?::\w+|)\s+(.*)$ ^nova-serialproxy(?::\w+|)\s+(.*)$ ^nova-api-os-volume(?::\w+|)\s+(.*)$ ^nova-compute-lxc(?::\w+|)\s+(.*)$ ^nova-api-metadata(?::\w+|)\s+(.*)$ ^nova-compute-libvirt(?::\w+|)\s+(.*)$ ^nova-compute-kvm(?::\w+|)\s+(.*)$ ^nova-doc(?::\w+|)\s+(.*)$ ^nova-conductor(?::\w+|)\s+(.*)$ ^nova-volume(?::\w+|)\s+(.*)$ ^nova-compute-vmware(?::\w+|)\s+(.*)$ ^nova-cells(?::\w+|)\s+(.*)$ ^nova-spiceproxy(?::\w+|)\s+(.*)$ ^nova-scheduler(?::\w+|)\s+(.*)$ ^nova-ajax-console-proxy(?::\w+|)\s+(.*)$ ^nova-compute(?::\w+|)\s+(.*)$ ^nova-compute-qemu(?::\w+|)\s+(.*)$ ^python3-nova(?::\w+|)\s+(.*)$ ^os-brick-common(?::\w+|)\s+(.*)$ ^python3-os-brick(?::\w+|)\s+(.*)$ ^python-os-brick-doc(?::\w+|)\s+(.*)$ ^nova-api(?::\w+|)\s+(.*)$ ^nova-common(?::\w+|)\s+(.*)$ ^nova-compute-xen(?::\w+|)\s+(.*)$ ^nova-api-os-compute(?::\w+|)\s+(.*)$ ^nova-novncproxy(?::\w+|)\s+(.*)$ ^nova-serialproxy(?::\w+|)\s+(.*)$ ^nova-api-os-volume(?::\w+|)\s+(.*)$ ^nova-compute-lxc(?::\w+|)\s+(.*)$ ^nova-api-metadata(?::\w+|)\s+(.*)$ ^nova-compute-libvirt(?::\w+|)\s+(.*)$ ^nova-compute-kvm(?::\w+|)\s+(.*)$ ^nova-doc(?::\w+|)\s+(.*)$ ^nova-conductor(?::\w+|)\s+(.*)$ ^nova-volume(?::\w+|)\s+(.*)$ ^nova-compute-vmware(?::\w+|)\s+(.*)$ ^nova-cells(?::\w+|)\s+(.*)$ ^nova-spiceproxy(?::\w+|)\s+(.*)$ ^nova-scheduler(?::\w+|)\s+(.*)$ ^nova-ajax-console-proxy(?::\w+|)\s+(.*)$ ^nova-compute(?::\w+|)\s+(.*)$ ^nova-compute-qemu(?::\w+|)\s+(.*)$ ^python3-nova(?::\w+|)\s+(.*)$ ^python3-cinder(?::\w+|)\s+(.*)$ ^cinder-api(?::\w+|)\s+(.*)$ ^cinder-volume(?::\w+|)\s+(.*)$ ^cinder-common(?::\w+|)\s+(.*)$ ^cinder-backup(?::\w+|)\s+(.*)$ ^cinder-scheduler(?::\w+|)\s+(.*)$ ^python-glance-store-doc(?::\w+|)\s+(.*)$ ^python3-glance-store(?::\w+|)\s+(.*)$ ^nova-api(?::\w+|)\s+(.*)$ ^nova-common(?::\w+|)\s+(.*)$ ^nova-compute-xen(?::\w+|)\s+(.*)$ ^nova-api-os-compute(?::\w+|)\s+(.*)$ ^nova-novncproxy(?::\w+|)\s+(.*)$ ^nova-serialproxy(?::\w+|)\s+(.*)$ ^nova-api-os-volume(?::\w+|)\s+(.*)$ ^nova-compute-lxc(?::\w+|)\s+(.*)$ ^nova-api-metadata(?::\w+|)\s+(.*)$ ^nova-compute-libvirt(?::\w+|)\s+(.*)$ ^nova-compute-kvm(?::\w+|)\s+(.*)$ ^nova-doc(?::\w+|)\s+(.*)$ ^nova-conductor(?::\w+|)\s+(.*)$ ^nova-volume(?::\w+|)\s+(.*)$ ^nova-compute-vmware(?::\w+|)\s+(.*)$ ^nova-cells(?::\w+|)\s+(.*)$ ^nova-spiceproxy(?::\w+|)\s+(.*)$ ^nova-scheduler(?::\w+|)\s+(.*)$ ^nova-ajax-console-proxy(?::\w+|)\s+(.*)$ ^nova-compute(?::\w+|)\s+(.*)$ ^nova-compute-qemu(?::\w+|)\s+(.*)$ ^python3-nova(?::\w+|)\s+(.*)$ ^os-brick-common(?::\w+|)\s+(.*)$ ^python3-os-brick(?::\w+|)\s+(.*)$ ^python-os-brick-doc(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^webp(?::\w+|)\s+(.*)$ ^libwebp6(?::\w+|)\s+(.*)$ ^libwebpmux3(?::\w+|)\s+(.*)$ ^libwebp-dev(?::\w+|)\s+(.*)$ ^libwebpdemux2(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^node-eventsource(?::\w+|)\s+(.*)$ ^libfontembed-dev(?::\w+|)\s+(.*)$ ^libfontembed1(?::\w+|)\s+(.*)$ ^libcupsfilters-dev(?::\w+|)\s+(.*)$ ^cups-filters(?::\w+|)\s+(.*)$ ^cups-browsed(?::\w+|)\s+(.*)$ ^cups-filters-core-drivers(?::\w+|)\s+(.*)$ ^libcupsfilters1(?::\w+|)\s+(.*)$ ^node-minimatch(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^golang-github-opencontainers-runc-dev(?::\w+|)\s+(.*)$ ^runc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linuxptp(?::\w+|)\s+(.*)$ ^jhead(?::\w+|)\s+(.*)$ ^ncurses-examples(?::\w+|)\s+(.*)$ ^lib32ncurses-dev(?::\w+|)\s+(.*)$ ^lib32ncursesw6(?::\w+|)\s+(.*)$ ^libtinfo-dev(?::\w+|)\s+(.*)$ ^libncursesw5(?::\w+|)\s+(.*)$ ^libtinfo5(?::\w+|)\s+(.*)$ ^libtinfo6(?::\w+|)\s+(.*)$ ^lib32tinfo6(?::\w+|)\s+(.*)$ ^lib32ncurses6(?::\w+|)\s+(.*)$ ^ncurses-bin(?::\w+|)\s+(.*)$ ^lib64tinfo6(?::\w+|)\s+(.*)$ ^lib64ncurses-dev(?::\w+|)\s+(.*)$ ^lib64ncurses6(?::\w+|)\s+(.*)$ ^libncurses5-dev(?::\w+|)\s+(.*)$ ^libncurses-dev(?::\w+|)\s+(.*)$ ^libncurses6(?::\w+|)\s+(.*)$ ^libncurses5(?::\w+|)\s+(.*)$ ^ncurses-base(?::\w+|)\s+(.*)$ ^ncurses-doc(?::\w+|)\s+(.*)$ ^ncurses-term(?::\w+|)\s+(.*)$ ^libncursesw6(?::\w+|)\s+(.*)$ ^libncursesw5-dev(?::\w+|)\s+(.*)$ ^lib64ncursesw6(?::\w+|)\s+(.*)$ ^libhtml-stripscripts-perl(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^node-xmldom(?::\w+|)\s+(.*)$ ^node-json-schema(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^jhead(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^jhead(?::\w+|)\s+(.*)$ ^python-flask-doc(?::\w+|)\s+(.*)$ ^python3-flask(?::\w+|)\s+(.*)$ ^perl-modules-5.30(?::\w+|)\s+(.*)$ ^libperl-dev(?::\w+|)\s+(.*)$ ^perl-doc(?::\w+|)\s+(.*)$ ^perl(?::\w+|)\s+(.*)$ ^perl-base(?::\w+|)\s+(.*)$ ^libperl5.30(?::\w+|)\s+(.*)$ ^perl-debug(?::\w+|)\s+(.*)$ ^node-nth-check(?::\w+|)\s+(.*)$ ^libptexenc-dev(?::\w+|)\s+(.*)$ ^libkpathsea-dev(?::\w+|)\s+(.*)$ ^texlive-binaries(?::\w+|)\s+(.*)$ ^libsynctex2(?::\w+|)\s+(.*)$ ^libtexlua53-dev(?::\w+|)\s+(.*)$ ^libtexluajit2(?::\w+|)\s+(.*)$ ^libtexluajit-dev(?::\w+|)\s+(.*)$ ^libptexenc1(?::\w+|)\s+(.*)$ ^libtexlua53(?::\w+|)\s+(.*)$ ^libsynctex-dev(?::\w+|)\s+(.*)$ ^libkpathsea6(?::\w+|)\s+(.*)$ ^node-hawk(?::\w+|)\s+(.*)$ ^libbatik-java(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libnanopb-dev(?::\w+|)\s+(.*)$ ^nanopb(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd-dev(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-0(?::\w+|)\s+(.*)$ ^libavahi-core7(?::\w+|)\s+(.*)$ ^libavahi-client3(?::\w+|)\s+(.*)$ ^libavahi-core-dev(?::\w+|)\s+(.*)$ ^libavahi-client-dev(?::\w+|)\s+(.*)$ ^avahi-ui-utils(?::\w+|)\s+(.*)$ ^libavahi-gobject-dev(?::\w+|)\s+(.*)$ ^avahi-dnsconfd(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd1(?::\w+|)\s+(.*)$ ^libavahi-common3(?::\w+|)\s+(.*)$ ^avahi-daemon(?::\w+|)\s+(.*)$ ^avahi-discover(?::\w+|)\s+(.*)$ ^libavahi-common-dev(?::\w+|)\s+(.*)$ ^libavahi-common-data(?::\w+|)\s+(.*)$ ^avahi-utils(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-dev(?::\w+|)\s+(.*)$ ^libavahi-glib-dev(?::\w+|)\s+(.*)$ ^libavahi-gobject0(?::\w+|)\s+(.*)$ ^gir1.2-avahi-0.6(?::\w+|)\s+(.*)$ ^avahi-autoipd(?::\w+|)\s+(.*)$ ^python-avahi(?::\w+|)\s+(.*)$ ^libavahi-glib1(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^libraw-doc(?::\w+|)\s+(.*)$ ^libraw-bin(?::\w+|)\s+(.*)$ ^libraw19(?::\w+|)\s+(.*)$ ^libraw-dev(?::\w+|)\s+(.*)$ ^libssh-gcrypt-dev(?::\w+|)\s+(.*)$ ^libssh-4(?::\w+|)\s+(.*)$ ^libssh-gcrypt-4(?::\w+|)\s+(.*)$ ^libssh-dev(?::\w+|)\s+(.*)$ ^libssh-doc(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^libnghttp2-14(?::\w+|)\s+(.*)$ ^libnghttp2-doc(?::\w+|)\s+(.*)$ ^libnghttp2-dev(?::\w+|)\s+(.*)$ ^nghttp2-proxy(?::\w+|)\s+(.*)$ ^nghttp2(?::\w+|)\s+(.*)$ ^nghttp2-client(?::\w+|)\s+(.*)$ ^nghttp2-server(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^isag(?::\w+|)\s+(.*)$ ^sysstat(?::\w+|)\s+(.*)$ ^netatalk(?::\w+|)\s+(.*)$ ^sniproxy(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^python-jupyter-core-doc(?::\w+|)\s+(.*)$ ^jupyter(?::\w+|)\s+(.*)$ ^jupyter-core(?::\w+|)\s+(.*)$ ^python3-jupyter-core(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^python3-requests(?::\w+|)\s+(.*)$ ^libsss-certmap-dev(?::\w+|)\s+(.*)$ ^libipa-hbac-dev(?::\w+|)\s+(.*)$ ^sssd-ad(?::\w+|)\s+(.*)$ ^libsss-sudo(?::\w+|)\s+(.*)$ ^libsss-nss-idmap0(?::\w+|)\s+(.*)$ ^libnss-sss(?::\w+|)\s+(.*)$ ^sssd-ipa(?::\w+|)\s+(.*)$ ^libsss-simpleifp0(?::\w+|)\s+(.*)$ ^libsss-idmap-dev(?::\w+|)\s+(.*)$ ^python3-libsss-nss-idmap(?::\w+|)\s+(.*)$ ^libsss-certmap0(?::\w+|)\s+(.*)$ ^python3-sss(?::\w+|)\s+(.*)$ ^libpam-sss(?::\w+|)\s+(.*)$ ^sssd-kcm(?::\w+|)\s+(.*)$ ^libsss-idmap0(?::\w+|)\s+(.*)$ ^sssd-ldap(?::\w+|)\s+(.*)$ ^libsss-nss-idmap-dev(?::\w+|)\s+(.*)$ ^libsss-simpleifp-dev(?::\w+|)\s+(.*)$ ^sssd(?::\w+|)\s+(.*)$ ^libwbclient-sssd(?::\w+|)\s+(.*)$ ^libwbclient-sssd-dev(?::\w+|)\s+(.*)$ ^sssd-common(?::\w+|)\s+(.*)$ ^python3-libipa-hbac(?::\w+|)\s+(.*)$ ^libipa-hbac0(?::\w+|)\s+(.*)$ ^sssd-tools(?::\w+|)\s+(.*)$ ^sssd-ad-common(?::\w+|)\s+(.*)$ ^sssd-krb5-common(?::\w+|)\s+(.*)$ ^sssd-dbus(?::\w+|)\s+(.*)$ ^sssd-krb5(?::\w+|)\s+(.*)$ ^sssd-proxy(?::\w+|)\s+(.*)$ ^libsss-certmap-dev(?::\w+|)\s+(.*)$ ^libipa-hbac-dev(?::\w+|)\s+(.*)$ ^sssd-ad(?::\w+|)\s+(.*)$ ^libsss-sudo(?::\w+|)\s+(.*)$ ^libsss-nss-idmap0(?::\w+|)\s+(.*)$ ^libnss-sss(?::\w+|)\s+(.*)$ ^sssd-ipa(?::\w+|)\s+(.*)$ ^libsss-simpleifp0(?::\w+|)\s+(.*)$ ^libsss-idmap-dev(?::\w+|)\s+(.*)$ ^python3-libsss-nss-idmap(?::\w+|)\s+(.*)$ ^libsss-certmap0(?::\w+|)\s+(.*)$ ^python3-sss(?::\w+|)\s+(.*)$ ^libpam-sss(?::\w+|)\s+(.*)$ ^sssd-kcm(?::\w+|)\s+(.*)$ ^libsss-idmap0(?::\w+|)\s+(.*)$ ^sssd-ldap(?::\w+|)\s+(.*)$ ^libsss-nss-idmap-dev(?::\w+|)\s+(.*)$ ^libsss-simpleifp-dev(?::\w+|)\s+(.*)$ ^sssd(?::\w+|)\s+(.*)$ ^libwbclient-sssd(?::\w+|)\s+(.*)$ ^libwbclient-sssd-dev(?::\w+|)\s+(.*)$ ^sssd-common(?::\w+|)\s+(.*)$ ^python3-libipa-hbac(?::\w+|)\s+(.*)$ ^libipa-hbac0(?::\w+|)\s+(.*)$ ^sssd-tools(?::\w+|)\s+(.*)$ ^sssd-ad-common(?::\w+|)\s+(.*)$ ^sssd-krb5-common(?::\w+|)\s+(.*)$ ^sssd-dbus(?::\w+|)\s+(.*)$ ^sssd-krb5(?::\w+|)\s+(.*)$ ^sssd-proxy(?::\w+|)\s+(.*)$ ^node-fetch(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^libpano13-dev(?::\w+|)\s+(.*)$ ^libpano13-bin(?::\w+|)\s+(.*)$ ^libpano13-3(?::\w+|)\s+(.*)$ ^libc-ares2(?::\w+|)\s+(.*)$ ^libc-ares-dev(?::\w+|)\s+(.*)$ ^libglib2.0-0(?::\w+|)\s+(.*)$ ^libglib2.0-data(?::\w+|)\s+(.*)$ ^libglib2.0-tests(?::\w+|)\s+(.*)$ ^libglib2.0-doc(?::\w+|)\s+(.*)$ ^libglib2.0-bin(?::\w+|)\s+(.*)$ ^libglib2.0-dev(?::\w+|)\s+(.*)$ ^libglib2.0-dev-bin(?::\w+|)\s+(.*)$ ^libcap2(?::\w+|)\s+(.*)$ ^libcap2-bin(?::\w+|)\s+(.*)$ ^libpam-cap(?::\w+|)\s+(.*)$ ^libcap-dev(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^libx11-6(?::\w+|)\s+(.*)$ ^libx11-data(?::\w+|)\s+(.*)$ ^libx11-xcb-dev(?::\w+|)\s+(.*)$ ^libx11-xcb1(?::\w+|)\s+(.*)$ ^libx11-doc(?::\w+|)\s+(.*)$ ^libx11-dev(?::\w+|)\s+(.*)$ ^libgsasl7(?::\w+|)\s+(.*)$ ^libgsasl7-dev(?::\w+|)\s+(.*)$ ^gsasl(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^python3-pypdf2(?::\w+|)\s+(.*)$ ^python-pypdf2(?::\w+|)\s+(.*)$ ^libjettison-java(?::\w+|)\s+(.*)$ ^libjettison-java(?::\w+|)\s+(.*)$ ^libvlc-bin(?::\w+|)\s+(.*)$ ^libvlc-dev(?::\w+|)\s+(.*)$ ^libvlc5(?::\w+|)\s+(.*)$ ^libvlccore-dev(?::\w+|)\s+(.*)$ ^libvlccore9(?::\w+|)\s+(.*)$ ^vlc(?::\w+|)\s+(.*)$ ^vlc-bin(?::\w+|)\s+(.*)$ ^vlc-data(?::\w+|)\s+(.*)$ ^vlc-l10n(?::\w+|)\s+(.*)$ ^vlc-plugin-access-extra(?::\w+|)\s+(.*)$ ^vlc-plugin-base(?::\w+|)\s+(.*)$ ^vlc-plugin-fluidsynth(?::\w+|)\s+(.*)$ ^vlc-plugin-jack(?::\w+|)\s+(.*)$ ^vlc-plugin-notify(?::\w+|)\s+(.*)$ ^vlc-plugin-qt(?::\w+|)\s+(.*)$ ^vlc-plugin-samba(?::\w+|)\s+(.*)$ ^vlc-plugin-skins2(?::\w+|)\s+(.*)$ ^vlc-plugin-svg(?::\w+|)\s+(.*)$ ^vlc-plugin-video-output(?::\w+|)\s+(.*)$ ^vlc-plugin-video-splitter(?::\w+|)\s+(.*)$ ^vlc-plugin-visualization(?::\w+|)\s+(.*)$ ^pngcheck(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^etcd(?::\w+|)\s+(.*)$ ^etcd-client(?::\w+|)\s+(.*)$ ^etcd-server(?::\w+|)\s+(.*)$ ^golang-etcd-server-dev(?::\w+|)\s+(.*)$ ^accountsservice(?::\w+|)\s+(.*)$ ^gir1.2-accountsservice-1.0(?::\w+|)\s+(.*)$ ^libaccountsservice-dev(?::\w+|)\s+(.*)$ ^libaccountsservice-doc(?::\w+|)\s+(.*)$ ^libaccountsservice0(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^python-reportlab-doc(?::\w+|)\s+(.*)$ ^python3-renderpm(?::\w+|)\s+(.*)$ ^python3-reportlab(?::\w+|)\s+(.*)$ ^python3-reportlab-accel(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-containerd-containerd-dev(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^libcpdb-libs-backend-dev(?::\w+|)\s+(.*)$ ^libcpdb-libs-common-dev(?::\w+|)\s+(.*)$ ^libcpdb-libs-common1(?::\w+|)\s+(.*)$ ^libcpdb-libs-frontend-dev(?::\w+|)\s+(.*)$ ^libcpdb-libs-frontend1(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^gerbv(?::\w+|)\s+(.*)$ ^ruby-doorkeeper(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^dwarves(?::\w+|)\s+(.*)$ ^lib3mf-dev(?::\w+|)\s+(.*)$ ^lib3mf-doc(?::\w+|)\s+(.*)$ ^lib3mf1(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^knot-resolver(?::\w+|)\s+(.*)$ ^knot-resolver-doc(?::\w+|)\s+(.*)$ ^knot-resolver-module-http(?::\w+|)\s+(.*)$ ^python-scipy-doc(?::\w+|)\s+(.*)$ ^python3-scipy(?::\w+|)\s+(.*)$ ^wkhtmltopdf(?::\w+|)\s+(.*)$ ^libyajl-dev(?::\w+|)\s+(.*)$ ^libyajl-doc(?::\w+|)\s+(.*)$ ^libyajl2(?::\w+|)\s+(.*)$ ^yajl-tools(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^connman(?::\w+|)\s+(.*)$ ^connman-dev(?::\w+|)\s+(.*)$ ^connman-doc(?::\w+|)\s+(.*)$ ^connman-vpn(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^ecdsautils(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^graphite-web(?::\w+|)\s+(.*)$ ^amd64-microcode(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^open-vm-tools(?::\w+|)\s+(.*)$ ^open-vm-tools-desktop(?::\w+|)\s+(.*)$ ^open-vm-tools-dev(?::\w+|)\s+(.*)$ ^open-vm-tools-sdmp(?::\w+|)\s+(.*)$ ^iscsiuio(?::\w+|)\s+(.*)$ ^open-iscsi(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^libwireshark-data(?::\w+|)\s+(.*)$ ^libwireshark-dev(?::\w+|)\s+(.*)$ ^libwireshark13(?::\w+|)\s+(.*)$ ^libwiretap-dev(?::\w+|)\s+(.*)$ ^libwiretap10(?::\w+|)\s+(.*)$ ^libwsutil-dev(?::\w+|)\s+(.*)$ ^libwsutil11(?::\w+|)\s+(.*)$ ^tshark(?::\w+|)\s+(.*)$ ^wireshark(?::\w+|)\s+(.*)$ ^wireshark-common(?::\w+|)\s+(.*)$ ^wireshark-dev(?::\w+|)\s+(.*)$ ^wireshark-doc(?::\w+|)\s+(.*)$ ^wireshark-gtk(?::\w+|)\s+(.*)$ ^wireshark-qt(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^gir1.2-rsvg-2.0(?::\w+|)\s+(.*)$ ^librsvg2-2(?::\w+|)\s+(.*)$ ^librsvg2-bin(?::\w+|)\s+(.*)$ ^librsvg2-common(?::\w+|)\s+(.*)$ ^librsvg2-dev(?::\w+|)\s+(.*)$ ^librsvg2-doc(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^gir1.2-gst-plugins-base-1.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-alsa(?::\w+|)\s+(.*)$ ^gstreamer1.0-gl(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base-apps(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base-doc(?::\w+|)\s+(.*)$ ^gstreamer1.0-x(?::\w+|)\s+(.*)$ ^libgstreamer-gl1.0-0(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-base1.0-0(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-base1.0-dev(?::\w+|)\s+(.*)$ ^gstreamer1.0-gtk3(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good-doc(?::\w+|)\s+(.*)$ ^gstreamer1.0-pulseaudio(?::\w+|)\s+(.*)$ ^gstreamer1.0-qt5(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-0(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-dev(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^duende(?::\w+|)\s+(.*)$ ^maradns(?::\w+|)\s+(.*)$ ^maradns-deadwood(?::\w+|)\s+(.*)$ ^maradns-docs(?::\w+|)\s+(.*)$ ^maradns-zoneserver(?::\w+|)\s+(.*)$ ^gir1.2-poppler-0.18(?::\w+|)\s+(.*)$ ^libpoppler-cpp-dev(?::\w+|)\s+(.*)$ ^libpoppler-cpp0v5(?::\w+|)\s+(.*)$ ^libpoppler-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-doc(?::\w+|)\s+(.*)$ ^libpoppler-glib8(?::\w+|)\s+(.*)$ ^libpoppler-private-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-1(?::\w+|)\s+(.*)$ ^libpoppler-qt5-dev(?::\w+|)\s+(.*)$ ^libpoppler97(?::\w+|)\s+(.*)$ ^poppler-utils(?::\w+|)\s+(.*)$ ^cargo(?::\w+|)\s+(.*)$ ^cargo-doc(?::\w+|)\s+(.*)$ ^php-dompdf(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^python-pypdf2(?::\w+|)\s+(.*)$ ^python3-pypdf2(?::\w+|)\s+(.*)$ ^velocity(?::\w+|)\s+(.*)$ ^velocity-doc(?::\w+|)\s+(.*)$ ^libvelocity-tools-java(?::\w+|)\s+(.*)$ ^libvelocity-tools-java-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^golang-gopkg-yaml.v2-dev(?::\w+|)\s+(.*)$ ^golang-yaml.v2-dev(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^libzzip-0-13(?::\w+|)\s+(.*)$ ^libzzip-dev(?::\w+|)\s+(.*)$ ^zziplib-bin(?::\w+|)\s+(.*)$ ^gir1.2-poppler-0.18(?::\w+|)\s+(.*)$ ^libpoppler-cpp-dev(?::\w+|)\s+(.*)$ ^libpoppler-cpp0v5(?::\w+|)\s+(.*)$ ^libpoppler-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-doc(?::\w+|)\s+(.*)$ ^libpoppler-glib8(?::\w+|)\s+(.*)$ ^libpoppler-private-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-1(?::\w+|)\s+(.*)$ ^libpoppler-qt5-dev(?::\w+|)\s+(.*)$ ^libpoppler97(?::\w+|)\s+(.*)$ ^poppler-utils(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^inetutils-ftp(?::\w+|)\s+(.*)$ ^inetutils-ftpd(?::\w+|)\s+(.*)$ ^inetutils-inetd(?::\w+|)\s+(.*)$ ^inetutils-ping(?::\w+|)\s+(.*)$ ^inetutils-syslogd(?::\w+|)\s+(.*)$ ^inetutils-talk(?::\w+|)\s+(.*)$ ^inetutils-talkd(?::\w+|)\s+(.*)$ ^inetutils-telnet(?::\w+|)\s+(.*)$ ^inetutils-telnetd(?::\w+|)\s+(.*)$ ^inetutils-tools(?::\w+|)\s+(.*)$ ^inetutils-traceroute(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^libcjose-dev(?::\w+|)\s+(.*)$ ^libcjose0(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^faad(?::\w+|)\s+(.*)$ ^libfaad-dev(?::\w+|)\s+(.*)$ ^libfaad2(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^amd64-microcode(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^elfutils(?::\w+|)\s+(.*)$ ^libasm-dev(?::\w+|)\s+(.*)$ ^libasm1(?::\w+|)\s+(.*)$ ^libdw-dev(?::\w+|)\s+(.*)$ ^libdw1(?::\w+|)\s+(.*)$ ^libelf-dev(?::\w+|)\s+(.*)$ ^libelf1(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^python-git-doc(?::\w+|)\s+(.*)$ ^python3-git(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^atftp(?::\w+|)\s+(.*)$ ^atftpd(?::\w+|)\s+(.*)$ ^docker-registry(?::\w+|)\s+(.*)$ ^golang-github-docker-distribution-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^libsox-dev(?::\w+|)\s+(.*)$ ^libsox-fmt-all(?::\w+|)\s+(.*)$ ^libsox-fmt-alsa(?::\w+|)\s+(.*)$ ^libsox-fmt-ao(?::\w+|)\s+(.*)$ ^libsox-fmt-base(?::\w+|)\s+(.*)$ ^libsox-fmt-mp3(?::\w+|)\s+(.*)$ ^libsox-fmt-oss(?::\w+|)\s+(.*)$ ^libsox-fmt-pulse(?::\w+|)\s+(.*)$ ^libsox3(?::\w+|)\s+(.*)$ ^sox(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^libshiro-java(?::\w+|)\s+(.*)$ ^libplib-dev(?::\w+|)\s+(.*)$ ^libplib1(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed(?::\w+|)\s+(.*)$ ^shim-signed(?::\w+|)\s+(.*)$ ^shim(?::\w+|)\s+(.*)$ ^grub-efi-amd64(?::\w+|)\s+(.*)$ ^grub-efi-amd64-bin(?::\w+|)\s+(.*)$ ^grub-efi-arm64(?::\w+|)\s+(.*)$ ^grub-efi-arm64-bin(?::\w+|)\s+(.*)$ ^libopendmarc-dev(?::\w+|)\s+(.*)$ ^libopendmarc2(?::\w+|)\s+(.*)$ ^opendmarc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^ruby-redcloth(?::\w+|)\s+(.*)$ ^flac(?::\w+|)\s+(.*)$ ^libflac++-dev(?::\w+|)\s+(.*)$ ^libflac++6v5(?::\w+|)\s+(.*)$ ^libflac-dev(?::\w+|)\s+(.*)$ ^libflac-doc(?::\w+|)\s+(.*)$ ^libflac8(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^open-vm-tools(?::\w+|)\s+(.*)$ ^open-vm-tools-desktop(?::\w+|)\s+(.*)$ ^open-vm-tools-dev(?::\w+|)\s+(.*)$ ^open-vm-tools-sdmp(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^libwebp-dev(?::\w+|)\s+(.*)$ ^libwebp6(?::\w+|)\s+(.*)$ ^libwebpdemux2(?::\w+|)\s+(.*)$ ^libwebpmux3(?::\w+|)\s+(.*)$ ^webp(?::\w+|)\s+(.*)$ ^libapache2-mod-security2(?::\w+|)\s+(.*)$ ^libssh2-1(?::\w+|)\s+(.*)$ ^libssh2-1-dev(?::\w+|)\s+(.*)$ ^gawk(?::\w+|)\s+(.*)$ ^mutt(?::\w+|)\s+(.*)$ ^libc-ares-dev(?::\w+|)\s+(.*)$ ^libc-ares2(?::\w+|)\s+(.*)$ ^libraw-bin(?::\w+|)\s+(.*)$ ^libraw-dev(?::\w+|)\s+(.*)$ ^libraw-doc(?::\w+|)\s+(.*)$ ^libraw19(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^vsftpd(?::\w+|)\s+(.*)$ ^libnode-dev(?::\w+|)\s+(.*)$ ^libnode64(?::\w+|)\s+(.*)$ ^nodejs(?::\w+|)\s+(.*)$ ^nodejs-doc(?::\w+|)\s+(.*)$ ^memcached(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^indent(?::\w+|)\s+(.*)$ ^indent-doc(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^minidlna(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^libtommath-dev(?::\w+|)\s+(.*)$ ^libtommath-doc(?::\w+|)\s+(.*)$ ^libtommath1(?::\w+|)\s+(.*)$ ^libvpx-dev(?::\w+|)\s+(.*)$ ^libvpx-doc(?::\w+|)\s+(.*)$ ^libvpx6(?::\w+|)\s+(.*)$ ^vpx-tools(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^libx11-6(?::\w+|)\s+(.*)$ ^libx11-data(?::\w+|)\s+(.*)$ ^libx11-dev(?::\w+|)\s+(.*)$ ^libx11-doc(?::\w+|)\s+(.*)$ ^libx11-xcb-dev(?::\w+|)\s+(.*)$ ^libx11-xcb1(?::\w+|)\s+(.*)$ ^libxpm-dev(?::\w+|)\s+(.*)$ ^libxpm4(?::\w+|)\s+(.*)$ ^xpmutils(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libnode-dev(?::\w+|)\s+(.*)$ ^libnode64(?::\w+|)\s+(.*)$ ^nodejs(?::\w+|)\s+(.*)$ ^nodejs-doc(?::\w+|)\s+(.*)$ ^libjs-jquery-ui(?::\w+|)\s+(.*)$ ^libjs-jquery-ui-docs(?::\w+|)\s+(.*)$ ^node-jquery-ui(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^jami(?::\w+|)\s+(.*)$ ^jami-daemon(?::\w+|)\s+(.*)$ ^ring(?::\w+|)\s+(.*)$ ^ring-daemon(?::\w+|)\s+(.*)$ ^libcue-dev(?::\w+|)\s+(.*)$ ^libcue2(?::\w+|)\s+(.*)$ ^kramdown(?::\w+|)\s+(.*)$ ^ruby-kramdown(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^iperf3(?::\w+|)\s+(.*)$ ^libiperf-dev(?::\w+|)\s+(.*)$ ^libiperf0(?::\w+|)\s+(.*)$ ^quagga(?::\w+|)\s+(.*)$ ^quagga-bgpd(?::\w+|)\s+(.*)$ ^quagga-core(?::\w+|)\s+(.*)$ ^quagga-doc(?::\w+|)\s+(.*)$ ^quagga-isisd(?::\w+|)\s+(.*)$ ^quagga-ospf6d(?::\w+|)\s+(.*)$ ^quagga-ospfd(?::\w+|)\s+(.*)$ ^quagga-pimd(?::\w+|)\s+(.*)$ ^quagga-ripd(?::\w+|)\s+(.*)$ ^quagga-ripngd(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^libpmi-pmix-dev(?::\w+|)\s+(.*)$ ^libpmi1-pmix(?::\w+|)\s+(.*)$ ^libpmi2-pmix(?::\w+|)\s+(.*)$ ^libpmix-dev(?::\w+|)\s+(.*)$ ^libpmix2(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^frr(?::\w+|)\s+(.*)$ ^frr-doc(?::\w+|)\s+(.*)$ ^frr-pythontools(?::\w+|)\s+(.*)$ ^frr-rpki-rtrlib(?::\w+|)\s+(.*)$ ^frr-snmp(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^aom-tools(?::\w+|)\s+(.*)$ ^libaom-dev(?::\w+|)\s+(.*)$ ^libaom-doc(?::\w+|)\s+(.*)$ ^libaom0(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-dev(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-glib-dev(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-glib3(?::\w+|)\s+(.*)$ ^libsofia-sip-ua0(?::\w+|)\s+(.*)$ ^sofia-sip-bin(?::\w+|)\s+(.*)$ ^sofia-sip-doc(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^libpam-slurm(?::\w+|)\s+(.*)$ ^libpam-slurm-adopt(?::\w+|)\s+(.*)$ ^libpmi0(?::\w+|)\s+(.*)$ ^libpmi0-dev(?::\w+|)\s+(.*)$ ^libpmi2-0(?::\w+|)\s+(.*)$ ^libpmi2-0-dev(?::\w+|)\s+(.*)$ ^libslurm-dev(?::\w+|)\s+(.*)$ ^libslurm-perl(?::\w+|)\s+(.*)$ ^libslurm34(?::\w+|)\s+(.*)$ ^libslurmdb-perl(?::\w+|)\s+(.*)$ ^slurm-client(?::\w+|)\s+(.*)$ ^slurm-client-emulator(?::\w+|)\s+(.*)$ ^slurm-wlm(?::\w+|)\s+(.*)$ ^slurm-wlm-basic-plugins(?::\w+|)\s+(.*)$ ^slurm-wlm-basic-plugins-dev(?::\w+|)\s+(.*)$ ^slurm-wlm-doc(?::\w+|)\s+(.*)$ ^slurm-wlm-emulator(?::\w+|)\s+(.*)$ ^slurm-wlm-torque(?::\w+|)\s+(.*)$ ^slurmctld(?::\w+|)\s+(.*)$ ^slurmd(?::\w+|)\s+(.*)$ ^slurmdbd(?::\w+|)\s+(.*)$ ^sview(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^open-vm-tools(?::\w+|)\s+(.*)$ ^open-vm-tools-desktop(?::\w+|)\s+(.*)$ ^open-vm-tools-dev(?::\w+|)\s+(.*)$ ^open-vm-tools-sdmp(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^krb5-admin-server(?::\w+|)\s+(.*)$ ^krb5-doc(?::\w+|)\s+(.*)$ ^krb5-gss-samples(?::\w+|)\s+(.*)$ ^krb5-k5tls(?::\w+|)\s+(.*)$ ^krb5-kdc(?::\w+|)\s+(.*)$ ^krb5-kdc-ldap(?::\w+|)\s+(.*)$ ^krb5-kpropd(?::\w+|)\s+(.*)$ ^krb5-locales(?::\w+|)\s+(.*)$ ^krb5-multidev(?::\w+|)\s+(.*)$ ^krb5-otp(?::\w+|)\s+(.*)$ ^krb5-pkinit(?::\w+|)\s+(.*)$ ^krb5-user(?::\w+|)\s+(.*)$ ^libgssapi-krb5-2(?::\w+|)\s+(.*)$ ^libgssrpc4(?::\w+|)\s+(.*)$ ^libk5crypto3(?::\w+|)\s+(.*)$ ^libkadm5clnt-mit11(?::\w+|)\s+(.*)$ ^libkadm5srv-mit11(?::\w+|)\s+(.*)$ ^libkdb5-9(?::\w+|)\s+(.*)$ ^libkrad-dev(?::\w+|)\s+(.*)$ ^libkrad0(?::\w+|)\s+(.*)$ ^libkrb5-3(?::\w+|)\s+(.*)$ ^libkrb5-dev(?::\w+|)\s+(.*)$ ^libkrb5support0(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^xrdp(?::\w+|)\s+(.*)$ ^libaxis-java(?::\w+|)\s+(.*)$ ^libaxis-java-doc(?::\w+|)\s+(.*)$ ^libsndfile1(?::\w+|)\s+(.*)$ ^libsndfile1-dev(?::\w+|)\s+(.*)$ ^sndfile-programs(?::\w+|)\s+(.*)$ ^gsl-bin(?::\w+|)\s+(.*)$ ^libgsl-dev(?::\w+|)\s+(.*)$ ^libgsl23(?::\w+|)\s+(.*)$ ^libgslcblas0(?::\w+|)\s+(.*)$ ^python3-urllib3(?::\w+|)\s+(.*)$ ^python-pip-whl(?::\w+|)\s+(.*)$ ^python3-pip(?::\w+|)\s+(.*)$ ^xrdp(?::\w+|)\s+(.*)$ ^libprocps-dev(?::\w+|)\s+(.*)$ ^libprocps8(?::\w+|)\s+(.*)$ ^procps(?::\w+|)\s+(.*)$ ^traceroute(?::\w+|)\s+(.*)$ ^quagga(?::\w+|)\s+(.*)$ ^quagga-bgpd(?::\w+|)\s+(.*)$ ^quagga-core(?::\w+|)\s+(.*)$ ^quagga-doc(?::\w+|)\s+(.*)$ ^quagga-isisd(?::\w+|)\s+(.*)$ ^quagga-ospf6d(?::\w+|)\s+(.*)$ ^quagga-ospfd(?::\w+|)\s+(.*)$ ^quagga-pimd(?::\w+|)\s+(.*)$ ^quagga-ripd(?::\w+|)\s+(.*)$ ^quagga-ripngd(?::\w+|)\s+(.*)$ ^libtidy-dev(?::\w+|)\s+(.*)$ ^libtidy5deb1(?::\w+|)\s+(.*)$ ^tidy(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^avahi-autoipd(?::\w+|)\s+(.*)$ ^avahi-daemon(?::\w+|)\s+(.*)$ ^avahi-discover(?::\w+|)\s+(.*)$ ^avahi-dnsconfd(?::\w+|)\s+(.*)$ ^avahi-ui-utils(?::\w+|)\s+(.*)$ ^avahi-utils(?::\w+|)\s+(.*)$ ^gir1.2-avahi-0.6(?::\w+|)\s+(.*)$ ^libavahi-client-dev(?::\w+|)\s+(.*)$ ^libavahi-client3(?::\w+|)\s+(.*)$ ^libavahi-common-data(?::\w+|)\s+(.*)$ ^libavahi-common-dev(?::\w+|)\s+(.*)$ ^libavahi-common3(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd-dev(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd1(?::\w+|)\s+(.*)$ ^libavahi-core-dev(?::\w+|)\s+(.*)$ ^libavahi-core7(?::\w+|)\s+(.*)$ ^libavahi-glib-dev(?::\w+|)\s+(.*)$ ^libavahi-glib1(?::\w+|)\s+(.*)$ ^libavahi-gobject-dev(?::\w+|)\s+(.*)$ ^libavahi-gobject0(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-0(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-dev(?::\w+|)\s+(.*)$ ^python-avahi(?::\w+|)\s+(.*)$ ^charon-cmd(?::\w+|)\s+(.*)$ ^charon-systemd(?::\w+|)\s+(.*)$ ^libcharon-extauth-plugins(?::\w+|)\s+(.*)$ ^libcharon-extra-plugins(?::\w+|)\s+(.*)$ ^libcharon-standard-plugins(?::\w+|)\s+(.*)$ ^libstrongswan(?::\w+|)\s+(.*)$ ^libstrongswan-extra-plugins(?::\w+|)\s+(.*)$ ^libstrongswan-standard-plugins(?::\w+|)\s+(.*)$ ^strongswan(?::\w+|)\s+(.*)$ ^strongswan-charon(?::\w+|)\s+(.*)$ ^strongswan-libcharon(?::\w+|)\s+(.*)$ ^strongswan-nm(?::\w+|)\s+(.*)$ ^strongswan-pki(?::\w+|)\s+(.*)$ ^strongswan-scepclient(?::\w+|)\s+(.*)$ ^strongswan-starter(?::\w+|)\s+(.*)$ ^strongswan-swanctl(?::\w+|)\s+(.*)$ ^strongswan-tnc-base(?::\w+|)\s+(.*)$ ^strongswan-tnc-client(?::\w+|)\s+(.*)$ ^strongswan-tnc-ifmap(?::\w+|)\s+(.*)$ ^strongswan-tnc-pdp(?::\w+|)\s+(.*)$ ^strongswan-tnc-server(?::\w+|)\s+(.*)$ ^tang(?::\w+|)\s+(.*)$ ^libnode-dev(?::\w+|)\s+(.*)$ ^libnode64(?::\w+|)\s+(.*)$ ^nodejs(?::\w+|)\s+(.*)$ ^nodejs-doc(?::\w+|)\s+(.*)$ ^libmosquitto-dev(?::\w+|)\s+(.*)$ ^libmosquitto1(?::\w+|)\s+(.*)$ ^libmosquittopp-dev(?::\w+|)\s+(.*)$ ^libmosquittopp1(?::\w+|)\s+(.*)$ ^mosquitto(?::\w+|)\s+(.*)$ ^mosquitto-clients(?::\w+|)\s+(.*)$ ^mosquitto-dev(?::\w+|)\s+(.*)$ ^hibagent(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^rabbitmq-server(?::\w+|)\s+(.*)$ ^libnghttp2-14(?::\w+|)\s+(.*)$ ^libnghttp2-dev(?::\w+|)\s+(.*)$ ^libnghttp2-doc(?::\w+|)\s+(.*)$ ^nghttp2(?::\w+|)\s+(.*)$ ^nghttp2-client(?::\w+|)\s+(.*)$ ^nghttp2-proxy(?::\w+|)\s+(.*)$ ^nghttp2-server(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^gir1.2-poppler-0.18(?::\w+|)\s+(.*)$ ^libpoppler-cpp-dev(?::\w+|)\s+(.*)$ ^libpoppler-cpp0v5(?::\w+|)\s+(.*)$ ^libpoppler-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-doc(?::\w+|)\s+(.*)$ ^libpoppler-glib8(?::\w+|)\s+(.*)$ ^libpoppler-private-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-1(?::\w+|)\s+(.*)$ ^libpoppler-qt5-dev(?::\w+|)\s+(.*)$ ^libpoppler97(?::\w+|)\s+(.*)$ ^poppler-utils(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^libnvpair1linux(?::\w+|)\s+(.*)$ ^libuutil1linux(?::\w+|)\s+(.*)$ ^libzfs2linux(?::\w+|)\s+(.*)$ ^libzfslinux-dev(?::\w+|)\s+(.*)$ ^libzpool2linux(?::\w+|)\s+(.*)$ ^python3-pyzfs(?::\w+|)\s+(.*)$ ^pyzfs-doc(?::\w+|)\s+(.*)$ ^spl(?::\w+|)\s+(.*)$ ^spl-dkms(?::\w+|)\s+(.*)$ ^zfs-dkms(?::\w+|)\s+(.*)$ ^zfs-dracut(?::\w+|)\s+(.*)$ ^zfs-initramfs(?::\w+|)\s+(.*)$ ^zfs-test(?::\w+|)\s+(.*)$ ^zfs-zed(?::\w+|)\s+(.*)$ ^zfsutils-linux(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^libperl-dev(?::\w+|)\s+(.*)$ ^libperl5.30(?::\w+|)\s+(.*)$ ^perl(?::\w+|)\s+(.*)$ ^perl-base(?::\w+|)\s+(.*)$ ^perl-debug(?::\w+|)\s+(.*)$ ^perl-doc(?::\w+|)\s+(.*)$ ^perl-modules-5.30(?::\w+|)\s+(.*)$ ^gimp(?::\w+|)\s+(.*)$ ^gimp-data(?::\w+|)\s+(.*)$ ^libgimp2.0(?::\w+|)\s+(.*)$ ^libgimp2.0-dev(?::\w+|)\s+(.*)$ ^libgimp2.0-doc(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^pypy3(?::\w+|)\s+(.*)$ ^pypy3-dev(?::\w+|)\s+(.*)$ ^pypy3-doc(?::\w+|)\s+(.*)$ ^pypy3-lib(?::\w+|)\s+(.*)$ ^pypy3-lib-testsuite(?::\w+|)\s+(.*)$ ^pypy3-tk(?::\w+|)\s+(.*)$ ^python3-sha3(?::\w+|)\s+(.*)$ ^gir1.2-gst-plugins-bad-1.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-opencv(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-bad(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-bad-doc(?::\w+|)\s+(.*)$ ^libgstreamer-opencv1.0-0(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-bad1.0-0(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-bad1.0-dev(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^request-tracker4(?::\w+|)\s+(.*)$ ^rt4-apache2(?::\w+|)\s+(.*)$ ^rt4-clients(?::\w+|)\s+(.*)$ ^rt4-db-mysql(?::\w+|)\s+(.*)$ ^rt4-db-postgresql(?::\w+|)\s+(.*)$ ^rt4-db-sqlite(?::\w+|)\s+(.*)$ ^rt4-doc-html(?::\w+|)\s+(.*)$ ^rt4-fcgi(?::\w+|)\s+(.*)$ ^rt4-standalone(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^redis(?::\w+|)\s+(.*)$ ^redis-sentinel(?::\w+|)\s+(.*)$ ^redis-server(?::\w+|)\s+(.*)$ ^redis-tools(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^python-cryptography(?::\w+|)\s+(.*)$ ^python-cryptography-doc(?::\w+|)\s+(.*)$ ^python3-cryptography(?::\w+|)\s+(.*)$ ^bluetooth(?::\w+|)\s+(.*)$ ^bluez(?::\w+|)\s+(.*)$ ^bluez-cups(?::\w+|)\s+(.*)$ ^bluez-hcidump(?::\w+|)\s+(.*)$ ^bluez-obexd(?::\w+|)\s+(.*)$ ^bluez-tests(?::\w+|)\s+(.*)$ ^libbluetooth-dev(?::\w+|)\s+(.*)$ ^libbluetooth3(?::\w+|)\s+(.*)$ ^glibc-doc(?::\w+|)\s+(.*)$ ^glibc-source(?::\w+|)\s+(.*)$ ^libc-bin(?::\w+|)\s+(.*)$ ^libc-dev-bin(?::\w+|)\s+(.*)$ ^libc6(?::\w+|)\s+(.*)$ ^libc6-amd64(?::\w+|)\s+(.*)$ ^libc6-armel(?::\w+|)\s+(.*)$ ^libc6-dev(?::\w+|)\s+(.*)$ ^libc6-dev-amd64(?::\w+|)\s+(.*)$ ^libc6-dev-armel(?::\w+|)\s+(.*)$ ^libc6-dev-i386(?::\w+|)\s+(.*)$ ^libc6-dev-s390(?::\w+|)\s+(.*)$ ^libc6-dev-x32(?::\w+|)\s+(.*)$ ^libc6-i386(?::\w+|)\s+(.*)$ ^libc6-lse(?::\w+|)\s+(.*)$ ^libc6-pic(?::\w+|)\s+(.*)$ ^libc6-prof(?::\w+|)\s+(.*)$ ^libc6-s390(?::\w+|)\s+(.*)$ ^libc6-x32(?::\w+|)\s+(.*)$ ^locales(?::\w+|)\s+(.*)$ ^locales-all(?::\w+|)\s+(.*)$ ^nscd(?::\w+|)\s+(.*)$ ^libtinyxml-dev(?::\w+|)\s+(.*)$ ^libtinyxml-doc(?::\w+|)\s+(.*)$ ^libtinyxml2.6.2v5(?::\w+|)\s+(.*)$ ^tar(?::\w+|)\s+(.*)$ ^tar-scripts(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^postfixadmin(?::\w+|)\s+(.*)$ ^netatalk(?::\w+|)\s+(.*)$ ^python3-pydantic(?::\w+|)\s+(.*)$ ^gnome-control-center(?::\w+|)\s+(.*)$ ^gnome-control-center-data(?::\w+|)\s+(.*)$ ^gnome-control-center-dev(?::\w+|)\s+(.*)$ ^gnome-control-center-faces(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^audiofile-tools(?::\w+|)\s+(.*)$ ^libaudiofile-dev(?::\w+|)\s+(.*)$ ^libaudiofile1(?::\w+|)\s+(.*)$ ^libzookeeper-java(?::\w+|)\s+(.*)$ ^libzookeeper-java-doc(?::\w+|)\s+(.*)$ ^libzookeeper-mt-dev(?::\w+|)\s+(.*)$ ^libzookeeper-mt2(?::\w+|)\s+(.*)$ ^libzookeeper-st-dev(?::\w+|)\s+(.*)$ ^libzookeeper-st2(?::\w+|)\s+(.*)$ ^python3-zookeeper(?::\w+|)\s+(.*)$ ^zookeeper(?::\w+|)\s+(.*)$ ^zookeeper-bin(?::\w+|)\s+(.*)$ ^zookeeperd(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^libssh-4(?::\w+|)\s+(.*)$ ^libssh-dev(?::\w+|)\s+(.*)$ ^libssh-doc(?::\w+|)\s+(.*)$ ^libssh-gcrypt-4(?::\w+|)\s+(.*)$ ^libssh-gcrypt-dev(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^libclamunrar9(?::\w+|)\s+(.*)$ ^monit(?::\w+|)\s+(.*)$ ^golang-1.20(?::\w+|)\s+(.*)$ ^golang-1.20-doc(?::\w+|)\s+(.*)$ ^golang-1.20-go(?::\w+|)\s+(.*)$ ^golang-1.20-src(?::\w+|)\s+(.*)$ ^golang-1.21(?::\w+|)\s+(.*)$ ^golang-1.21-doc(?::\w+|)\s+(.*)$ ^golang-1.21-go(?::\w+|)\s+(.*)$ ^golang-1.21-src(?::\w+|)\s+(.*)$ ^python3-twisted(?::\w+|)\s+(.*)$ ^python3-twisted-bin(?::\w+|)\s+(.*)$ ^twisted-doc(?::\w+|)\s+(.*)$ ^libxerces-c-dev(?::\w+|)\s+(.*)$ ^libxerces-c-doc(?::\w+|)\s+(.*)$ ^libxerces-c-samples(?::\w+|)\s+(.*)$ ^libxerces-c3.2(?::\w+|)\s+(.*)$ ^w3m(?::\w+|)\s+(.*)$ ^w3m-img(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^libmail-spf-xs-perl(?::\w+|)\s+(.*)$ ^libspf2-2(?::\w+|)\s+(.*)$ ^libspf2-dev(?::\w+|)\s+(.*)$ ^spfquery(?::\w+|)\s+(.*)$ ^libfreeimage-dev(?::\w+|)\s+(.*)$ ^libfreeimage3(?::\w+|)\s+(.*)$ ^libfreeimageplus-dev(?::\w+|)\s+(.*)$ ^libfreeimageplus-doc(?::\w+|)\s+(.*)$ ^libfreeimageplus3(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^libpam-cracklib(?::\w+|)\s+(.*)$ ^libpam-doc(?::\w+|)\s+(.*)$ ^libpam-modules(?::\w+|)\s+(.*)$ ^libpam-modules-bin(?::\w+|)\s+(.*)$ ^libpam-runtime(?::\w+|)\s+(.*)$ ^libpam0g(?::\w+|)\s+(.*)$ ^libpam0g-dev(?::\w+|)\s+(.*)$ ^filezilla(?::\w+|)\s+(.*)$ ^filezilla-common(?::\w+|)\s+(.*)$ ^libxerces-c-dev(?::\w+|)\s+(.*)$ ^libxerces-c-doc(?::\w+|)\s+(.*)$ ^libxerces-c-samples(?::\w+|)\s+(.*)$ ^libxerces-c3.2(?::\w+|)\s+(.*)$ ^postfix(?::\w+|)\s+(.*)$ ^postfix-cdb(?::\w+|)\s+(.*)$ ^postfix-doc(?::\w+|)\s+(.*)$ ^postfix-ldap(?::\w+|)\s+(.*)$ ^postfix-lmdb(?::\w+|)\s+(.*)$ ^postfix-mysql(?::\w+|)\s+(.*)$ ^postfix-pcre(?::\w+|)\s+(.*)$ ^postfix-pgsql(?::\w+|)\s+(.*)$ ^postfix-sqlite(?::\w+|)\s+(.*)$ ^postfix(?::\w+|)\s+(.*)$ ^postfix-cdb(?::\w+|)\s+(.*)$ ^postfix-doc(?::\w+|)\s+(.*)$ ^postfix-ldap(?::\w+|)\s+(.*)$ ^postfix-lmdb(?::\w+|)\s+(.*)$ ^postfix-mysql(?::\w+|)\s+(.*)$ ^postfix-pcre(?::\w+|)\s+(.*)$ ^postfix-pgsql(?::\w+|)\s+(.*)$ ^postfix-sqlite(?::\w+|)\s+(.*)$ ^libssh-4(?::\w+|)\s+(.*)$ ^libssh-dev(?::\w+|)\s+(.*)$ ^libssh-doc(?::\w+|)\s+(.*)$ ^libssh-gcrypt-4(?::\w+|)\s+(.*)$ ^libssh-gcrypt-dev(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^libapache-session-ldap-perl(?::\w+|)\s+(.*)$ ^paramiko-doc(?::\w+|)\s+(.*)$ ^python3-paramiko(?::\w+|)\s+(.*)$ ^python-jinja2(?::\w+|)\s+(.*)$ ^python-jinja2-doc(?::\w+|)\s+(.*)$ ^python3-jinja2(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^libtinyxml-dev(?::\w+|)\s+(.*)$ ^libtinyxml-doc(?::\w+|)\s+(.*)$ ^libtinyxml2.6.2v5(?::\w+|)\s+(.*)$ ^ceph(?::\w+|)\s+(.*)$ ^ceph-base(?::\w+|)\s+(.*)$ ^ceph-common(?::\w+|)\s+(.*)$ ^ceph-fuse(?::\w+|)\s+(.*)$ ^ceph-immutable-object-cache(?::\w+|)\s+(.*)$ ^ceph-mds(?::\w+|)\s+(.*)$ ^ceph-mgr(?::\w+|)\s+(.*)$ ^ceph-mgr-cephadm(?::\w+|)\s+(.*)$ ^ceph-mgr-dashboard(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-cloud(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-local(?::\w+|)\s+(.*)$ ^ceph-mgr-k8sevents(?::\w+|)\s+(.*)$ ^ceph-mgr-modules-core(?::\w+|)\s+(.*)$ ^ceph-mgr-rook(?::\w+|)\s+(.*)$ ^ceph-mon(?::\w+|)\s+(.*)$ ^ceph-osd(?::\w+|)\s+(.*)$ ^ceph-resource-agents(?::\w+|)\s+(.*)$ ^cephadm(?::\w+|)\s+(.*)$ ^cephfs-shell(?::\w+|)\s+(.*)$ ^libcephfs-dev(?::\w+|)\s+(.*)$ ^libcephfs-java(?::\w+|)\s+(.*)$ ^libcephfs-jni(?::\w+|)\s+(.*)$ ^libcephfs2(?::\w+|)\s+(.*)$ ^librados-dev(?::\w+|)\s+(.*)$ ^librados2(?::\w+|)\s+(.*)$ ^libradospp-dev(?::\w+|)\s+(.*)$ ^libradosstriper-dev(?::\w+|)\s+(.*)$ ^libradosstriper1(?::\w+|)\s+(.*)$ ^librbd-dev(?::\w+|)\s+(.*)$ ^librbd1(?::\w+|)\s+(.*)$ ^librgw-dev(?::\w+|)\s+(.*)$ ^librgw2(?::\w+|)\s+(.*)$ ^python3-ceph(?::\w+|)\s+(.*)$ ^python3-ceph-argparse(?::\w+|)\s+(.*)$ ^python3-ceph-common(?::\w+|)\s+(.*)$ ^python3-cephfs(?::\w+|)\s+(.*)$ ^python3-rados(?::\w+|)\s+(.*)$ ^python3-rbd(?::\w+|)\s+(.*)$ ^python3-rgw(?::\w+|)\s+(.*)$ ^rados-objclass-dev(?::\w+|)\s+(.*)$ ^radosgw(?::\w+|)\s+(.*)$ ^rbd-fuse(?::\w+|)\s+(.*)$ ^rbd-mirror(?::\w+|)\s+(.*)$ ^rbd-nbd(?::\w+|)\s+(.*)$ ^amanda-client(?::\w+|)\s+(.*)$ ^amanda-common(?::\w+|)\s+(.*)$ ^amanda-server(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^libde265-0(?::\w+|)\s+(.*)$ ^libde265-dev(?::\w+|)\s+(.*)$ ^libde265-examples(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^golang-github-opencontainers-runc-dev(?::\w+|)\s+(.*)$ ^runc(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^libde265-0(?::\w+|)\s+(.*)$ ^libde265-dev(?::\w+|)\s+(.*)$ ^libde265-examples(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^python3-ujson(?::\w+|)\s+(.*)$ ^python3-ujson(?::\w+|)\s+(.*)$ ^python-glance-store-doc(?::\w+|)\s+(.*)$ ^python3-glance-store(?::\w+|)\s+(.*)$ ^ovmf(?::\w+|)\s+(.*)$ ^qemu-efi(?::\w+|)\s+(.*)$ ^qemu-efi-aarch64(?::\w+|)\s+(.*)$ ^qemu-efi-arm(?::\w+|)\s+(.*)$ ^login(?::\w+|)\s+(.*)$ ^passwd(?::\w+|)\s+(.*)$ ^uidmap(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^node-ip(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^roundcube(?::\w+|)\s+(.*)$ ^roundcube-core(?::\w+|)\s+(.*)$ ^roundcube-mysql(?::\w+|)\s+(.*)$ ^roundcube-pgsql(?::\w+|)\s+(.*)$ ^roundcube-plugins(?::\w+|)\s+(.*)$ ^roundcube-sqlite3(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^dnsmasq(?::\w+|)\s+(.*)$ ^dnsmasq-base(?::\w+|)\s+(.*)$ ^dnsmasq-base-lua(?::\w+|)\s+(.*)$ ^dnsmasq-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libde265-0(?::\w+|)\s+(.*)$ ^libde265-dev(?::\w+|)\s+(.*)$ ^libde265-examples(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-21-demo(?::\w+|)\s+(.*)$ ^openjdk-21-doc(?::\w+|)\s+(.*)$ ^openjdk-21-jdk(?::\w+|)\s+(.*)$ ^openjdk-21-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre(?::\w+|)\s+(.*)$ ^openjdk-21-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-21-source(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^less(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python-unbound(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^libuv1(?::\w+|)\s+(.*)$ ^libuv1-dev(?::\w+|)\s+(.*)$ ^libcpanel-json-xs-perl(?::\w+|)\s+(.*)$ ^python-openstackclient-doc(?::\w+|)\s+(.*)$ ^python3-openstackclient(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^php-guzzlehttp-psr7(?::\w+|)\s+(.*)$ ^libnode-dev(?::\w+|)\s+(.*)$ ^libnode64(?::\w+|)\s+(.*)$ ^nodejs(?::\w+|)\s+(.*)$ ^nodejs-doc(?::\w+|)\s+(.*)$ ^python-cryptography(?::\w+|)\s+(.*)$ ^python-cryptography-doc(?::\w+|)\s+(.*)$ ^python3-cryptography(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^ruby-image-processing(?::\w+|)\s+(.*)$ ^libc-ares-dev(?::\w+|)\s+(.*)$ ^libc-ares2(?::\w+|)\s+(.*)$ ^libde265-0(?::\w+|)\s+(.*)$ ^libde265-dev(?::\w+|)\s+(.*)$ ^libde265-examples(?::\w+|)\s+(.*)$ ^libgit2-28(?::\w+|)\s+(.*)$ ^libgit2-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^puma(?::\w+|)\s+(.*)$ ^libhtmlcleaner-java(?::\w+|)\s+(.*)$ ^libhtmlcleaner-java-doc(?::\w+|)\s+(.*)$ ^libmqtt-client-java(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^accountsservice(?::\w+|)\s+(.*)$ ^gir1.2-accountsservice-1.0(?::\w+|)\s+(.*)$ ^libaccountsservice-dev(?::\w+|)\s+(.*)$ ^libaccountsservice-doc(?::\w+|)\s+(.*)$ ^libaccountsservice0(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^ovn-central(?::\w+|)\s+(.*)$ ^ovn-common(?::\w+|)\s+(.*)$ ^ovn-controller-vtep(?::\w+|)\s+(.*)$ ^ovn-doc(?::\w+|)\s+(.*)$ ^ovn-docker(?::\w+|)\s+(.*)$ ^ovn-host(?::\w+|)\s+(.*)$ ^ovn-ic(?::\w+|)\s+(.*)$ ^ovn-ic-db(?::\w+|)\s+(.*)$ ^libgoogle-gson-java(?::\w+|)\s+(.*)$ ^libkpathsea-dev(?::\w+|)\s+(.*)$ ^libkpathsea6(?::\w+|)\s+(.*)$ ^libptexenc-dev(?::\w+|)\s+(.*)$ ^libptexenc1(?::\w+|)\s+(.*)$ ^libsynctex-dev(?::\w+|)\s+(.*)$ ^libsynctex2(?::\w+|)\s+(.*)$ ^libtexlua53(?::\w+|)\s+(.*)$ ^libtexlua53-dev(?::\w+|)\s+(.*)$ ^libtexluajit-dev(?::\w+|)\s+(.*)$ ^libtexluajit2(?::\w+|)\s+(.*)$ ^texlive-binaries(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^graphviz(?::\w+|)\s+(.*)$ ^graphviz-doc(?::\w+|)\s+(.*)$ ^libcdt5(?::\w+|)\s+(.*)$ ^libcgraph6(?::\w+|)\s+(.*)$ ^libgraphviz-dev(?::\w+|)\s+(.*)$ ^libgv-guile(?::\w+|)\s+(.*)$ ^libgv-lua(?::\w+|)\s+(.*)$ ^libgv-perl(?::\w+|)\s+(.*)$ ^libgv-php7(?::\w+|)\s+(.*)$ ^libgv-ruby(?::\w+|)\s+(.*)$ ^libgv-tcl(?::\w+|)\s+(.*)$ ^libgvc6(?::\w+|)\s+(.*)$ ^libgvc6-plugins-gtk(?::\w+|)\s+(.*)$ ^libgvpr2(?::\w+|)\s+(.*)$ ^liblab-gamut1(?::\w+|)\s+(.*)$ ^libpathplan4(?::\w+|)\s+(.*)$ ^libxdot4(?::\w+|)\s+(.*)$ ^python3-gv(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^crmsh(?::\w+|)\s+(.*)$ ^crmsh-doc(?::\w+|)\s+(.*)$ ^libnet-cidr-lite-perl(?::\w+|)\s+(.*)$ ^debian-goodies(?::\w+|)\s+(.*)$ ^libodbc1(?::\w+|)\s+(.*)$ ^odbcinst(?::\w+|)\s+(.*)$ ^odbcinst1debian2(?::\w+|)\s+(.*)$ ^unixodbc(?::\w+|)\s+(.*)$ ^unixodbc-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^bsdutils(?::\w+|)\s+(.*)$ ^fdisk(?::\w+|)\s+(.*)$ ^libblkid-dev(?::\w+|)\s+(.*)$ ^libblkid1(?::\w+|)\s+(.*)$ ^libfdisk-dev(?::\w+|)\s+(.*)$ ^libfdisk1(?::\w+|)\s+(.*)$ ^libmount-dev(?::\w+|)\s+(.*)$ ^libmount1(?::\w+|)\s+(.*)$ ^libsmartcols-dev(?::\w+|)\s+(.*)$ ^libsmartcols1(?::\w+|)\s+(.*)$ ^libuuid1(?::\w+|)\s+(.*)$ ^mount(?::\w+|)\s+(.*)$ ^rfkill(?::\w+|)\s+(.*)$ ^util-linux(?::\w+|)\s+(.*)$ ^util-linux-locales(?::\w+|)\s+(.*)$ ^uuid-dev(?::\w+|)\s+(.*)$ ^uuid-runtime(?::\w+|)\s+(.*)$ ^bsdutils(?::\w+|)\s+(.*)$ ^fdisk(?::\w+|)\s+(.*)$ ^libblkid-dev(?::\w+|)\s+(.*)$ ^libblkid1(?::\w+|)\s+(.*)$ ^libfdisk-dev(?::\w+|)\s+(.*)$ ^libfdisk1(?::\w+|)\s+(.*)$ ^libmount-dev(?::\w+|)\s+(.*)$ ^libmount1(?::\w+|)\s+(.*)$ ^libsmartcols-dev(?::\w+|)\s+(.*)$ ^libsmartcols1(?::\w+|)\s+(.*)$ ^libuuid1(?::\w+|)\s+(.*)$ ^mount(?::\w+|)\s+(.*)$ ^rfkill(?::\w+|)\s+(.*)$ ^util-linux(?::\w+|)\s+(.*)$ ^util-linux-locales(?::\w+|)\s+(.*)$ ^uuid-dev(?::\w+|)\s+(.*)$ ^uuid-runtime(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^libmaven-shared-utils-java(?::\w+|)\s+(.*)$ ^libmaven-shared-utils-java-doc(?::\w+|)\s+(.*)$ ^yard(?::\w+|)\s+(.*)$ ^yard-doc(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^libnss-libvirt(?::\w+|)\s+(.*)$ ^libvirt-clients(?::\w+|)\s+(.*)$ ^libvirt-daemon(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-lxc(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-qemu(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-gluster(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-rbd(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-zfs(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-vbox(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-xen(?::\w+|)\s+(.*)$ ^libvirt-daemon-system(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-systemd(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-sysv(?::\w+|)\s+(.*)$ ^libvirt-dev(?::\w+|)\s+(.*)$ ^libvirt-doc(?::\w+|)\s+(.*)$ ^libvirt-sanlock(?::\w+|)\s+(.*)$ ^libvirt-wireshark(?::\w+|)\s+(.*)$ ^libvirt0(?::\w+|)\s+(.*)$ ^libnode-dev(?::\w+|)\s+(.*)$ ^libnode64(?::\w+|)\s+(.*)$ ^nodejs(?::\w+|)\s+(.*)$ ^nodejs-doc(?::\w+|)\s+(.*)$ ^klibc-utils(?::\w+|)\s+(.*)$ ^libklibc(?::\w+|)\s+(.*)$ ^libklibc-dev(?::\w+|)\s+(.*)$ ^glibc-doc(?::\w+|)\s+(.*)$ ^glibc-source(?::\w+|)\s+(.*)$ ^libc-bin(?::\w+|)\s+(.*)$ ^libc-dev-bin(?::\w+|)\s+(.*)$ ^libc6(?::\w+|)\s+(.*)$ ^libc6-amd64(?::\w+|)\s+(.*)$ ^libc6-armel(?::\w+|)\s+(.*)$ ^libc6-dev(?::\w+|)\s+(.*)$ ^libc6-dev-amd64(?::\w+|)\s+(.*)$ ^libc6-dev-armel(?::\w+|)\s+(.*)$ ^libc6-dev-i386(?::\w+|)\s+(.*)$ ^libc6-dev-s390(?::\w+|)\s+(.*)$ ^libc6-dev-x32(?::\w+|)\s+(.*)$ ^libc6-i386(?::\w+|)\s+(.*)$ ^libc6-lse(?::\w+|)\s+(.*)$ ^libc6-pic(?::\w+|)\s+(.*)$ ^libc6-prof(?::\w+|)\s+(.*)$ ^libc6-s390(?::\w+|)\s+(.*)$ ^libc6-x32(?::\w+|)\s+(.*)$ ^locales(?::\w+|)\s+(.*)$ ^locales-all(?::\w+|)\s+(.*)$ ^nscd(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil(?::\w+|)\s+(.*)$ ^python-pil.imagetk(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^ruby-sanitize(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^zabbix-agent(?::\w+|)\s+(.*)$ ^zabbix-frontend-php(?::\w+|)\s+(.*)$ ^zabbix-java-gateway(?::\w+|)\s+(.*)$ ^zabbix-proxy-mysql(?::\w+|)\s+(.*)$ ^zabbix-proxy-pgsql(?::\w+|)\s+(.*)$ ^zabbix-proxy-sqlite3(?::\w+|)\s+(.*)$ ^zabbix-server-mysql(?::\w+|)\s+(.*)$ ^zabbix-server-pgsql(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^libjs-cryptojs(?::\w+|)\s+(.*)$ ^libnghttp2-14(?::\w+|)\s+(.*)$ ^libnghttp2-dev(?::\w+|)\s+(.*)$ ^libnghttp2-doc(?::\w+|)\s+(.*)$ ^nghttp2(?::\w+|)\s+(.*)$ ^nghttp2-client(?::\w+|)\s+(.*)$ ^nghttp2-proxy(?::\w+|)\s+(.*)$ ^nghttp2-server(?::\w+|)\s+(.*)$ ^cpio(?::\w+|)\s+(.*)$ ^cpio-win32(?::\w+|)\s+(.*)$ ^less(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^node-json5(?::\w+|)\s+(.*)$ ^gerbv(?::\w+|)\s+(.*)$ ^anope(?::\w+|)\s+(.*)$